Monitoring and Detecting Abnormal Behavior in Mobile Cloud Infrastructure ABSTRACT Recently, several mobile services are changing to cloud-based mobile services with richer communications and higher flexibility. We present a new mobile cloud infrastructure that combines mobile devices and cloud services. This new infrastructure provides virtual mobile instances through cloud computing. To commercialize new services with this infrastructure, service providers should be aware of security issues.
Here, we first define new mobile cloud services through mobile cloud infrastructure and discuss possible security threats through the use of several service scenarios. Then, we propose a methodology and architecture for detecting abnormal behavior through the monitoring of both host and network data. To validate our methodology, we injected malicious programs into our mobile cloud test bed and used a machine learning algorithm to detect the abnormal behavior that arose from these programs. Existing System
On such normal mobile devices, most current vaccine applications detect malware through a signature-based method. Signature-based methods can detect malware in a short space of time with high accuracy, but they cannot detect new malware whose signature is unknown or has been modified. If mobile cloud services are provided, much more malicious applications may appear including new and modified malware. Therefore vaccine applications cannot detect and prohibit them with only signature-based method in the future.
Although signature-based vaccine applications can target on virtual mobile instances to detect malware, it makes additional overhead on instances, and it is difficult for users to install vaccine software by force when those instances are provided as a service. Behavior-based abnormal detection can address those problems by observing activities in the cloud infrastructure. To achieve this, we design a monitoring architecture using both the host and network data. Using monitored data, abnormal behavior is detected by applying a machine learning algorithm.
To validate our methodology, we built a test bed for mobile cloud infrastructure, intentionally installed malicious mobile programs onto several virtual mobile instances, and then successfully detected the abnormal behavior that arose from those malicious programs. Implementation Implementation is the stage of the project when the theoretical design is turned out into a working system. Thus it can be considered to be the most critical stage in achieving a successful new system and in giving the user, confidence that the new system will work and be effective.
The implementation stage involves careful planning, investigation of the existing system and it’s constraints on implementation, designing of methods to achieve changeover and evaluation of changeover methods. Main Modules:- 1. USER MODULE : In this module, Users are having authentication and security to access the detail which is presented in the ontology system. Before accessing or searching the details user should have the account in that otherwise they should register first. 2. MOBILE CLOUD SERVICE :
Here new mobile cloud service through the virtualization of mobile devices in cloud infrastructure. We describe two main service scenarios to explain how this mobile cloud service can be used. Service scenarios are useful to discuss security threats on mobile cloud infrastructure, because they include users, places, mobile devices, and network types, and user’s interesting contents. We define mobile cloud computing as processing jobs for mobile devices in cloud computing infrastructure and delivering job results to mobile devices. e propose a new mobile cloud service as providing virtual mobile instances through mobile cloud computing. The proposed mobile cloud service provides virtual mobile instances through the combination of a mobile environment and cloud computing. Virtual mobile instances are available on mobile devices by accessing the mobile cloud infrastructure. This means that users connect to virtual mobile instances with their mobile devices and then use computing resources such as CPU, memory, and network resources on mobile cloud infrastructure.
In this case, such mobile devices will have smaller roles to play than current mobile devices. 3. MALWARE DATA : We chose ‘GoldMiner’ malware applications to obtain abnormal data in our mobile cloud infrastructure. We installed the malware onto two hosts and ran it. It gathers location coordinate and device identifiers (IMEI and IMSI), and sends the information to its server. The malware target affecting each mobile instance as zombie, and there are many other malware which have the same purpose although their functionality and behavior are little different from each other.
This kind of malware is more threatening to mobile cloud infrastructure because there are lots of similar virtual mobile instances and they are closely connected to each other. Entered data are not same, compare the database data that is called malwaredata. when If some abnormal behavior’s help to modify the date in External object. 4. ABNORMAL BEHAVIOR DETECTION : We used the Random Forest (RF) machine learning algorithm to train abnormal behavior with our collected data set.