Analysis Of Behaviour Of Security As A Service In Cloud For Smartphones

Analysis Of Behaviour Of Security As A Service In Cloud For Smartphones

Rasnam Kaur1, Amardeep Kaur2

1.Mtech Scholar, 2.Assistant Professor

Department of Computer Sci & Engg., Punjabi University Regional Centre for IT & Mgmt, Mohali

Abstract

Smart phones emerged as most effective device in communication in every field. As nowadays one can use phone for communicate to others, access emails within seconds and many more apps in modern age. These types of phone are known as Smart phones as it does work in smart way. But with increase in usage of these smart phones; there is also an increase in security concerns for these types of devices. As more and more smart phones are attacked by security breaches so many security functionalities have come in scene. But due to increase usage of security features, there is the big impact on the battery life of the smart phones. As if in case, a Smartphone is attacked and some antivirus is working for protection then it will use huge chunk of resources. There is some virus and harm programs which can make antivirus running for long time which turns consume huge resources like CPU and keep on draining the battery resources. These types of problems are very common for different type of operating systems used in smart phones. In recent years an open source operating system Android which is developed by Google is prove to be very popular. As Android is an open source operating system so there is some probability for breaching in this type of operating system. Although Android Operating system is quite stable as some good players are working at backend for stability of this project. Still as technical world is changing at fast rate so threats to smart phones are also increasing. A smartphone can be target in case it carries sensitive and important data which no one want to lose. This important data can get manipulated through various viruses, worms, unauthorized access, etc. These types of things are quite common now days due to different threats available. Now with emergence of technology, cloud computing concept was also comes into emergence and this technology is growing at very fast rate to fulfill the huge requirement like scalability. Cloud computing provides many solutions for better resource utilization in long run and it is cheap and scalable option. Now if we collaborate

smart phones and cloud services for solving security issues occurred in smart phones then we can call it security as a service by cloud computing. In security as service, we run the Android replica on cloud and synchronize the cloud and Android to save Android resources. Our research have focused on the analysis of security as a service for saving the resources of smartphone while running different security services like antivirus scanning, malware scanning, authentication process, encryption etc. We have created cloud virtualization with help of Oracle product named as virtual box. We have done experimentation on different Android operating systems to fetch the different analysis. We have provided some vision of bringing smartphone security apps to cloud so that cloud resources can be used for running these applications and results of these apps can be synchronized with smartphone which will save resources of smart phones at large scale.

We have provided great vision for future to use applications as a service in term of service for different versions of Smartphone as in Smartphone, frequent changes are introducing day by day and we need to focus on compatibility and feasibility for those changes. Our research will be helpful for different Smartphone companies as we are providing them good vision for saving resources and providing solutions to security.

Keywords: Cloud server, Smartphone, VMware, Virtualbox.

1. INTRODUCTION

   Cloud computing portends a major change in how we store information and run applications. Instead of running programs and data on an individual desktop

   computer, everything is hosted in the clouda nebulous assemblage of computers and servers accessed via the Internet. Cloud computing lets you access all your applications and documents from anywhere in the world, freeing you from the confines of the desktop and making it easier for group members in different locations to collaborate [2].

   Cloud computing has emerged as a new computing paradigm providing hosted services by exploiting the concept of dynamically scalable and shared resources accessible over the internet. A cloud service is rented on demand, i.e. based on the customers current requirements. By utilizing subscription based payment for resources and services a customer can substantially reduce their operational and capital costs. Cloud computing caters to the customers needs by offering a way to rapidly increase capacity when needed or to add new capabilities on the fly while minimizing investments in new infrastructure, training new personnel, licensing new software, etc. Figure 2 presents the U. S. National Institute of Standards and Technology (NIST) visual model of cloud computing.

   Service Models

   Cloud computing can be classified based on the service model it offers, specifically: software, platform, or infrastructure.

   IaaS

   In Infrastructure as a Service (IaaS), storage, computation, and network resources are the major components that are provided as a service to the customer. Customers can run their choice of operating system and other software on the infrastructure provided by the cloud provider. It is not possible for the customer to modify the physical configurations of the underlying infrastructure, although the user can request changes from the cloud provider.

   PaaS

   In the Platform as a Service (PaaS) model, the cloud provider provides a platform for developing and running the web based applications. This platform

   provides all the facilities to support the complete life cycle of building and delivering the applications to end users. Software and service developers are the main users of PaaS.

   SaaS

   The end user is the customer for Software as a Service (SaaS), since SaaS provides a complete software application running in the cloud. Logically underlying this are PaaS and IaaS. Generally, the customer will access the services through a web browser, but the service could also be serving end users that are things rather than people

   Cloud computing emerged as the great technology in term of scalability and portability. It has changed our view of carrying data and communication. Cloud services are much indulged into mobile networks as most of the smart phones have the capability to support cloud computing environment. Over last few years, the usage and boost of handled devices such as Personal Digital Assistants (PDAs) and smart phones have increased rapidly. Gartner forecasts that the number of smart phones will exceed the number of Personal Computers (PCs) by 2013 [2]. Estimates suggest that the United States (U.S) smart phones sales are expected to grow from 67 million units in 2010 to 97 million units in 2011 [2].

   Further are the taxonomy for Smartphone security model. This model described about the measurements which are been used for providing security in Smartphone. It also includes the hierarchy in which Smartphone security goes with different applications of Smartphone. This model also suggests the security threats which can be considered for Smartphone in real terms. Model suggests us about the possible solutions available for security and possible threats to be prevented.

2. PROBLEM FORMULATION

   Smartphones have capabilityof a computer now a day as smart phones are capable of producing great computing and processing output. Over the last decade applications in entertainment, games and general usage increased due to the popularity of these devices. These devices have in built operating system which act equivalent to a computer in some sense and it is can be used as an entertainment source. Moreover power consumption by these devices is also a prime factor when attacked by some malware and huge resource drawn by usage of different applications. Many solutions for protecting these devices from threats and for cutting the battery resources usage are in act but power consumption increased dramatically while we are using these applications on these devices.

   Cloud services could provide great service to save this type of power consumption and also provides security to devices on the same time. Much research has been done while considering this vision like Clone Cloud Architecture [3], Smartphone mirroring architecture [4], Lakshmi Subramanian proposed a architecture Security as a service in cloud for smartphones [1]. In our research we have analyzed the behavior of security as a service in cloud for different smartphones environments like Android versions (1.6, 1.8, basic, sandwich, ginger bread etc). Much of work has been done in proposing this security as a service by very less work had been done on analysis and testing of these technologies on different platforms so we are going to analyze the behavior of Smart phones while implementing security as a service in cloud.

3. RESEARCH METHODOLOGY

   To achieve the set objectives, we have done the research in following steps

   Step 1: Cloud services have been virtualized in Virtual box (A Oracle product for virtualization). We have some specific hardware configuration with base memory of 1024 Mb working with collaboration of single core processor. We have used graphic card of 12 Mb. For storage purposes we have considered 8 GB space.

   Step 2: Cloud Services inside virtual box were used to simulate a cloud environment [1], [2]. In virtual box, different SDKs for different android platforms were implemented and different applications have been installed for fetching different results. With similar scenario, same platforms and versions were considered in physical Smartphone so to compare the results of cloud and real devices for security and resources consumption.

   Step 3: Analysis have been done by different applications installed on both cloud and smartphone and finally a comparison have been done for fetching exact comparative resources consumption by cloud and smartphone.

4. Results

   Anti-virus and other apps Performance Measurement: Smartphone versus Emulation of a Smartphone for android 2.2, 1.6 and 2.3

   We begin by describing some initial performance measurements of anti-virus and anti-malware scanning with some authentication and encryption apps of the state of an Android handset. Virtual box virtualized services was chosen to simulate a cloud environment.

   The initial instance configuration used for the virtual machine as the cloud is shown in Table5.

   Table 5: Initial Virtual box cloud service virtual machine configuration

   1024 MB memory Single core processor 32-bit or 64-bit platform

   20 GB of instance storage (scalable) 128 MB graphics

   Network type used is NAT

   The operating system running on this instance is Ubuntu Linux and an Android version 2.2, 1.6 and

   2.3 smartphone was emulated. Android Version 2.2,

   1.6 and 2.3 were chosen for experimentation due to the initial availability of a physical Android 2.2, 1.6 and 2.3 versions smartphone (for the configuration of this physical phone see Table 6), for comparison with the emulated version. The emulator and the smartphone contained the same information to facilitate the comparison.

   Table 6: Specification of the physical smartphone used for testing

   HTC Touch Viva
   CPU Processing Speed	528 MHz
   Storage	ROM: 512 MB RAM: 384 MB
   Battery type	Rechargeable Lithium-ion battery with 13000 mAh capacity

   CPU activity while the emulated performed an anti- virus scan and other apps.

   CPU activity while the physical smartphone performed an anti-virus scan and other apps.

5. CONCLUSION

   The purpose of this Research was to elaborate and clarify the Application as a service and security as a Service function of cloud computing to provide better results for using different android applications without draining the battery resources .Smart phones are not capable of having huge battery life due to the multifunction and multitasking, security functions and graphics features. Moreover Smart phones are not carrying huge CPU power to provide different functions continuously. In this paper we have done analysis for Security as a service on different android operating systems and propose application as a service concept by showing results of different encryption applications as a service in this paper. We have done our experimentation on different applications including antivirus, antimalware, different apps etc. The deep analysis has been done in term of fetching results from cloud and fetching synchronized results on smart phones. The results were used to propose solutions for resources saving in smart phones with the help of cloud computing platform. We considered the cloud services in virtual box software and done experimentation with android donut 1.6 versions, android froyo 2.2 versions and android gingerbread 2.3 versions. We have used different android applications (apk files) like AVG antivirus, Norton antimalware, App lock for authentication, Encryption manager lite for encryption functions. Furthermore the analysis has been done for providing the exact idea of using security as a service. Since the motivation behind this thesis was to test the resource limitation nature of the smart phones, experiments with antimalware, anti- virus scanning, authentication and encryption to compare the performance of smartphone and emulated smartphone were carried out in virtual box. Battery power consumption for different use cases was also evaluated. The results fetched from our research showed us that emulated smartphone in cloud takes very less time and resources than the physical android phone in performing various security functions so cloud could prove to be big solution for our concept of app as service. Battery resource utilization in different android smart phones was quite high while using antivirus, antimalware, authentication and encryption but significantly low while using same functions in cloud.

6. Future Work

   As a next step to the work done, can be to find better solutions for authentication security functions and better solutions for consumption of battery resources and to implement those features as app as a service. Some solutions like better virus signature schemes can be considered. For further saving of resources

   and to make cloud smartphone combination, some smart application like load balancing can be introduced. Moreover, better intercommunication between smart phones and cloud architecture can also be introduced. Our analysis will help alot better in experimentation of these future visionary ideas.

7. REFERENCES

1. Lakshmi Subramanian , Security as a Service in Cloud for Smartphones, MS dissertation, Fraunhofer Institute for Secure Information Technology, Munich, Germany, 28th June 2011.

2. Michael Miller, Cloud Computing: Web-Based Applications That Change the Way You Work and Collaborate Online, 800 East 96th Street, Indianapolis, Indiana 46240.

3. B.-G.Chun, P.Maniatis, Augmented Smartphone Applications Through Clone Cloud Execution, In: Proceedings of the 12th conference on Hot topics in oerating systems (HotOS 2009), May 18-20, 2009, Monte Verità, Switzerland.

4. B.Zhao, Z.Xu, C.Chi, S.Zhu, and G.Cao, Mirroring Smartphones for Good: A Feasibility Study, ZTE Communications, 18th March 2011, Accessed 3rd May 2012

5. Amazon Virtual Private Cloud (Amazon VPC),

   Accessed 5th May 2011. http://aws.amazon.com/vpc/

6. A. Houmansadr, Saman A. Zonouz, and R. Berthier, A Cloud-based Intrusion Detection and Response System for Mobile Phones, University of Illinois at Urbana- Champaign.

7. A. Iosup, S. Ostermann, M. Nezih Yigitbasi, R. Prodan,

   T. Fahringer and D. H. J. Epema, Performance Analysis of Cloud Computing Services for Many-Tasks Scientific Computing, in IEEE Transactions On Parallel And Distributed Systems, vol. 22, no. 6, Jun. 2011.

8. Android-x86-Porting Android to x86, http://www.android-x86.org/download/, Accessed 28 Apr, 2012.

9. Application Fundamentals | Android Developers, http://developer.android.com/guide/topics/fundamentals.ht ml.

10. AVG Mobilation for Android Smart phones & Tablets, AVG Home Security,

    http://www.avg.com/de-en/antivirus-for-android, Accessed 6th May 2012.

11. A. Tripathi and A. Mishra, Cloud Computing Security Considerations, IT Division DOEACC Society, Gorakhpur Centre Gorakhpur, India.

12. B.-G. Chun and P. Maniatis, Augmented Smartphone Applications Through Clone Cloud Execution, in Proc.12th Conf Hot topics in operating Systems (HotOS 2009), Monte Verità, Switzerland, May 18-20, 2009.

13. B.-G. Chun, S. Ihm, P. Maniatis, M. Naik and A. Patti, Secure & Adaptable MobileCloud Computing, in Proc. 6th Conf. Computer Systems (EuroSys11), Salzburg, Austria, Apr 10-13, 2011.

14. Byung-Gon Chun, Sunghwan Ihm, P. Maniatis, M. Naik and Ashwin Patti, CloneCloud, elastic execution between mobile device and cloud, in EuroSys, 2011.

15. B. Zhao, Z. Xu, C. Chi, S. Zhu and G. Cao, Mirroring Smart phones for Good: A Feasibility Study, ZTE Communications,

    http://wwwen.zte.com.cn/endata/magazine/ztecommunicati ons/2011 ar/no1/articles/201103/t20110318_224543.html, Mar 18, 2011.

16. CloudTweeks, Jul 2, 2012, http://www.cloudtweaks.com/2012/07/the-4-primary-cloud- deployment-models/#ixzz1zXodgFaP, Accessed 19th Jul, 2012.

17. C. Gong, J. Liu, Q. Zhang, H. Chen and Z. Gong, The Characteristics of Cloud Computing, in 39th International Conference on Parallel Processing Workshops, Department of Computer Sciences National University of Defense Technology Changsha, China, 2010.