Bidyut Mukherjee | University of Missouri Columbia (original) (raw)
Uploads
Papers by Bidyut Mukherjee
2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud), 2017
IoT (Internet of Things) devices such as sensors have been actively used in 'fogs' to provide cri... more IoT (Internet of Things) devices such as sensors have been actively used in 'fogs' to provide critical data during e.g., disaster response scenarios or in-home healthcare. Since IoT devices typically operate in resource-constrained computing environments at the network-edge, data transfer performance to the cloud as well as end-to-end security have to be robust and customizable. In this paper, we present the design and implementation of a middleware featuring "intermittent" and "flexible" end-to-end security for cloud-fog communications. Intermittent security copes with unreliable network connections, and flexibility is achieved through security configurations that are tailored to application needs. Our experiment results show how our middleware that leverages static pre-shared keys forms a promising solution for delivering lightweight , fast and resource-aware security for a variety of IoT-based applications.
IEEE Transactions on Network and Service Management, 2020
With the increase of DDoS attacks, resource adaptation schemes need to be effective to protect cr... more With the increase of DDoS attacks, resource adaptation schemes need to be effective to protect critical cloudhosted applications. Specifically, they need to be adaptable to attack behavior, and be dynamic in terms of resource utilization. In this paper, we propose an intelligent strategy for proactive and reactive application migration by leveraging the concept of 'moving target defense' (MTD). The novelty of our approach lies in: (a) stochastic proactive migration frequency minimization across heterogeneous cloud resources to optimize migration management overheads, (b) market-driven migration location selection during proactive migration to optimize resource utilization, cloud service providers (CSPs) cost and user quality of experience, and (c) fast converging cost-minimizing reactive migration coupled with a 'false reality' pretense to reduce the future attack success probability. We evaluate the effectiveness of our proposed MTD-based defense strategy using a Softwaredefined Networking (SDN) enabled GENI Cloud testbed for a "Just-in-time news articles and video feeds" application. Our frequency minimization results show more than 40% reduction in DDoS attack success rate in the best cases when compared to the traditional periodic migration schemes on homogeneous cloud resources. The results also show that our market-driven migration location selection strategy decreases CSP cost and increases resource utilization by 30%.
Future Generation Computer Systems, 2018
IoT (Internet of Things) based smart devices such as sensors have been actively used in edge clou... more IoT (Internet of Things) based smart devices such as sensors have been actively used in edge clouds i.e., 'fogs' along with public clouds. They provide critical data during scenarios ranging from e.g., disaster response to in-home healthcare. However, for these devices to work effectively, end-to-end security schemes for the device communication protocols have to be flexible and should depend upon the application requirements as well as the resource constraints at the network-edge. In this paper, we present the design and implementation of a flexible IoT security middleware for end-to-end cloud-fog communications involving smart devices and cloud-hosted applications. The novel features of our middleware are in its ability to cope with intermittent network connectivity as well as device constraints in terms of computational power, memory, energy, and network bandwidth. To provide security during intermittent network conditions, we use a 'Session Resumption' algorithm in order for our middleware to reuse encrypted sessions from the recent past, if a recently disconnected device wants to resume a prior connection that was interrupted. In addition, we describe an 'Optimal Scheme Decider' algorithm that enables our middleware to select the best possible end-to-end security scheme option that matches with a given set of device constraints. Experiment results show how our middleware implementation also provides fast and resource-aware security by leveraging static properties i.e., static pre-shared keys (PSKs) for a variety of IoT-based application requirements that have trade-offs in higher security or faster data transfer rates.
Future Generations Computer Systems, 2018
IoT (Internet of Things) based smart devices such as sensors have been actively used in edge clou... more IoT (Internet of Things) based smart devices such as sensors have been actively used in edge clouds i.e., 'fogs' along with public clouds. They provide critical data during scenarios ranging from e.g., disaster response to in-home healthcare. However, for these devices to work effectively, end-to-end security schemes for the device communication protocols have to be flexible and should depend upon the application requirements as well as the resource constraints at the network-edge. In this paper, we present the design and implementation of a flexible IoT security middleware for end-to-end cloud-fog communications involving smart devices and cloud-hosted applications. The novel features of our middleware are in its ability to cope with intermittent network connectivity as well as device constraints in terms of computational power, memory, energy, and network bandwidth. To provide security during intermittent network conditions, we use a 'Session Resumption' algorithm in order for our middleware to reuse encrypted sessions from the recent past, if a recently disconnected device wants to resume a prior connection that was interrupted. In addition, we describe an 'Optimal Scheme Decider' algorithm that enables our middleware to select the best possible end-to-end security scheme option that matches with a given set of device constraints. Experiment results show how our middleware implementation also provides fast and resource-aware security by leveraging static properties i.e., static pre-shared keys (PSKs) for a variety of IoT-based application requirements that have trade-offs in higher security or faster data transfer rates.
Conference Presentations by Bidyut Mukherjee
IEEE CSCloud, 2017
IoT (Internet of Things) devices such as sensors have been actively used in 'fogs' to provide cri... more IoT (Internet of Things) devices such as sensors have been actively used in 'fogs' to provide critical data during e.g., disaster response scenarios or in-home healthcare. Since IoT devices typically operate in resource-constrained computing environments at the network-edge, data transfer performance to the cloud as well as end-to-end security have to be robust and customizable. In this paper, we present the design and implementation of a middleware featuring "intermittent" and "flexible" end-to-end security for cloud-fog communications. Intermittent security copes with unreliable network connections, and flexibility is achieved through security configurations that are tailored to application needs. Our experiment results show how our middleware that leverages static pre-shared keys forms a promising solution for delivering lightweight , fast and resource-aware security for a variety of IoT-based applications.
2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud), 2017
IoT (Internet of Things) devices such as sensors have been actively used in 'fogs' to provide cri... more IoT (Internet of Things) devices such as sensors have been actively used in 'fogs' to provide critical data during e.g., disaster response scenarios or in-home healthcare. Since IoT devices typically operate in resource-constrained computing environments at the network-edge, data transfer performance to the cloud as well as end-to-end security have to be robust and customizable. In this paper, we present the design and implementation of a middleware featuring "intermittent" and "flexible" end-to-end security for cloud-fog communications. Intermittent security copes with unreliable network connections, and flexibility is achieved through security configurations that are tailored to application needs. Our experiment results show how our middleware that leverages static pre-shared keys forms a promising solution for delivering lightweight , fast and resource-aware security for a variety of IoT-based applications.
IEEE Transactions on Network and Service Management, 2020
With the increase of DDoS attacks, resource adaptation schemes need to be effective to protect cr... more With the increase of DDoS attacks, resource adaptation schemes need to be effective to protect critical cloudhosted applications. Specifically, they need to be adaptable to attack behavior, and be dynamic in terms of resource utilization. In this paper, we propose an intelligent strategy for proactive and reactive application migration by leveraging the concept of 'moving target defense' (MTD). The novelty of our approach lies in: (a) stochastic proactive migration frequency minimization across heterogeneous cloud resources to optimize migration management overheads, (b) market-driven migration location selection during proactive migration to optimize resource utilization, cloud service providers (CSPs) cost and user quality of experience, and (c) fast converging cost-minimizing reactive migration coupled with a 'false reality' pretense to reduce the future attack success probability. We evaluate the effectiveness of our proposed MTD-based defense strategy using a Softwaredefined Networking (SDN) enabled GENI Cloud testbed for a "Just-in-time news articles and video feeds" application. Our frequency minimization results show more than 40% reduction in DDoS attack success rate in the best cases when compared to the traditional periodic migration schemes on homogeneous cloud resources. The results also show that our market-driven migration location selection strategy decreases CSP cost and increases resource utilization by 30%.
Future Generation Computer Systems, 2018
IoT (Internet of Things) based smart devices such as sensors have been actively used in edge clou... more IoT (Internet of Things) based smart devices such as sensors have been actively used in edge clouds i.e., 'fogs' along with public clouds. They provide critical data during scenarios ranging from e.g., disaster response to in-home healthcare. However, for these devices to work effectively, end-to-end security schemes for the device communication protocols have to be flexible and should depend upon the application requirements as well as the resource constraints at the network-edge. In this paper, we present the design and implementation of a flexible IoT security middleware for end-to-end cloud-fog communications involving smart devices and cloud-hosted applications. The novel features of our middleware are in its ability to cope with intermittent network connectivity as well as device constraints in terms of computational power, memory, energy, and network bandwidth. To provide security during intermittent network conditions, we use a 'Session Resumption' algorithm in order for our middleware to reuse encrypted sessions from the recent past, if a recently disconnected device wants to resume a prior connection that was interrupted. In addition, we describe an 'Optimal Scheme Decider' algorithm that enables our middleware to select the best possible end-to-end security scheme option that matches with a given set of device constraints. Experiment results show how our middleware implementation also provides fast and resource-aware security by leveraging static properties i.e., static pre-shared keys (PSKs) for a variety of IoT-based application requirements that have trade-offs in higher security or faster data transfer rates.
Future Generations Computer Systems, 2018
IoT (Internet of Things) based smart devices such as sensors have been actively used in edge clou... more IoT (Internet of Things) based smart devices such as sensors have been actively used in edge clouds i.e., 'fogs' along with public clouds. They provide critical data during scenarios ranging from e.g., disaster response to in-home healthcare. However, for these devices to work effectively, end-to-end security schemes for the device communication protocols have to be flexible and should depend upon the application requirements as well as the resource constraints at the network-edge. In this paper, we present the design and implementation of a flexible IoT security middleware for end-to-end cloud-fog communications involving smart devices and cloud-hosted applications. The novel features of our middleware are in its ability to cope with intermittent network connectivity as well as device constraints in terms of computational power, memory, energy, and network bandwidth. To provide security during intermittent network conditions, we use a 'Session Resumption' algorithm in order for our middleware to reuse encrypted sessions from the recent past, if a recently disconnected device wants to resume a prior connection that was interrupted. In addition, we describe an 'Optimal Scheme Decider' algorithm that enables our middleware to select the best possible end-to-end security scheme option that matches with a given set of device constraints. Experiment results show how our middleware implementation also provides fast and resource-aware security by leveraging static properties i.e., static pre-shared keys (PSKs) for a variety of IoT-based application requirements that have trade-offs in higher security or faster data transfer rates.
IEEE CSCloud, 2017
IoT (Internet of Things) devices such as sensors have been actively used in 'fogs' to provide cri... more IoT (Internet of Things) devices such as sensors have been actively used in 'fogs' to provide critical data during e.g., disaster response scenarios or in-home healthcare. Since IoT devices typically operate in resource-constrained computing environments at the network-edge, data transfer performance to the cloud as well as end-to-end security have to be robust and customizable. In this paper, we present the design and implementation of a middleware featuring "intermittent" and "flexible" end-to-end security for cloud-fog communications. Intermittent security copes with unreliable network connections, and flexibility is achieved through security configurations that are tailored to application needs. Our experiment results show how our middleware that leverages static pre-shared keys forms a promising solution for delivering lightweight , fast and resource-aware security for a variety of IoT-based applications.