Identification of Threats and Vulnerabilities in Public Cloud-Based Apache Hadoop Distributed File System

Thumbnail Image

Files

avatar_scholar_256.png (6.31 KB)

Date

2020-04

Authors

Journal Title

Journal ISSN

Volume Title

Type

Article

Publisher

Institute of Electrical and Electronics Engineers Inc

Series Info

15th International Computer Engineering Conference;Category numberCFP1932N-ART; Code 158403

Doi

https://doi.org/10.1109/ICENCO48310.2019.9027300

Scientific Journal Rankings

Abstract

Information security issues in public clouds are amplified by Big Data, s unique security challenges originating from its volumetric data storage from a wide variety of sources and structures. Apache Hadoop (AH) framework is driving the Big Data paradigm is for its effectiveness in processing large datasets. AH is a typical Platform-as-a-Service cloud computing model. It is centered on the underlying Hadoop Distributed File System (HDFS). AH was originally designed to run in a well controlled private computing environment. However, when AH operates in a public cloud in large clusters, its built-in security mechanisms are subject to different types of threats. Motivated by such fundamental design concept and deployment computing environment, and for HDFS being a core component of AH, the contribution of this paper is to identify, expose, and discuss security threats and vulnerabilities in public cloud-based HDFS. © 2019 IEEE.

Description

Scopus

Keywords

Apache hadoop distributed file system security, Big data security, Public cloud, Security threats, Security vulnerabilities, Computer software, Computing environments, File organization, Platform as a Service (PaaS)

Citation

Hussein, O., Hamza, N., Hefny, H. A novel approach to address information leakage attacks basedon machine virtualization (2014) InInternational Journal of Computer Science and Information Security, 12 (9), pp. 31-42. Sept 2 Hussein, O., Hamza, N., Hefny, H. A proposed covert channel based on memory reclamation (2015) 2015 IEEE 7th International Conference on Intelligent Computing and Information Systems, ICICIS 2015, art. no. 7397244, pp. 343-347. Cited 2 times. ISBN: 978-150901949-6 doi: 10.1109/IntelCIS.2015.7397244 View at Publisher 3 Zhang, Y., Reiter, M.K. Düppel: Retrofitting commodity operating systems to mitigate cache side channels in the cloud (2013) Proceedings of the ACM Conference on Computer and Communications Security, pp. 827-837. Cited 106 times. ISBN: 978-145032477-9 doi: 10.1145/2508859.2516741 View at Publisher 4 Zissis, D., Lekkas, D. Addressing cloud computing security issues (2012) Future Generation Computer Systems, 28 (3), pp. 583-592. Cited 1052 times. doi: 10.1016/j.future.2010.12.006 View at Publisher 5 Kim, D., Vouk, M.A. A survey of common security vulnerabilities and corresponding countermeasures for SaaS (2014) 2014 IEEE Globecom Workshops, GC Wkshps 2014, art. no. 7063386, pp. 59-63. Cited 6 times. ISBN: 978-147997470-2 doi: 10.1109/GLOCOMW.2014.7063386 View at Publisher 6 Kim, D., Schaffer, H., Vouk, M. Paas security countermeasures: A survey (2015) Proc. ICACON 7 Hashem, I.A.T., Yaqoob, I., Anuar, N.B., Mokhtar, S., Gani, A., Ullah Khan, S. The rise of "big data" on cloud computing: Review and open research issues (2015) Information Systems, 47, pp. 98-115. Cited 1084 times. doi: 10.1016/j.is.2014.07.006 View at Publisher 8 Borthakur, D. The hadoop distributed file system: Architecture and design (2007) Apache Software Foundation. Cited 298 times. 9 Cohen, J., Acharya, S. Towards a more secure Apache Hadoop HDFS infrastructure: Anatomy of a targeted advanced persistent threat against HDFS and analysis of trusted computing based countermeasures (2013) Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 7873 LNCS, pp. 735-741. Cited 11 times. ISBN: 978-364238630-5 doi: 10.1007/978-3-642-38631-2_64 View at Publisher 10 Das, D., Malley, O.O., Radia, S., Zhang, K. Adding security to Apache Hadoop (2011) Technical Report 1. Hortonworks. Cited 24 times. 11 Park, S., Lee, Y. Secure hadoop with encrypted HDFS (2013) Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 7861 LNCS, pp. 134-141. Cited 14 times. ISBN: 978-364238026-6 doi: 10.1007/978-3-642-38027-3_14 View at Publisher 12 Apache software foundation (2014) Add Support for Encrypting the DataTransferProtocol https://issues.apache.org/jira/browse/HDFS-3637 13 Apache software foundation (2012) Add Support for Encrypted Shuffle https://issues.apache.org/jira/browse/MAPREDUCE-4417 14 Apache software foundation (2013) Add Support for HTTPS to the Web UIs https://issues.apache.org/jira/browse/HADOOP-8581 15 Azab, A.M., Ning, P., Wang, Z., Jiang, X., Zhang, X., Skalsky, N.C. HyperSentry: Enabling stealthy in-context measurement of hypervisor integrity (2010) Proceedings of the ACM Conference on Computer and Communications Security, pp. 38-49. Cited 191 times. ISBN: 978-145030244-9 doi: 10.1145/1866307.1866313 View at Publisher 16 Azab, A.M., Ning, P., Sezer, E.C., Zhang, X. HIMA: A hypervisor-based integrity measurement agent (2009) Proceedings - Annual Computer Security Applications Conference, ACSAC, art. no. 5380699, pp. 461-470. Cited 86 times. ISBN: 978-076953919-5 doi: 10.1109/ACSAC.2009.50 View at Publisher 17 Hussein, O., Hamza, N., Hefny, H. A proposed approach to detect and thwart previously unknown code injection attacks (2015) 2015 IEEE 7th International Conference on Intelligent Computing and Information Systems, ICICIS 2015, art. no. 7397243, pp. 336-342. ISBN: 978-150901949-6 doi: 10.1109/IntelCIS.2015.7397243 View at Publisher 18 Stallings, W., Brown, L. (2015) Computer Security: Principles and Practice. Cited 229 times. 3rd ed., New Jersey, USA: Pearson Education, Inc 19 Ren, K., Wang, C., Wang, Q. Security challenges for the public cloud (2012) IEEE Internet Computing, 16 (1), art. no. 6123700, pp. 69-73. Cited 438 times. doi: 10.1109/MIC.2012.14 View at Publisher 20 Parmar, R.R., Roy, S., Bhattacharyya, D., Bandyopadhyay, S.K., Kim, T.-H. Large-Scale Encryption in the Hadoop Environment: Challenges and Solutions (Open Access) (2017) IEEE Access, 5, art. no. 7922533, pp. 7156-7163. Cited 11 times. http://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639 doi: 10.1109/ACCESS.2017.2700228 View at Publisher 21 Millman, R. (2017) Thousand S of Hadoop Clusters Still Not Being Secured Against Attacks https://www.scmagazineuk.com/thousands-hadoop-clusters-not-securedagainst-attacks/article/1475302 22 Apache hadoop: Security vulnerabilities (2017) Denail of Service Attack https://www.cvedetails.com/vulnerabilitylist/vendorid-45/productid-22215/year-2017/opdos-1/Apache-Hadoop.html 23 Massachusetts institute of technology (2019) Kerberos: The Network

Full Text link

https://t.ly/bfUK

Collections

Faculty Of Management Sciences Research Paper