International Journal of Computer Systems (ISSN: 2394-1065), Volume 03 Issue 05, May, 2016

Available at http://www.ijcsonline.com/

A Decentralized Framework for Cloud Resources Provisioning with Malware

Detection
A

Deepika A, BPrabadevi B

A
Student, School of Information Technology and Engineering, VIT University, India
Assistant Professor School of Information Technology and Engineering, VIT University, India
A
deepikaanandms@yahoo.com, Bprabadevi.b@vit.ac.in

Abstract
Despite the cloud computing is promising model , security has concretely, cloud platform is under numerous attacks So
people hesitate to transfer their application into cloud Therefore, an efficient firewall is required to protect cloud from
these attacks will increase the impact of cloud among its users. However, setting up a centralized firewall for a whole
cloud data centre is infeasible from both financial and performance aspects. A decentralized cloud firewall framework is
proposed. The cloud firewall is offered by Cloud Service Providers (CSP) and placed at access points between cloud
data centre and the Internet. Individual cloud customer rents the firewall for protecting his cloud hosted applications.
Hosting servers of applications are grouped into several clusters, and resources are then dynamically allocated to set up
an individual firewall for each cluster. All these parallel firewalls will work together to monitor incoming packets, and
guarantee QoS requirement specified by cloud customers at the same time. It also detects the malware, if there is any
malware in the file while uploading into the cloud; it is detected and gives an alert.
Keywords: Cloud Computing, Resource allocation, Malware detection, decentralized cloud firewall.

I.

INTRODUCTION

Cloud Computing is the popular technology in the IT

industry [2]. It provides large volume of hardware and
software recourses to the customers if the need it . The
cloud computing is broadly classified into three types
Platformas-a-service (PaaS),Software-as-service(SaaS),
Infracture-as-a-service(IaaS).
Even though cloud computing is used to store large
amount of application people hesitate to transfer their
application in to cloud because of the security
problem[3].Some of the attacks are still exist in the cloud
the attacks like Distributed denial of service attack
(DDoS),Viruses, phishing attacks. A new specific attacks
also have been found in the cloud called Economic denial
of sustainability(EDoS)[4]attacks, Virtual Machine attacks
(VM) [5].So it is necessary to provide a cloud firewall to
protect the Cloud data centres for those attacks Firewall
provides a major role to protect the cloud form the
malicious attacks. In this paper we have proposed the
decentralized the cloud firewall framework. The cloud
firewall is offered by Cloud Service Providers
(CSP).Individual cloud customer rents the firewall for
protecting his cloud hosted applications. Cloud service
provider will allocate resources to each VM and they will
provide a cost for each VM .Cloud firewall providers need
to optimize resources provisioning cost, which offers a
chance of lowering the cloud firewall price to the
customers without reducing providers profit. Meanwhile
the QoS requirement asked by the customer will be
satisfied. Firewall also detects the malware, while
uploading the file into the cloud if the file contains any
malware the firewall detects the malware and alert us that
this file contain malware not to upload the malware

affected file into the cloud. This allows us to upload only

the attack free file into the cloud.
II.

METHODOLOGY AND BACKGROUND WORK

Cloud computing it will make the software more

attractive as a service and it will also shape the IT
hardware, it has the potential to transform a large part of
the IT industry. Developers with more innovative ideas
for new Internet services does not require the large capital
outlays in hardware to deploy their service or the human
expense to operate it. The developers no need to take
concerned about over provisioning for a service their
popularity does not meet their predictions, so wasting
costly resources, or under provisioning for one that
becomes wildly popular, thus missing potential customers
and revenue.
Development in the recent technology is the reason for
the success and popularity of cloud computing. The major
critical concern for the security and privacy issues is
outsourcing the data and business application to a third
party. With the through study about the security and
privacy issues In the cloud five attributes have been
identified they are confidentiality, integrity, availability,
accountability, and privacy-preservability.
Network firewalls which act as the first line of defense
against malicious traffic unwanted attacks that targeting
Internet servers. It is difficult for the network security
engineers and designers to predict the overall firewall
performance by assessing the effectiveness of firewalls
against DDoS (Distributed Denial of Service) attacks .A
study have been conducted to analyze the performance of
rule-based firewalls when subjected to normal traffic flows
and also DoS attack flows targeting different rule positions.

388 | International Journal of Computer Systems, ISSN-(2394-1065), Vol. 03, Issue 05, May, 2016

Deepika A et al

A Decentralized Framework for Cloud Resources Provisioning with Malware Detection

Cloud is a dominant computing platform. However,

there is a way to protect cloud data centers. In case of
complex attacks, the traditional packet level firewall
mechanism is not suitable for cloud platforms because the
cloud usually hosts much different type of applications. It
is necessary to perform detection at the event level.
Moreover, protecting objects are more diverse than the
traditional firewall. Motivated by this, here a general
framework of cloud firewall is proposed. We establish a
mathematical model for the proposed framework.

III.

PROBLEM DEFINITION

Cloud Computing is one of the emerging technology in

the IT industry. Even though it is a popular technology
security is major problem still exist in cloud because
cloud platform is under numerous attacks like viruses
,phishing attack and some of the traditional attacks like
DDoS (Distributed Denial of Service attack) economic
Distributed denial of sustainability(EDoS)attacks etc.. So,
we need an efficient firewall to protect cloud from attacks.
However, setting up a centralized firewall for a whole
cloud data centre is infeasible in case of performance.
IV.

The formula for calculating the resource provisioning

cost is given below (i).
Implementation Steps :
The following is the steps for the implementation of
the system.
1. The data owner has to login using their login ID
and password
2. The Data Owner has to select the file to upload into
the cloud
3. The firewall will check whether the file contain any
threat.
4. If the file contain any threat it will alert us not to
upload the file
5. Then user has to select the other file which does not
contain any threat and then upload the file into
cloud.
6. After the file has been uploaded the data user who
want that file can download that file

SOLUTION

An efficient cloud firewall is provided to protect the

cloud from the attacks, because Firewall provides a major
role to protect the cloud form the malicious attacks
However, setting up a centralized firewall for a whole
cloud data centre is infeasible in case of both financial
and performance aspect. A decentralized cloud firewall
framework is proposed. The cloud firewall is provided by
Cloud Service Providers (CSP) Individual cloud customer
rents the firewall for protecting his cloud hosted
applications. Cloud providers will provide the required
service needed by the cloud user. Hence for providing
security purpose, the decentralized server is used for
increasing the security level of the particular cloud user.
The decentralized server is specifically used for providing
the quality of service to the cloud users. Cloud firewall
providers need to optimize resources provisioning cost,
which offers a chance of lowering the cloud firewall price
to the customers without reducing providers profit. The
Cloud service provider will allocate resources to each VM
and they will provide a cost for each VM They offer a
chance of lowering the cost to the customer without
reducing the providers profit. Meanwhile the QoS
requirement asked by the customer will be satisfied. In the
proposed system we also included the detection of malware
. While uploading the file into the cloud if the file contains
any malware the firewall detects the malware and alert us
that this file contains malware not to upload the malware
affected file into the cloud .This allow us to upload only the
attack free file into the cloud. The performance analysis of
cloud firewall is determined by novel queuing theory based
model. M/Geo/1 or M/Geo/m for performance analysis of
the proposed cloud firewall By employing Z-transform.
And embedded Markov chain techniques,[6]resource
providing cost optimization. Our main goal is to optimize
the resource provisioning cost. while satisfying the QoS
requirement here the QoS requirement means mean packet
response time.

V.

ABBREVATION AND ACRONYMS

CSP - Cloud Service Provider

DDoS - Distributed Denial of Service attack
EDoS - Economic Denial of Sustainability
VM
IT

- Virtual Machine
- Information Technology

QoS - Quality of service

VI.

ARCHITECTURE DIAGRAM

The Overall architecture diagram

Figure 1.Architecture diagram

389 | International Journal of Computer Systems, ISSN-(2394-1065), Vol. 03, Issue 05, May, 2016

Deepika A et al

A Decentralized Framework for Cloud Resources Provisioning with Malware Detection

VII. EQUATION
The main goal is to minimize the cost .while satisfying
the QoS requirement here the QoS requirement means
mean packet response time.
The resources provisioning cost is formulated as

resource provisioning cost optimization and also detection

of malware while uploading the file into cloud .In the
proposed paper the firewall detects commonly all types of
viruses in the future we can find the different type of
viruses ,while uploading the file into cloud if it contain
virus it will detect and show what kind of virus that file has
contain and function of that virus and firewall will not
allow that to enter into cloud.

REFERENCES
[1]

(i)
Where

[2]

Tn=time interval that csp charge the VM

Ta=average attack duration in Tn

[3]

Pj=price of VM instance Vj
J and K = unit price of VM

[4]

The formula is defined as (Time*price)during attack

and non-attack period .

[5]

VIII. RESULT
The screen shots acquired from the result

M. Liu, W. Dou, S. Yu and Z. Zhang, "A Decentralized Cloud

Firewall Framework with Resources Provisioning Cost
Optimization," in IEEE Transactions on Parallel and Distributed
Systems, vol. 26, no. 3, pp. 621-631, March 1 2015.
M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. Katz, A.
Konwinski. Lee, D. Patterson, A. Rabkin, I. Stoicaet al., A view of
cloud computing, Communications of the ACM, vol. 53, no. 4,pp.
5058, 2010.
Z. Xiao and Y. Xiao, Security and privacy in cloud
computing,IEEE Communications Surveys and Tutorials, no. in
press, 2013.
B.Prabadevi, N.Jeyanthi, Distributed Denial of service Attacks and
its effects on Cloud Environment- a Survey 2014 IEEE
International Symposium on Networks, Computers and
Communications ,17-19 June 2014 pp.1-5.
H. Khazaei, J. Misic, and V. B. Misic, Performance analysis of
cloud computing centers using m/g/m/m+ r queuing systems,
Parallel and Distributed Systems, IEEE Transactions on, vol. 23,
no. 5 pp. 936943, 2012.

Figure 2.Upload File

Figure 3.Malware checking

IX.

CONCLUSION AND FUTURE WORK

In this paper we have proposed the decentralized

firewall for the individual cloud customer along with
390 | International Journal of Computer Systems, ISSN-(2394-1065), Vol. 03, Issue 05, May, 2016