SecHMS-A Secure Hybrid Monitoring Scheme for Cloud Data Monitoring

Cloud computing enables the data owners to store and host their data on the cloud storage servers, which is to accessed by data consumers from the cloud storage servers whenever needed. The approach provides not only better accessibility but also unlimited storage capacity to the users. Even though there are numerous benefits of the approach, but security remains the prime concern for cloud computing and cloud service users. There are few solutions that provide protection in cloud computing, but even after having these solution, trust in cloud service providers remains the prime concern for cloud users. To overcome such a situation and to enhance the faith amongst the user and cloud service provider, a hybrid monitoring scheme (SecHMS) have been proposed and evaluated in this paper. The hybrid monitoring scheme (SecHMS) uses public-key cryptography and hashing technique to provide data security in cloud computing. The hybrid scheme (SecHMS) constantly monitors the stored data on behalf of end-users. As user’s data is getting continuously monitored, it leads to the enhancement of trust for the end-user in cloud computing systems. A thorough analysis has been done on different size files, and results have been demonstrated to show the correctness of SecHMS scheme.


Introduction
With its numerous advantages, cloud computing emerges as the driving force in the networking field. Cloud computing is being used in almost all fields nowadays, such as business, education, medical science, retail sector, etc. As its applicability areas are unlimited, cloud computing is changing or driving the lives of peoples in an efficient manner with many advantages [1] [2]. The foremost advantage of using cloud computing is that it offers many services using its service models, and these services are provided according to the demands of users. Cloud service models are represented in a generalized way as *-as-a-Service (*aaS), where * is used to represent the type of assistance provided by cloud computing. Usually, the assistance is provided either as * Corresponding author. Email: anujbit@gmail.com software or as a platform or as infrastructure [3] [4]. The core technology or driving force behind cloud computing is virtualization, and the prime reason behind the use of virtualization is its elasticity capability and efficient resource utilization [5]. In a broader view, cloud computing is a model that enables users to use cloud computing services and resources using the internet connection and underlying interface. By this way end users can use cloud service and transfer their related data on the cloud,later the data is accessible 24x7 for users using the variety of available devices such as mobile, laptop, PDA, etc. [6].
Though cloud computing poses many advantages and associated benefits of cloud computing, there are some concerns as well [7]. All these concerns need to be addressed to declare that cloud computing is the best possible solution for end-users for a variety of services. Out of all the concerns  In the current paper, out of the mentioned categories, our prime focus is on user information security. From a user's point of view, security is the topmost concern when they switches towards any cloud service, especially the cloud storage service. As user's data all the time resides at cloud provider's end, and there is logically no user control over the stored data. Thus, there is a strong need to develop a secure mechanism that boosts user's trust in a variety of cloud services [8]. Before developing the solution to the said problem, a thorough research review has been carried out, to understand the cloud security-related problems. After the review, a hybrid monitoring scheme (SecHMS) have been developed to encounter the said problems.
The remaining paper is organized in the following sections, as section 2 gives insight into the literature survey done in cloud computing security. Section 3 introduces the SecHMS hybrid monitoring scheme. Section 4, the results have been discussed, and finally, the paper ends with the conclusion and future scope.

Literature review
Some of the security solutions provided by the researchers in the field of cloud computing security have been reviewed as follows: • Network security is one of the significant concerns when one talks about cybersecurity as security attacks increase manifolds during the time. With time their effectiveness and severity are also growing. In cloud computing, the necessity of using a service is the network availability; thus efforts must be applied to secure the cloud computing data in a network. In the current work, detailed review have been carried out for such issues and their effect on the users. For solutions, different artificial intelligence and machine learning techniques are explored to thoroughly analyze the network traffic and detect the malicious activities on the network [9]. • In the current work, a detailed overview is presented regarding the prediction and forecasting based security methods in cybersecurity, more specifically the cloud computing security. During the outline, the main emphasis is on task identification, projection of attacks, and intention of attack, and finally, prediction of the reason for the attack from an attacker's point of view. Taking all these things into consideration, enterprises can employ methods and services to counter any such situation if it occurs for the organization [10]. • The researchers perform extensive study regarding the basic operation performed on a network and how information security methods can be used to provide security solutions to these network operations. Further, an "Intrusion Detection System (IDS)" is developed that is used to detect and declare a security attack on the network. The system is compared for two categories of users; one is those who do not use security systems and one those who use security systems in the network. As a result, the conclusion drawn is that individuals having awareness about the security attacks perform correct action against malicious activities [11]. • The credibility of cloud service is one of the significant needs while evaluation of any cloud service. The work done by the researchers proposed a model that is going to evaluate the credibility of cloud computing services based on some factors. The major factors that constitute the credibility are quality of cloud service, trust factor, time of service use. The developed model is tested on a Netlogo platform, and the results generated take care of individuals' preferences by combining multiple available pieces of evidence. The model improves the quality of service and gives a slight security feature for cloud users [12]. • A monitoring keyboard or intelligent keyboard can work as a key logger tool. It may be used to generate an alarm-based system whenever the finger is pressed on the key of the keyboard, and it also records the content that is being typed by the user. This type of system is useful when someone thinks about creating the smart security system for alerting, for alarming, for recording or for identification. The method can be used to identify and differentiate the individual characteristics based on biometrical features [13]. As further enhancement, researchers developed a keyboard that can record the user characteristics based on pressure parameter with a combination of time for individuals, while the press any key on the keyboard [14].

Cloud
• As a security solution to cloud computing, researchers developed a "Probabilistic numerical method" which is a framework that is used to monitor the combination of cryptographic algorithms. The main aim of the approach is to find out the errors in the computations. Identification of the errors is one of the prime factors while designing a secure system for cloud computing. If error identification is correct, correct countermeasures can be applied to overcome these errors. The work is done to a proposed method that uses "Microsoft's STRIDE-DREAD model" to list the existing attacks and threats in cloud computing. Apart from attack identification, the list also gives insights about the significance and measurement of each of the threats. • Further, these threats are ranked according to their severity. After identifying threats and their sternness, cloud users are informed regarding these threats and their effects on the cloud services used by the endusers. The work done is like a guideline for cloud users as well as for security personals to develop security systems for private or hybrid clouds [15]. • Security attacks related issues can be viewed as the most significant barrier for users as well as organizations when they tend to switch towards cloud computing-based services from the traditional application-based services. There are many approaches that are being developed and used by the developers to overcome such situations arising due to security attacks. In the proposed work, the main emphasis is on making use of honeypots-based security mechanism to address security issues of cloud computing. The researchers developed a scheme named "CloudHoneyCY". "CloudHoneyCY" is an open-source method in which a variety of honeynets, which includes highinteraction and low-interaction honeypots, are positioned at the server end (Cloud Server). The aim of the method is to analyze and prepare the attack report [16].
• "Distributed denial of service (DDoS)" has emerged as a prime challenge for various server applications, whether it is an application server or database server. Thus, there is a need to counter DDoS attacks and provide solutions to the problems arising due to DDoS attacks. The most significant issues that are occurring due to DDoS attacks are massive traffic on the server and the improper use of network bandwidth. To overcome the DDoS attacks, researchers proposed an "ant-based DDoS detection technique." The technique makes use of virtual honeypots and a multilayer secure framework to gather the information of attackers at different points of the network; for this purpose IP log table works as a helping hand. The ant colony scheme detects the intrusion attacks based on the pheromone population on the area of interest. Once the attacked region is found out, the output is sent to the proposed framework to minimize the effect of the attack. The prominent feature of the approach is that it provides complete protection to counter the DDoS attacks and reduce the network traffic overhead [17]. • Researchers developed a scheme using RSA encryption. The scheme is developed that provides security to the static data. IF the end-user makes the change into the file, the approach fails to provide the solution and monitoring [18].

Hybrid monitoring scheme (SecHMS)
After extensive research review, it has been observed that though there are schemes that are currently being used by the researchers for cloud computing security, but there is no such available that improves the end user's trust in cloud-based services [19] [20]. To overcome the problem, a hybrid monitoring scheme is named SecHMS. This hybrid scheme uses cryptographic techniques to ensure data security on behalf of the user and continuously monitors the user data for any kind of change. SecHMS consists of three important entities named Cloud User, Monitor, and Cloud Storage System. All these are assigned different tasks. The Cloud user is responsible for selecting and uploading the data on the cloud storage system, Monitor is responsible for monitoring the user data for its consistency and integrity checking, and the cloud storage system is responsible for storing the user data at their premises. The monitor is the most important part of SecHMS from the security point of view and to improve the trust of cloud user on cloud-based storage systems, as it continuously has a close eye on user's data. The working of the SecHMS is shown in Figure 2.

Figure 2. The working of SecHMS
The primary goal of the scheme is to enhance the user's trust in cloud computing services. To achieve this, almost all the security-related transformation has been performed at the cloud user's end itself. In addition to the cloud user, another entity that plays a vital role in the success of the proposed scheme is monitor. In the SecHMS scheme, firstly, at the cloud user end, data is separated into two types named as normal data and sensitive or critical data. The main emphasis of the scheme is to secure the sensitive information because if we apply the SecHMS scheme on whole data then the operating cost will go at the higher side. After the separation of critical data and normal data, encryption has been performed on the critical data using the AES algorithm. This encrypted data is sent to the server for storage purposes.
As a next step, encrypted data is further divided into the blocks of equal size. In the next stage of the SecHMS scheme, further SHA-512 algorithm is applied on each block, as a result, hash value of each block is computed. Furthermore, these hashed blocks are concatenated with each other. After the concatenation, the RSA digital signature algorithm is applied on the concatenated data. The application of the RSA digital scheme ensures authentication. Later, the generated signature is transferred to the monitor for verification purposes. So, in general, roles of cloud user, monitor, and cloud storage systems have been differentiated. Cloud users and monitor are closely associated with each other, and monitor continuously monitors user's data whenever required.
In addition to this monitor can also perform the data monitoring in an automated manner, where the monitor mentions the time duration. If the monitor mentions the time duration as 1 sec, it means every 1-sec monitor user's data. In this way, when user's data is being monitored continuously, the user's trust enhances on cloud-based services. After receiving the requested data from the cloud storage server, a signature is generated over it and compared with the stored signature for data integrity.

4.
SecHMS scheme performance evaluation: The performance of the SecHMS scheme have been implemented on Windows 7 operating system, Pycharm community edition 2019, and python 3.7 with standard cryptographic libraries. SecHMS scheme started with AES encryption on user's data. The data can be a simple text message, or it can be a text file selected from a given location. This data is transferred to cloud storage system. Later the encrypted data is divided into blocks, after that SHA-512 is applied to each block. Finally, these hashed blocks are concatenated, and a signature is generated over the concatenated blocks. This signature is sent to the monitor. Later, when monitor receives the data from the cloud storage server, the signature is generated using the same process, and later, the generated signature is compared with the stored signature for integrity preservance. The process working is shown in appendix A. While running the monitoring process at the start monitor needs to mention the time interval by which monitoring works, i.e. if monitor mentions the time as 1 minute it means that after the first iteration of monitoring process there is a halt of 1 minute before the next iteration starts for monitoring. Users can select any value for this. After running the monitoring process sample results appears as: As shown in the results as mentioned above, the monitoring process is shown for three iterations. In the iteration one, we can check that the monitoring process takes 07.176012 minutes for execution after that process sleeps for 1 minute, iteration 2 takes 06.536411 minutes for execution after that process sleeps for 1 minute, and iteration 3 takes 05.272809 minutes for execution after that process sleeps for 1 minute. The process continues until the monitor halts it. The status SUCCESS is treated as that the user data is intact and it is in its original form i. e. no modification have been done to user's data. The process is evaluated for ten iterations, and the time taken from iteration 1 to 10 is given in Table 1.

Conclusion and future scope
In SecHMS scheme, all the security-related operations are performed at the client-side or at the monitor side, therefore it provides better access control to user data, data integrity and, most importantly, trusts to the end-user. As we know, on the public cloud platform data is available free to all the users and hence anyone using the cloud computing service can download it whenever needed. But with the application of a hybrid cryptographic monitoring scheme (SecHMS), even if the attacker gets a copy of data, he cannot get the actual data as it is encrypted using the algorithms. Another activity that all the attackers like to perform on user data is data modification, but as our scheme provides data integrity, the attacker shall fail to achieve their motive. We can say an attacker will never be able to modify the stored data without having the private key, as whenever one wants to update the data, there is a need for a private key. If verification fails, then data shall not be updated. In addition to all these security features, our scheme also have a monitoring process, which not only monitors the user data on demand, but it can monitor data as an automated process. The idea of an automated process have been explained and demonstrated earlier. Thus, after having so many security features and continuous monitoring of the data, we can declare that our monitoring scheme helps end-users to improve their trust in the cloud storage systems. The prime objective that comes out after the literature review was to build trust between the cloud service provider and the end-user so that end-users get motivated to use cost-effective cloud services. In SecHMS scheme, monitor always have a close eye on the user data, this becomes a deciding factor for the end-user to opt for the cloud-based services. As future work, the work can be further extended to minimize the computation time while storing and retrieving the data from the cloud storage systems for computation or other purposes. Apart from this, different combinations of security algorithms can also be explored to provide additional security. Along with this approach can be tested for available cloud community platforms.