Research On The Security Of YARN And Its Application For Vehicular Ad-hoc Networks

The so-called "cloud" actually is a metaphor of the Internet and its underlying infrastructure.Cloud Computing(CC)is exactly a kind of service and interactive mode based on the Internet,which can provide virtualized resources.Hence,it is safe to say that the basis of network information security is to protect the network information system and ensure its security,integrity,privacy,etc.Vehicular Ad hoc Network(VANET)is the core of Intelligent Transportation System(ITS).Many applications such as safety driving assist and traffic condition sharing would be applied by VANET,which is of huge significance for improving traffic management and guaranteeing road safety.VCC(Vehicular Cloud Computing)integrates all available resources in VANET to provide various real-time services and optimize traffic congestion etc.However,security and privacy issues must be addressed before VCC is widely accepted and implemented;And the security of cloud computing will be the key to solving these problems.Based on Hadoop 2.0,which is the most popular open source cloud computing platform now,this study focused on how to ensure that YARN(Yet Another Resource Negotiator)could process Internet information while guaranteeing data security.Specifically,in order to improve YARN in the aspects of security,integrity and privacy,this study first proposed three prototype frameworks,which were YRPF(YARN Reliability Protection Framework),YIPF(YARN Integrity Protection Framework)and YPPF(YARN Privacy Protection Framework)respectively.Its practicability and effectiveness were tested then by theoretical derivation analysis and real cluster experiments.And they also unify to form a secure YARN framework.In the meantime,the universality,performance and application value of the new YARN framework were proved by combining with the actual application scenarios in VCC.The main research contents of this paper are as follows:1.Proposing YARN Reliability Protection FrameworkBased on the basic replication principle of SE(Speculative Execution)and the calculation of MD5 hash value,this study proposed a YARN Reliability Protection Framework,which would guarantee the accuracy of the intermediate and final result of Map Reduce.Then,prototype YRPF was built based on Hadoop2.8.0.First of all,through theoretical derivation and simulation,it could be seen that YRPF malicious nodes rose with the increase of the predicted execution ratio Er,the probability P,and t(the number of jobs executed by MRv2).As long as t ? 25 and P ? 0.2,even though Er ? 30%,the desired detection rate of malicious nodes,that is Dratio ? 85%,could be achieved.In addition,the larger P is,the higher Dratio will be.Secondly,this study proved that YRPF could not only guarantee the accuracy of the results of Map Reduce,but also made sure the malicious nodes in the Hadoop cluster ranging from 87% to 93.3%,which was consistent with the theoretical simulation expectations.2.Proposing YARN Integrity Protection FrameworkBased on the verification method of Hash tree,this study proposed YIPF(YARN Integrity Protection Framework).It combined the advantages of private and public clouds to form a hybrid cloud structure.This study systematically introduced the design and application of YIPF,and conducted qualitative and quantitative analysis for its security.Qualitative analysis showed that if a potential malicious node executed malicious behavior and the result set was selected by YIPF as an object in the Map validation phase,the node must be found.Moreover,because YIPF randomly verified the results,potential malicious nodes could not be predicted in advance,which led to the failure of deceiving and hiding.Meanwhile quantitative analysis could make up for the deficiency of qualitative analysis.To be specific,it could effectively find potential malicious nodes in the cluster through introduce sampling ratio,probability of malicious behavior,detection probability and number of error results into the verification stage of Map and Reduce,and through parameter setting and refinement.Last,this study conducted an experiment based on the real cluster of YRPF.The experiment still used three different scenarios and the Word Count benchmark to verify the YIPF's performance.Results showed that YIPF consumed little resource of nodes in the cluster and had little impact on CPU usage,hard disk throughput and network throughput.It only could improve the memory usage of RM a little.These results proved that YIPF was effective in protecting the integrity of network information in Hadoop cluster,and could also provide security protection.3.Proposing YARN Privacy Protection FrameworkThe third main property of network information security is the privacy of data.In order to protect the privacy of customers using Map Reduce to process data,the study added PPL(Privacy Preserving Layer)between the data cloud storage end and the customer-specified Map Reduce task,which formed a highly private YARN framework,or YPPF for short.The original data set was stored in the cloud,and even the data owner cannot directly access it.They must first specify a privacy request and submit it to PPL.PPL would be responsible for collecting and anonymizing the original data set based on it.Then,data user could specify the application logic in Map Reduce,and ran jobs on the anonymous dataset.From start to finish,data for YPPF operation remained anonymous,and only the data owner could use Map Reduce to process data,which protected the privacy of data.In the real cluster experiment,Test DFSIO is used to test YPPF's impact on file system I/O performance.Experimental results showed that the time consumption of YPPF increased by less than 8%,which barely had impact on HDFS,and even improved network bandwidth utilization.4.Appling the security YARN framework on VCC to discuss security,performance and coping strategiesTo ensure the security of VCC,except for the secure YARN framework,the reliability of nodes and security of routing protocol should be guaranteed.Hence,this study proposed the definition of “trusted node” and the routing protocol of a trusted secure GPSR routing protocol.Through simulation experiment,this study proved that the protocol could not only protect the neighbor location information table of nodes in VANET from malicious tampering,but also reduce group drop rate by around 10%.Secondly,this study examined the application of YARN framework on VCC.If VCC were to transmit packet packets in the DSRC,the average packet collision rate in the Map Reduce shuffle phase would be 9.35%,which took approximately 10 times the total time to reach the cable network.It means that YARN cannot process large amounts of data efficiently in the regular scenario of VCC because of the poor transmission of wireless dynamic data.Then,the study analyzed this defect in the parking lot application scenario.With DSRC communication distance maintained,RM divided the entire VCC into a number of groups,and the centralized TDMA is a good choice for managing all VCC groups.Taken together,by completing the researches above,this paper achieved the goal of improving the reliability,integrity and privacy of YARN,proposed three prototype frameworks – YRPF,YIPF and YPPF,and verified the rationality,validity and effectiveness.It is applied to VANET scenario to maintain the security of VCC together with the trusted secure routing protocol,and the network performance is investigated and a solution is proposed.