Global ETD Search

1	Inferring models from cloud APIs and reasoning over them : a tooled and formal approach / Inférer des modèles à partir d'APIs cloud et raisonner dessus : une approche outillée et formelle Challita, Stéphanie 21 December 2018 (has links) Avec l’avènement de l’informatique en nuage, différents fournisseurs offrant des services en nuage et des interfaces de programmation d’applications (APIs) hétérogènes sont apparus. Cette hétérogénéité complique la mise en œuvre d’un système de multi-nuages interopérable. Parmi les solutions pour l’interopérabilité de multi-nuages, l’Ingénierie Dirigée par les Modèles (IDM) s’est révélée avantageuse. Cependant, la plupart des solutions IDM existantes pour l’informatique en nuage ne sont pas représentatives des APIs et manquent de formalisation. Pour remédier à ces limitations, je présente dans cette thèse une approche basée sur le standard Open Cloud Computing Interface (OCCI), les approches IDM et les méthodes formelles. Je fournis deux contributions qui sont mises en œuvre dans le contexte du projet OCCIware. Premièrement, je propose une approche basée sur la rétro-ingénierie pour extraire des connaissances des documentations textuelles ambiguës des APIs de nuages et améliorer leur représentation à l’aide des techniques IDM. Cette approche est appliquée à Google Cloud Platform (GCP), où je propose GCP Model, une spécification précise et basée sur les modèles, automatiquement déduite de la documentation textuelle de GCP. Deuxièmement, je propose le cadre fclouds pour assurer une interopérabilité sémantique entre plusieurs nuages, i.e., pour identifier les concepts communs entre les APIs et raisonner dessus. Le langage fclouds est une formalisation des concepts et de la sémantique opérationnelle d’OCCI en employant le langage de spécification formel Alloy. Pour démontrer l’efficacité du langage fclouds, je spécifie formellement treize APIs et en vérifie les propriétés. / With the advent of cloud computing, different cloud providers with heterogeneous cloud services and Application Programming Interfaces (APIs) have emerged. This heterogeneity complicates the implementation of an interoperable multi-cloud system. Among the multi-cloud interoperability solutions, Model-Driven Engineering (MDE) has proven to be quite advantageous and is the mostly adopted methodology to rise in abstraction and mask the heterogeneity of the cloud. However, most of the existing MDE solutions for the cloud are not representative of the cloud APIs and lack of formalization. To address these shortcomings, I present in this thesis an approach based on Open Cloud Computing Interface (OCCI) standard, MDE, and formal methods. I provide two major contributions implemented in the context of the OCCIware project. First, I propose an approach based on reverse-engineering to extract knowledge from the ambiguous textual documentation of cloud APIs and to enhance its representation using MDE techniques. This approach is applied to Google Cloud Platform (GCP), where I provide GCP Model, a precise model-driven specification for GCP that is automatically inferred from GCP textual documentation. Second, I propose the fclouds framework to achieve semantic interoperability in multi-clouds, i.e., to identify the common concepts between cloud APIs and to reason over them. The fclouds language is a formalization of OCCI concepts and operational semantics in Alloy formal specification language. To demonstrate the effectiveness of the fclouds language, I formally specify thirteen case studies and verify their properties. Multi-Nuages Open Cloud Computing Interface (OCCI) Google Cloud Platform Alloy Langage dédié 004.678 2
2	Integrating Machine Learning with Web Application to Predict Diabetes Natarajan, Keerthana 05 October 2021 (has links) No description available. Computer Science Diabetes machine learning Pima Indian dataset Flask python web app Google Cloud Platform Soft Voting ensemble classifier
3	Testing Lifestyle Store Website Using JMeter in AWS and GCP Tangella, Ankhit, Katari, Padmaja January 2022 (has links) Background: As cloud computing has risen over the last decades, there are several cloud services accessible on the market, users may prefer to select those that are more flexible and efficient. Based on the preceding, we chose to research to evaluate cloud services in terms of which would be better for the user in terms ofgetting the needed data from the chosen website and utilizing JMeter for performance testing. If we continue our thesis study by assessing the performance of different sample users using JMeter as the testing tool, it is appropriate for our thesis research subject. In this case, the user interfaces of GCP and AWS are compared while doing several compute engine-related operations. Objectives: This thesis aims to test the website performance after deploying in two distinct cloud platforms.After the creation of instances in AWS, a domain in GCP and also the bucket, the website files are uploaded into the bucket. The GCP and AWS instances are connected to the lifestyle store website. The performance testing on the selected website is done on both services, and then comparison ofthe outcomes of our thesis research using the testing tool Jmeter is done. Methods: In these, we choose experimentation as our research methodology,and in this, the task is done in two cloud platforms in which the website will be deployed separately. The testing tool with performance testing is employed. JMeter is used to test a website’s performance in both possible services and then to gather our research results, and the visualization of the results are done in an aggregate graph, graphs and summary reports. The metrics are Throughput, average response time, median, percentiles and standard deviation. Results: The results are based on JMeter performance testing of a selected web-site between two cloud platforms. The results of AWS and GCP can be shown in the aggregate graph. The graph results are based on the testing tool to determine which service is best for users to obtain a response from the website for requested data in the shortest amount of time. We have considered 500 and 1000 users, and based on the results, we have compared the metrics throughput, average response time, standard deviation and percentiles. The 1000 user results are compared to know which cloud platform performs better. Conclusions: According to the results from the 1000 users, it can be concluded that AWS has a higher throughput than GCP and a less average response time.Thus, it can be said that AWS outperforms GCP in terms of performance. Amazon Web Service Cloud computing EC2 instance Google Cloud Platform JMeter S3 bucket Throughput Computer Sciences Datavetenskap (datalogi)
4	A Novel Framework For Detecting Subdomain State Against Takeover Attacks Jayaprakash, Rigved, Kalariyil Venugopal, Vishnu January 2022 (has links) The Domain Name System (DNS) oversees the internet's architecture, providing pointers to both internal and external services. Consequently, enterprises increase their attack surface while simultaneously increasing their exposure to potential cyber threats. Subdomain takeovers happen when a subdomain leads to a website that no longer exists. As a result, the subdomain will be in control of an attacker. A compromised subdomain may be the access point to many attacks like information threats, phishing attacks, infrastructure intrusion and many more. Subdomain takeover attacks are one of the overlooked attack surfaces related to cyber security. This thesis aims to investigate the subdomain takeover attacks, how the attacks happen, the attack methodology by an attacker and drawbacks in the current strategies and tools, which are countermeasures for subdomain takeover attacks. The research focuses on resolving an intrusion from happening within the perspective of an enterprise standpoint. A new custom framework which resolves the subdomain takeover attacks was developed. A comparative study of the newly developed framework and the existing open-source tools and their response to an attack scenario too is made. Also, a comparison of the leading cloud platforms was conducted and their existing security features and mitigation measures for similar attacks and threats. Domain Name Servers Subdomain Subdomain Takeovers Open-source tools Google Cloud Platform Dangling DNS Entry Second Order Subdomain Takeover Subdomain Enumeration and Discovery subdomain validation Computer Sciences Datavetenskap (datalogi)
5	Machine Learning implementation for Stress-Detection Madjar, Nicole, Lindblom, Filip January 2020 (has links) This project is about trying to apply machine learning theories on a selection of data points in order to see if an improvement of current methodology within stress detection and measure selecting could be applicable for the company Linkura AB. Linkura AB is a medical technology company based in Linköping and handles among other things stress measuring for different companies employees, as well as health coaching for selecting measures. In this report we experiment with different methods and algorithms under the collective name of Unsupervised Learning, to identify visible patterns and behaviour of data points and further on we analyze it with the quantity of data received. The methods that have been practiced on during the project are “K-means algorithm” and a dynamic hierarchical clustering algorithm. The correlation between the different data points parameters is analyzed to optimize the resource consumption, also experiments with different number of parameters are tested and discussed with an expert in stress coaching. The results stated that both algorithms can create clusters for the risk groups, however, the dynamic clustering method clearly demonstrate the optimal number of clusters that should be used. Having consulted with mentors and health coaches regarding the analysis of the produced clusters, a conclusion that the dynamic hierarchical cluster algorithm gives more accurate clusters to represent risk groups were done. The conclusion of this project is that the machine learning algorithms that have been used, can categorize data points with stress behavioral correlations, which is usable in measure testimonials. Further research should be done with a greater set of data for a more optimal result, where this project can form the basis for the implementations. / Detta projekt handlar om att försöka applicera maskininlärningsmodeller på ett urval av datapunkter för att ta reda på huruvida en förbättring av nuvarande praxis inom stressdetektering och åtgärdshantering kan vara applicerbart för företaget Linkura AB. Linkura AB är ett medicintekniskt företag baserat i Linköping och hanterar bland annat stressmätning hos andra företags anställda, samt hälso-coachning för att ta fram åtgärdspunkter för förbättring. I denna rapport experimenterar vi med olika metoder under samlingsnamnet oövervakad maskininlärning för att identifiera synbara mönster och beteenden inom datapunkter, och vidare analyseras detta i förhållande till den mängden data vi fått tillgodosett. De modeller som har använts under projektets gång har varit “K-Means algoritm” samt en dynamisk hierarkisk klustermodell. Korrelationen mellan olika datapunktsparametrar analyseras för att optimera resurshantering, samt experimentering med olika antal parametrar inkluderade i datan testas och diskuteras med expertis inom hälso-coachning. Resultaten påvisade att båda algoritmerna kan generera kluster för riskgrupper, men där den dynamiska modellen tydligt påvisar antalet kluster som ska användas för optimalt resultat. Efter konsultering med mentorer samt expertis inom hälso-coachning så drogs en slutsats om att den dynamiska modellen levererar tydligare riskkluster för att representera riskgrupper för stress. Slutsatsen för projektet blev att maskininlärningsmodeller kan kategorisera datapunkter med stressrelaterade korrelationer, vilket är användbart för åtgärdsbestämmelser. Framtida arbeten bör göras med ett större mängd data för mer optimerade resultat, där detta projekt kan ses som en grund för dessa implementeringar. BigQuery Cloud Computing Clustering Dynamic clustering algorithm Google Cloud Platform Health coaching HRV-values K-Means algorithm Machine learning Stress Unsupervised learning. Computer and Information Sciences Data- och informationsvetenskap
6	Autentiseringsprocesser i molnbaserade datortjänster Göthesson, Richard, Hedman, Gustav January 2016 (has links) Tidigare forskning har påvisat brister i olika former av autentiseringsprocesser som leder till autentiseringsattacker. Målet med vår studie är att presentera ett antal riktlinjer som företag och privatpersoner kan följa för att minimera risken för autentiseringsattacker. Metoderna som användes för att komma fram till dessa riktlinjer var kvalitativa där en praktisk observationsstudie, en litteraturstudie samt en enkätundersökning låg till grund för vår insamlade data. Resultatet av studien pekar på att Google Cloud Platform, Amazon Web Services och Microsoft Azure alla har en stark autentiseringsprocess i jämförelse med kritik från tidigare forskning. Enkätundersökningen visade dessutom att olika former av alternativ autentisering, såsom Two Factor Authentication (2FA) och Multi Factor Authentication (MFA), rekommenderas för ett starkt försvar mot autentiseringsattacker.Uppsatsens resultat pekar även på att användarens egenansvar i autentiseringsprocessen är av stor vikt för att minimera risken för autentiseringsattacker. Säkra lösenord bör konstrueras och frekvent bytas ut. Även alternativ autentisering och begränsning av användarens tillgång till känslig information bör tillämpas. / Previous research has shown deficiencies in various forms of authentication processes that lead to authentication attacks. The goal of our study is to present a number of guidelines that businesses and individuals can follow to minimize the risk of authentication attacks. The methods used to reach these guidelines were qualitative. They consisted of a practical observational study, a literature review and a survey, which formed the basis of our collected data. The results of the study indicate that Google Cloud Platform, Amazon Web Services and Microsoft Azure all have a strong authentication process in comparison with the criticism of previous research. The survey also showed that different forms of authentication methods, such as the Two Factor Authentication (2FA) and Multi Factor Authentication (MFA), are recommended for a strong defense against authentication attacks.The thesis’ results also points to the user’s own responsibility in the authentication process are essential to minimize the risk of authentication attacks. Secure passwords should be designed and frequently replaced. Alternative authentication and restricted access to sensitive information for the user should also be applied. molnbaserade datortjänster autentiseringsattacker autentisering Microsoft Azure Google Cloud Platform Amazon Web Services authentication cloud computing guidelines authentication attacks Engineering and Technology Teknik och teknologier
7	Cost optimization in the cloud : An analysis on how to apply an optimization framework to the procurement of cloud contracts at Spotify Ekholm, Harald, Englund, Daniel January 2020 (has links) In the modern era of IT, cloud computing is becoming the new standard. Companies have gone from owning their own data centers to procuring virtualized computational resources as a service. This technology opens up for elasticity and cost savings. Computational resources have gone from being a capital expenditure to an operational expenditure. Vendors, such as Google, Amazon, and Microsoft, offer these services globally with different provisioning alternatives. In this thesis, we focus on providing a cost optimization algorithm for Spotify on the Google Cloud Platform. To achieve this we construct an algorithm that breaks up the problem in four different parts. Firstly, we generate trajectories of monthly active users. Secondly, we split these trajectories up in regions and redistribute monthly active users to better describe the actual Google Cloud Platform footprint. Thirdly we calculate usage per monthly active users quotas from a representative week of usage and use these to translate the redistributed monthly active users trajectories to usage. Lastly, we apply an optimization algorithm to these trajectories and obtain an objective value. These results are then evaluated using statistical methods to determine the reliability. The final model solves the problem to optimality and provides statistically reliable results. As a consequence, we can give recommendations to Spotify on how to minimize their cloud cost, while considering the uncertainty in demand. cloud computing Spotify monte carlo MC stochastic processes stochastic programming Google Cloud Platform GCP IT computational resources optimization cost optimization forecast procurement Mathematics Matematik Probability Theory and Statistics Sannolikhetsteori och statistik Mathematical Analysis Matematisk analys Computational Mathematics Beräkningsmatematik
8	A Qualitative Comparative Analysis of Data Breaches at Companies with Air-Gap Cloud Security and Multi-Cloud Environments T Richard Stroupe Jr. (17420145) 20 November 2023 (has links) <p dir="ltr">The purpose of this qualitative case study was to describe how multi-cloud and cloud-based air gapped system security breaches occurred, how organizations responded, the kinds of data that were breached, and what security measures were implemented after the breach to prevent and repel future attacks. Qualitative research methods and secondary survey data were combined to answer the research questions. Due to the limited information available on successful unauthorized breaches to multi-cloud and cloud-based air gapped systems and corresponding data, the study was focused on the discovery of variables from several trustworthily sources of secondary data, including breach reports, press releases, public interviews, and news articles from the last five years and qualitative survey data. The sample included highly trained cloud professionals with air-gapped cloud experience from Amazon Web Services, Microsoft, Google and Oracle. The study utilized unstructured interviews with open-ended questions and observations to record and document data and analyze results.</p><p dir="ltr">By describing instances of multi-cloud and cloud-based air gapped system breaches in the last five years this study could add to the body of literature related to best practices for securing cloud-based data, preventing data breach on such systems, and for recovering from breach once it has occurred. This study would have significance to companies aiming to protect secure data from cyber attackers. It would also be significant to individuals who have provided their confidential data to companies who utilize such systems. In the primary data, 12 themes emerged. The themes were Air Gap Weaknesses Same as Other Systems, Misconfiguration of Cloud Settings, Insider Threat as Attack Vector, Phishing as Attack Vector, Software as Attack Vector, and Physical Media as Attack Vector, Lack of Reaction to Breaches, Better Authentication to Prevent Breaches, Communications, and Training in Response to Breach, Specific Responses to Specific Problems, Greater Separation of Risk from User End, and Greater Separation of Risk from Service End. For secondary data, AWS had four themes, Microsoft Azure had two, and both Google Cloud and Oracle had three.</p> Cloud computing air-gapped systems cloud-based air-gapped systems cybersecurity cybersecurity breach multi-cloud environments security measures cybersecurity attack Amazon Web Services (AWS) Google Cloud Platform Microsoft Azure Cloud oracle cloud infrastructure
9	Introducing the Modern and Future Development of “Web Applications” Using JHipster Development Platform. Vilcinskaite, Milena January 2021 (has links) Generating web applications with correct structure and modern functionalities using a development platform is not widely known for students in academia around the world. Modern web development is moving further towards advancement where different functionalities adapted for web application development increase and become more central in today's market. Introducing modern concepts in web application development to the students in academia at an early stage is essential in order to provide better insight of how to suitably develop and maintain the structure of modern "Web Applications". This thesis describes the work carried out to investigate how a web application can effectively be developed and structured by the undergraduate students in the course II1302 Projects and project methods at the Royal Institute of Technology (KTH) using a development platform. The case study is conducted as a research method for this thesis. The research method revolved around experimentation with an example application to identify the possibilities of using a development platform in conjunction to improve the teaching of modern web application development early in education, and then apply the development platform in the course's future projects. This thesis identifies pertinent fields of knowledge throughout the development of a web application using the development platform to learn about the relevant concepts and definitions of modern and future technologies used in web application development. The implementation of the web application covers the areas such as automation, deployment, and monitoring. These areas are utilized in the form of the following aspects: DevOps, CI/CD, integration cloud deployment, IoT simulated device, MVC design pattern architecture for both frontend and backend, programming frameworks, i.e., Angular JS frontend framework and Spring Boot backend framework. A description of how the application is managed and what technologies and resources are used is presented. These aspects are used throughout the process of web application development. The requirements of using the development platform aim to be relevant to the students' studies at a sufficient difficulty level in course II1302. The students are expected to have an extended knowledge in basic web application development. / Att generera webbapplikationer med rätt struktur och moderna funktioner med hjälp av en utvecklingsplattform är inte allmänt känt för studenter inom akademin runt om i världen. Modern webbutveckling går vidare mot avancemang där olika funktioner anpassade för webbapplikationsutveckling ökar och blir mer centrala på dagens marknad. Att introducera moderna koncept inom webbapplikationsutveckling för studenter i akademin på ett tidigt stadium är viktigt för att ge bättre insikt om hur man på ett lämpligt sätt kan utveckla och behålla strukturen för moderna "Web Applications". Denna avhandling beskriver arbetet med att undersöka hur en webbapplikation effektivt kan utvecklas och struktureras av studenterna i kursen II1302 Projekt och projektmetoder vid Royal Institute of Technology (KTH) med hjälp av en utvecklingsplattform. Fallstudien genomförs som en forskningsmetod för denna avhandling. Forskningsmetoden kretsade kring experiment med en exempelapplikation för att identifiera möjligheterna att använda en utvecklingsplattform tillsammans för att förbättra undervisningen i modern webbapplikationsutveckling tidigt i utbildningen och sedan tillämpa utvecklingsplattformen i kursens framtida projekt. Denna avhandling identifierar relevanta kunskapsområden genom utvecklingen av en webbapplikation med hjälp av utvecklingsplattformen för att lära sig relevanta begrepp och definitioner av modern och framtida teknik som används i webbapplikationsutveckling. Implementeringen av webbapplikationen täcker områden som automatisering, distribution och övervakning. Dessa områden används i form av följande aspekter: DevOps, CI/CD, integration av moln, IoT -simulerad enhet, MVC -designmönsterarkitektur för både frontend och backend, programmeringsramar, dvs Angular JS frontend framework och Spring Boot backend framework. En beskrivning av hur applikationen hanteras och vilken teknik och resurser som används presenteras. Dessa aspekter används under hela processen för webbapplikationsutveckling. Kraven för att använda utvecklingsplattformen syftar till att vara relevanta för studenternas studier med tillräcklig svårighetsgrad i kurs II1302. Studenterna förväntas ha en utökad kunskap inom grundläggande webbapplikationsutveckling. Google Cloud Platform Simulated IoT device Web application development JHipster application structure generator CI/CD integration Angular JS Student experience Student project. Google Cloud Plattform Simulerad IoT-enhet Webb applikationsutveckling JHipster applikationsstruktur generator CI/CD integration Angular JS Student erfarenhet Studentprojekt. Computer Engineering Datorteknik

Search results