ABSTRACT
Distributed software applications are one of the most important applications currently used. Rising demand has led to a rapid increase in the number and complexity of distributed software applications. Such applications are also more vulnerable to different types of attacks due to their distributed nature. Detecting and addressing attacks is an open issue concerning distributed software applications. This paper proposes a new mechanism that uses blockchain technology to devise a security testing mechanism to detect attacks on distributed software applications. The proposed mechanism can detect several categories of attacks, such as denial-of-service attacks, malware and others. The process starts by creating a static blockchain (Blockchain Level 1) that stores the software application sequence obtained using software testing techniques. This sequence information exposes weaknesses in the application code. When the application is executed, a dynamic blockchain (Blockchain Level 2) helps create a static blockchain for recording the responses expected from the application. Every response should be validated using the proposed consensus mechanism associated with static and dynamic blockchains. Valid responses indicate the absence of attacks, while invalid responses denote attacks.
ABSTRACT
Hadoop has become a promising platform to reliably process and store big data. It provides flexible and low cost services to huge data through Hadoop Distributed File System (HDFS) storage. Unfortunately, absence of any inherent security mechanism in Hadoop increases the possibility of malicious attacks on the data processed or stored through Hadoop. In this scenario, securing the data stored in HDFS becomes a challenging task. Hence, researchers and practitioners have intensified their efforts in working on mechanisms that would protect user's information collated in HDFS. This has led to the development of numerous encryption-decryption algorithms but their performance decreases as the file size increases. In the present study, the authors have enlisted a methodology to solve the issue of data security in Hadoop storage. The authors have integrated Attribute Based Encryption with the honey encryption on Hadoop, i.e., Attribute Based Honey Encryption (ABHE). This approach works on files that are encoded inside the HDFS and decoded inside the Mapper. In addition, the authors have evaluated the proposed ABHE algorithm by performing encryption-decryption on different sizes of files and have compared the same with existing ones including AES and AES with OTP algorithms. The ABHE algorithm shows considerable improvement in performance during the encryption-decryption of files.
