| With the fast development of Internet,Cloud Computing has been widely used around the world as a computing model.The users are enabled ubiquitous,convenient,on demand network access to a shared pool of configurable computing resources.And only with minimal management effort or service provider interaction,it can be rapidly provisioned and released.As a result of cloud computing's benefits,increasing number of enterprises have outsource business in cloud computing.Through outsourcing,users can release from heavy computation and management.Besides,users can utilized the massive computational resource at a lower cost in a pay-per-use manner.However,outsourcing data and application in cloud computing also relinquishes the user's direct control over their own data and application.Consequently,the sensitive or privacy which may be involved in the data and application are exposed to the cloud service provider.Unfortunately,cloud may intend to analyze the data so as to mine potential information.Therefore,outsourcing in cloud computing also brings in new security concerns and challenges towards this promising computing model.This thesis focuses on secure outsourcing in cloud computing and its related techniques.The main contributions are as follows:(a)Secure Outsourcing of Extreme Learning Machine in Cloud Computing for Big Data: a secure and practical mechanism of outsourcing extreme learning machine in cloud computing is proposed.In big data era,data size is enlarging and data structure is increasingly complex,which makes ELM over large-scale data a challenging task.Through analysis of ELM's algorithm complexity and performance,the bottleneck of ELM are found,calculating Moore-Penrose generalized inverse.of the hidden layers' output matrix.Based on the observation,native ELM algorithm is explicitly decomposed into private part and public part.The private part is executed locally and is responsible for the random assignment of hidden nodes' parameters and the calculation of output weight matrix.The public part is mainly in charge of calculation the Moore-Penrose generalized inverse.After that,the generalized inverse is fed back to the user.The user can verify the corectness and soundness of the result,and then analytically determine the output weight matrix.Plus,some optimization policy,such as pipeline paralleliztion and batching,are exployed to further speedup the training of ELM.Theoretical analysis show that the proposed outsourcing mechanism can assure the confidentiality of ELM's input and output.Experiments illustrate that it can achieve higher training speed and release the users from heavy computaiton.(b)Advanced Deploy Policy for Outsourcing Extreme Learning Machine in Cloud Computing: an advanced deploy policy for outsourcing extreme learning machine in cloud computing is proposed.In previous contribution,Singular Value Decomposition is used to calculate the generalized inverse,which adapts to all types of hidden layer's output matrix.As the matrix size is potentially huge,the communication between the users and cloud service providers would be time-consuming which could exhaust the performace improvement via outsourcing.In this contribution,an alternative method(Orthogonal Project Method)is used to calculate the generalized inverse.The matrix multiplication of hidden layer's output matrix's transpose and itself is sent to cloud service provider.To improve the generalization performance,a positive value can be added to the diagonal of the matrix.Cloud computing are mainly resposible for calculating its inverse.The advanced deploy policy can dramatically reduce the communication delay between the user and the cloud.As the cloud service provider cannot derive the training sample or trained ELM network from the matrix,the confidentiality and privacy of input and output are guaranteed.Additionally,it can improve the traning speed of ELM.(3)Outsourcing ELM in Cloud Computing from Multi-Parties Cooperation: a Multi-parties Cooperation Outsourcing Mechanism for ELM is proposed.Different parties may compete and also cooperate in different ways,horizontal way and vertical way.In horizontal way,different parties contribute different data samples with the same features.To guarantee the confidentiality among attending parties,a primary party is voted or a trusted third party is delegated to take charge of generating hidden nodes parameters randomly.In vertical way,different parties contribute different features for the same data event.Each party is responsible for generating the related row vector of imput weight matrix and calculating the corresponding submatrix of the hidden layer's output matrix.At primary party or the trusted third-party,output matrix are aggregated and then sent to the cloud computing.(4)Security Issue of Protecting the Primary Party or the Trusted Third-party: A TCP-friendly AQM to mitigate LDDoS attacks.As long as the trusted party compromized,the protecting of data security and privacy whould be affected severely.LDDoS attack,a stealthier and more efficient variant of DoS attacks brings in huge challenge to the detection and protection.Unfortunately,most of existing AQM algorithms are vulnerable to LDDoS attacks.While the existing Robust Random Early Detection(RRED)algorithm can preserve normal TCP throughput under various LDDoS attacks,it fails to maintain the fairness among TCP flows and counter LDDoS attacks with spoofed source addresses.The essential character of LDDoS attacks is to cause the network congest,rather than avoiding the congest.Based on this observation,Fair Robust Random Early Detection algorithm(FRRED)is proposed to improve the performance in the above two aspects.The key mechanism of FRRED is the Detection of Attack Suspect Packets,as well as the “Protocol-based Hash Partitioning” which segregates the records of UDP and TCP flows maintained at the first level of the Bloom Filter structure.Simulation results show that,compared with RRED and several existing AQM algorithms,FRRED can tackle address-spoofing LDDoS attacks,preserve the TCP throughput,and enforce fairness among TCP flows under diverse LDDoS attacks. |
PDF Full Text Request