Server Fraud Detection on Cloud

Server Fraud Detection on Cloud

Abstract:

Remote data integrity checking is a crucial technologyin cloud computing. Recently many works focus onproviding data dynamics and/or public verifiability to this typeof protocols. Existing protocols can support both features withthe help of a third party auditor. In a previous work, propose a remote data integrity checking protocol thatsupports data dynamics. In this paper, we adapt to support public verifiability. The proposed protocolsupports public verifiability without help of a third partyauditor. In addition, the proposed protocol does not leak anyprivate information to third party verifiers. Through a formalanalysis, we show the correctness and security of the protocol.After that, through theoretical analysis and experimentalresults, we demonstrate that the proposed protocol has a goodperformance.

Architecture:

Existing System:

In existing system, the clients store the data in server that server is trustworthy and after the third party auditor can audit the client files. So, the third party auditor can stolen the files.

Disadvantage:

Existing protocols can support both features withthe help of a third party auditor.

Proposed System:

We consider a cloud storage system in which there area client and an untrusted server. The client stores their datain the server without keeping a local copy. Hence, it is ofcritical importance that the client should be able to verifythe integrity of the data stored in the remote untrustedserver. If the server modifies any part of the client’s data,the client should be able to detect it; furthermore, any thirdparty verifier should also be able to detect it. In case a thirdparty verifier verifies the integrity of the client’s data, thedata should be kept private against the third party verifier.

Advantages:

In this paper, we have the following main contributions:

• We propose a remote data integrity checking protocolfor cloud storage. The proposed protocolinherits the support of data dynamics, andsupports public verifiability and privacy against third-partyverifiers, while at the same time it doesn’t needto use a third-party auditor.

• We give a security analysis of the proposed protocol,which shows that it is secure against the untrustedserver and private against third party verifiers.

Modules:

1. Data Dynamics
2. Block Insertion
3. Block Modification
4. Block Deletion
5. public verifiability
6. Metadata Generation
7. Privacy against Third Party Verifiers

1. Data Dynamics:

Data dynamics meansafter clients store their data at the remote server, theycan dynamically update their data at later times. At theblock level, the main operations are block insertion, blockmodification and block deletion.

1. Block Insertion:

The Server can insert anything on the client’s file.

1. Block Deletion:

The Server can delete anything on the client’s file.

1. Block Modification:

The Server can modify anything on the client’s file.

1. public verifiability:

Each and every time the secret key sent to the client’s email andcan perform the integrity checking operation. In thisdefinition, we have two entities: a challenger that stands foreither the client or any third party verifier, and an adversarythat stands for the untrusted server. Client doesn’t ask any secret key from third party.

1. Metadata key Generation:

Let the verifier V wishes to the store the file F. Let this file F consist of n file blocks. We initiallypreprocess the file and create metadata to be appended to thefile. Let each of the n data blocks have m bits in them. Atypical data file F which the client wishes to store in thecloud.

Each of the Meta data fromthe data blocks miis encrypted by using a suitable algorithmto give a new modified Meta data Mi. Without loss of generality we show this process. Theencryption method can be improvised to provide still strongerprotection for Client’s data. All the Meta data bit blocksthat are generated using the procedure are to be concatenatedtogether. This concatenated Meta data should beappended to the file F before storing it at the cloud server. Thefile F along with the appended Meta data withthe cloud.

1. Privacy against Third Party Verifiers:

Underthe semi-honest model, a third party verifier cannot get

Any information about the client’s data m from the protocolexecution. Hence, the protocol is private against third partyverifiers. If the server modifies any part of the client’s data,the client should be able to detect it; furthermore, any thirdParty verifier should also be able to detect it. In case a thirdparty verifier verifies the integrity of the client’s data, thedata should be kept private against the third party verifier.

Algorithm:

RSA & Metadata Generation:

The input, and outputs R = gs_ni=1 aimi mod N, in whichai = fr(i) for i ∈ [1, n]. Because A can naturally computesP = g_ni=1 aimi mod N from Dm, P is also treated asA’s output. So A is given (N, g, gs) as input, and outputs(R, P) that satisfies R = Ps. From the KEA1-r assumption,B can construct an extractor A￣, which given the same inputas A, outputs c which satisfies P = gc mod N. As P =

g_ni=1 aimi mod N, B extracts c =_ni=1 aimi mod p_q_.Now Bgenerates n challenges _r1, gs1_, _r2, gs2_, ...,_rn, gsn_ using the method described in section III. Bcomputes aji = frj (i) for i ∈ [1, n] and j ∈ [1, n]. Because{r1, r2, ..., rn} are chosen by B, now B chooses them sothat {aj1, aj2, ..., ajn}, j = 1, 2, ..., n

System Specification:

Hardware Requirements:

•System: Pentium IV 2.4 GHz.

•Hard Disk : 40 GB.

•Floppy Drive: 1.44 Mb.

•Monitor: 15 VGA Colour.

•Mouse: Sony.

•Ram: 512 Mb.

Software Requirements:

•Operating system : Windows XP.

•Coding Language: ASP.Net with C#

•Data Base: SQL Server 2005.