Ragib Hasan

Cloud computing provides software, platform, and infrastructure as a service that helps organizations to perform several resource intensive tasks. The services offered by a cloud service provider are limited by provider-specific options in terms of the pre-specified configurations. Moreover, it is sometimes expensive to pay a fixed amount of money without any format of negotiation or price-matching deals for the cloud-based services and resources. Conversely, the negotiator-based model for… Show more

Cloud computing provides software, platform, and infrastructure as a service that helps organizations to perform several resource intensive tasks. The services offered by a cloud service provider are limited by provider-specific options in terms of the pre-specified configurations. Moreover, it is sometimes expensive to pay a fixed amount of money without any format of negotiation or price-matching deals for the cloud-based services and resources. Conversely, the negotiator-based model for opaque services has gained popularity in various markets, such as, for flights, hotels, and rentals. We posit that a similar opaque inventory for cloud-based services and resources is the next generation niche for consumer acquisition and service delivery in the cloud computing market. Such a model will facilitate the clients with flexible resource and service provisioning at reasonable prices, and will also allow a higher revenue and increase resource utilization for cloud service providers. In this paper, we propose Litigo, a cost-driven model for opaque service platforms for cloud computing. The Litigo component acts as a middle-man to deliver cloud-based services from a set of cloud service providers to the end users. We present a detailed cost model and comparison between establishing a cloud service vs. an opaque cloud service. Our empirical framework allows a Litigo service provider to analyze the profit model and creates the market niche accordingly. We performed extensive analysis using simulated model verification for Litigo. The proposed model delivers an opaque cloud as a service to clients at a reasonable price by maximizing the resource utilization and revenue of cloud service providers.
Show less

The Internet-of-Things paradigm has already started being utilized in numerous domains like e-Health, e-Home, e-Commerce, e-Trafficking, etc. Soon enough, there will be many more domains added too. This rapid expansion of Internet-of-Things, definitely, will make possible attackers more inquisitive about interconnected objects and networks, as their goal is to perform malicious acts using Internet-of-Things’ vulnerabilities in order to destroy the equilibrium of this ecosystem. Therefore… Show more

The Internet-of-Things paradigm has already started being utilized in numerous domains like e-Health, e-Home, e-Commerce, e-Trafficking, etc. Soon enough, there will be many more domains added too. This rapid expansion of Internet-of-Things, definitely, will make possible attackers more inquisitive about interconnected objects and networks, as their goal is to perform malicious acts using Internet-of-Things’ vulnerabilities in order to destroy the equilibrium of this ecosystem. Therefore, security researchers should not be delayed to scrutinize every single component of Internet-of-Things in order to make this ecosystem secure, before it is too late. Internet-of-Things’ security may also be of a much higher importance comparing to ordinary computer system’s security, considering that it is affecting human lives and lifestyle. Thus, any weakness in its security can lead to irreparable damages. In light of the above, this literary article consists of analysis of Internet-of- Things’ attack surfaces, threat models, security issues, requirements and challenges. Moreover, the need and methodology unto Internet-of-Things forensics, in case of Internet-of-Things crime, has been outlined. Show less

Since the number of potential malicious URLs from diverse sources is large, URL deduplication is needed for the efficient identification of malicious websites. URL Deduplication- as-a-Service (UDaaS) was developed to help a URL analyst to deploy and manage a cloud-based distributed and parallel URL deduplication infrastructure easily; this can improve the performance of malicious websites detection while reducing duplication and quantity of local storage requirements.

Cloud computing has emerged as a popular computing paradigm in recent years. However, today's cloud computing architectures often lack support for computer forensic investigations. Analyzing various logs (e.g., process logs, network logs) plays a vital role in computer forensics. Unfortunately, collecting logs from a cloud is very hard given the black-box nature of clouds and the multi-tenant cloud models, where many users share the same processing and network resources. Researchers have… Show more

Cloud computing has emerged as a popular computing paradigm in recent years. However, today's cloud computing architectures often lack support for computer forensic investigations. Analyzing various logs (e.g., process logs, network logs) plays a vital role in computer forensics. Unfortunately, collecting logs from a cloud is very hard given the black-box nature of clouds and the multi-tenant cloud models, where many users share the same processing and network resources. Researchers have proposed using log API or cloud management console to mitigate the challenges of collecting logs from cloud infrastructure. However, there has been no concrete work, which shows how to provide cloud logs to investigator while preserving users' privacy and integrity of the logs. In this paper, we introduce Secure-Logging-as-a-Service (SecLaaS), which stores virtual machines' logs and provides access to forensic investigators ensuring the confidentiality of the cloud users. Additionally, SeclaaS preserves proofs of past log and thus protects the integrity of the logs from dishonest investigators or cloud providers. Finally, we evaluate the feasibility of the scheme by implementing SecLaaS for network access logs in OpenStack -- a popular open source cloud platform. Show less

With the proliferation of wireless networks, mobile devices and medical devices are increasingly being equipped with wireless interfaces, such as Bluetooth and WiFi to allow easy access to and control of the medical devices. Unfortunately, the very presence and usage of such interfaces also expose the medical devices to novel attacks from malicious parties. The emerging threat from malicious mobile devices is significant and severe, since attackers can steal confidential data from a patient’s… Show more

With the proliferation of wireless networks, mobile devices and medical devices are increasingly being equipped with wireless interfaces, such as Bluetooth and WiFi to allow easy access to and control of the medical devices. Unfortunately, the very presence and usage of such interfaces also expose the medical devices to novel attacks from malicious parties. The emerging threat from malicious mobile devices is significant and severe, since attackers can steal confidential data from a patient’s medical device. Also, attackers can compromise the medical device and either feed doctors bad data from it or issue potentially fatal commands to the device, which may even result in the death of the patient. As the mobile devices are often at close proximity to the patient (either in the hospital or home settings), attacks from such devices are hard to prevent. In this paper, we present a systematic analysis of this new threat from mobile devices on medical devices and healthcare infrastructure. We also perform a thorough secu- rity analysis of a major hospital and uncover potential vulnerabilities. Finally, we propose a set of potential solutions and defenses against such attacks. Show less

The Sarbanes-Oxley Act inspired research on long-term high-integrity retention of business records, leveraging the immutability guarantees that WORM storage servers offer for files. In this paper, we present the {\it transaction log on WORM} (TLOW) approach for supporting long-term immutability for relational tuples. TLOW stores the transaction log on WORM and uses an audit helper (AH) add-on to continuously perform audit-related activities without compromising transaction performance or audit… Show more

The Sarbanes-Oxley Act inspired research on long-term high-integrity retention of business records, leveraging the immutability guarantees that WORM storage servers offer for files. In this paper, we present the {\it transaction log on WORM} (TLOW) approach for supporting long-term immutability for relational tuples. TLOW stores the transaction log on WORM and uses an audit helper (AH) add-on to continuously perform audit-related activities without compromising transaction performance or audit trustworthiness. TLOW imposes only 1-11\% runtime overhead on TPC-C transactions, much less than previously proposed approaches, and does not require DBMS kernel changes. TLOW audits are extremely fast, e.g., two hours to audit a year of continuous TPC-C activity, versus 10 days for previously proposed approaches. This opens up the possibility of real-time internal audits that can detect fraudulent activity before its effects propagate throughout an enterprise. We also provide a proof of correctness for TLOW, which exposes a subtle threat that affects the correctness of previously proposed approaches.
Show less

Relational databases are periodically vacuumed to remove tuples that have expired. During the discovery phase of litigation, plaintiffs ask defendants for access to information related to their case. The requested information is then subject to a litigation hold, which means that the information cannot be deleted. Vacuuming exposes a database to a new threat -- adversaries can try to thwart database auditing mechanism by masquerading an illegal tuple deletion as a vacuuming operation, and… Show more

Relational databases are periodically vacuumed to remove tuples that have expired. During the discovery phase of litigation, plaintiffs ask defendants for access to information related to their case. The requested information is then subject to a litigation hold, which means that the information cannot be deleted. Vacuuming exposes a database to a new threat -- adversaries can try to thwart database auditing mechanism by masquerading an illegal tuple deletion as a vacuuming operation, and delete an unexpired tuple, or a tuple under a litigation hold.

In this paper, we provide a generic framework for auditing vacuuming, augment existing database integrity audit mechanisms to support vacuuming, formalize the notion of a litigation hold, and identify key issues in the context of database systems for long-term, high-integrity records retention. Then, we propose several schemes for efficiently implementing trustworthy litigation holds. Finally, we evaluate the efficiency and tradeoffs of the different schemes using a series of experiments. Show less

In today’s world, information is increasingly created, processed, transmitted, and stored digitally. While the digital nature of information has brought enormous benefits, it has also created new vulnerabilities and attacks against data. Unlike physical documents, digitally stored information can be rapidly copied, erased, or modified. The distributed nature of today’s computing systems also implies that digital data may be stored in or transmitted via untrusted systems. In many cases, even… Show more

In today’s world, information is increasingly created, processed, transmitted, and stored digitally. While the digital nature of information has brought enormous benefits, it has also created new vulnerabilities and attacks against data. Unlike physical documents, digitally stored information can be rapidly copied, erased, or modified. The distributed nature of today’s computing systems also implies that digital data may be stored in or transmitted via untrusted systems. In many cases, even insiders can have financial or strategic motives to tamper with data. Thus,
throughout its lifecycle, data may be exposed to many modifications, and be processed by many principals, some of whom may not be trustworthy. In order to trust data, it is therefore useful to know its history, and to protect data history from illicit
modifications. Widespread use of electronic records in high-stakes applications such as business and health-care means that the need to ensure trustworthiness of data retention is crucial. Society as a whole will benefit significantly from the development and adoption of techniques for ensuring the integrity of data history, as such assurances will increase public trust in electronic records.

In this dissertation, we explore techniques for providing integrity assurances for the history of data in an untrusted environment. We show that it is possible to provide strong integrity assurances for data history, without incurring high performance overheads, or using costly trusted hardware. We first focus on file systems
and data provenance, and develop provably-secure schemes for securing file provenance information. With empirical evaluation using realistic file system workloads, we show that our scheme has low overhead, and can be deployed with minimal changes to existing applications. Next, we investigate history integrity in database systems. We develop an efficient, low-overhead architecture for making databases tamper-evident, and ... [more in linked pdf] Show less

In our everyday lives, we create massive amounts of data. But how much does it really cost to store data? With ever decreasing cost of storage media, a popular misconception is that the cost of storage has become cheaper than ever. However, we argue that the cost of storing data is not equal to the cost of storage media alone -- rather, many often ignored factors including human, infrastructure, and environmental costs contribute to the total cost to store data. Unfortunately, very little… Show more

In our everyday lives, we create massive amounts of data. But how much does it really cost to store data? With ever decreasing cost of storage media, a popular misconception is that the cost of storage has become cheaper than ever. However, we argue that the cost of storing data is not equal to the cost of storage media alone -- rather, many often ignored factors including human, infrastructure, and environmental costs contribute to the total cost to store data. Unfortunately, very little research has been done to determine the full cost of cloud based storage systems. Most existing studies do not account for indirect factors and determinants of storage cost. To fully determine the true cost of data storage, we need to perform full cost accounting -- a well known accounting technique. In this paper, we present a full cost accounting model for cloud storage systems. We include all the hidden and environmental costs as well as regular costs to develop a comprehensive model for storage system costs. To the best of our knowledge, this is the first work on creating a full cost accounting model for cloud based storage systems. Show less