nach oben

The Journal of Supercomputing

Erschienen in:

30.03.2017

A game theoretic-based distributed detection method for VM-to-hypervisor attacks in cloud environment

verfasst von: Amin Nezarat, Yaser Shams

Erschienen in: The Journal of Supercomputing | Ausgabe 10/2017

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Cloud computing is a pool of scalable virtual resources serving a large number of users who pay fees depending on the extent of utilized service. From payment perspective, cloud is like electricity and water as people who use more of this shared pool should pay larger fees. Cloud computing involves a diverse set of technologies including networking, virtualization and transaction scheduling. Thus, it is vulnerable to a wide range of security threats. Some of the most important security issues threatening the cloud computing systems originate from virtualization technology, as it constitutes the main body and basis of these systems. The most important virtualization-based security threats include VM side channel, VM escape and rootkit attacks. The previous works on the subject of virtualization security rely on hardware approaches such as the use of firewalls, which are expensive, the use of schedulers to control the side channels along with noise injection, which impose high overhead, or the use of agents to collect information and send them back to a central intrusion detection system, which itself can become the target of attacker. In the method presented in this paper, a group of mobile agents act as the sensors of invalid actions in the cloud environment. They start a noncooperative game with the suspected attacker and then calculate the Nash equilibrium value and utility so as to differentiate an attack from legitimate requests and determine the severity of attack and its point of origin. The simulation results show that this method can detect the attacks with 86% accuracy. The use of mobile agents and their trainability feature has led to reduced system overhead and accelerated detection process.

Vorheriger Artikel Modelling parallel overhead from simple run-time records

Nächster Artikel To be silent or not: on the impact of evictions of clean data in cache-coherent multicores

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Modi C, Patel D, Borisaniya B, Patel A, Rajarajan M (2013) A survey on security issues and solutions at different layers of cloud computing. J Supercomput 63(2):561–592CrossRef

Gritzalis S, Liu L (2013) Requirements engineering for security, privacy and services in cloud environments. Requir Eng 18(4):297CrossRef

Srinivasan MK, Sarukesi K, Rodrigues P, Manoj MS, Revathy P (2012) State-of-the-art cloud computing security taxonomies: a classification of security challenges in the present cloud computing environment. In: Proceedings of the International Conference on Advances in Computing, Communications and Informatics. ACM, pp 470–476

Zissis D, Lekkas D (2012) Addressing cloud computing security issues. Future Gener Comput Syst 28(3):583–592CrossRef

Fatema K, Emeakaroha VC, Healy PD, Morrison JP, Lynn T (2014) A survey of cloud monitoring tools: taxonomy, capabilities and objectives. J Parallel Distrib Comput 74(10):2918–2933CrossRef

Keromytis AD, Misra V, Rubenstein D (2004) SOS: an architecture for mitigating DDoS attacks. IEEE J Sel Areas Commun 22(1):176–188CrossRef

Wa Wang Z, Lee RB (2008) A novel cache architecture with enhanced performance and security. In: 41st IEEE/ACM International Symposium on Microarchitecture, 2008. MICRO-41. IEEE, pp 83–93

Avram MG (2014) Advantages and challenges of adopting cloud computing from an enterprise perspective. Procedia Technol 12:529–534CrossRef

Carroll M, Van Der Merwe A, Kotze P (2011, August) Secure cloud computing: benefits, risks and controls. In: Information Security South Africa (ISSA), 2011. IEEE, pp 1–9

10.

Ertaul L, Singhal S, Saldamli G (2010) Security challenges in cloud computing. In: International Conference on Security and Management, Las Vegas, pp 36–42

11.

Yang J, Chen Z (2010) Cloud computing research and security issues. In: 2010 International Conference on Computational Intelligence and Software Engineering (CiSE). IEEE, pp 1–3

12.

Khalil IM, Khreishah A, Azeem M (2014) Cloud computing security: a survey. Computers 3(1):1–35CrossRef

13.

Gibbons R (1992) A primer in game theory. Harvester Wheatsheaf, BirminghamMATH

14.

Von Neumann J, Morgenstern O (2007) Theory of games and economic behavior. Princeton University Press, PrincetonMATH

15.

Liu F, Ren L, Bai H (2014) Mitigating cross-vm side channel attack on multiple tenants cloud platform. J Comput 9(4):1005–1013

16.

Kong J, Aciiçmez O, Seifert JP, Zhou H (2009) Hardware–software integrated approaches to defend against software cache-based side channel attacks. In: IEEE 15th International Symposium on High Performance Computer Architecture, 2009. HPCA 2009. IEEE, pp 393–404

17.

Aciicmez O, Kong J, Seifert JP, Zhou H (2008) Deconstructing new cache designs for thwarting software cache-based side channel attacks. In: Proceedings of the 2nd ACM Workshop on Computer Security Architectures. ACM, pp 25–34

18.

Lombardi F, Di Pietro R (2011) Secure virtualization for cloud computing. J Netw Comput Appl 34(4):1113–1122CrossRef

19.

Eid M (2004) A new mobile agent-based intrusion detection system using distributed sensors. In: Proceeding of FEASC, pp 114–125

20.

Nezarat A (2013) A novel model for detecting intrusion with mobile agent and game theory. In: Fourth International Conference on Information and Communication Technology, Tehran, pp 120–134

21.

Maskat K, Shukran MAM, Khairuddin MA, Isa MRM (2011) Mobile agents in intrusion detection system: review and analysis. Mod Appl Sci 5(6):218CrossRef

22.

Calheiros RN, Ranjan R, Beloglazov A, De Rose CA, Buyya R (2011) CloudSim: a toolkit for modeling and simulation of cloud computing environments and evaluation of resource provisioning algorithms. Softw Pract Exp 41(1):23–50CrossRef

23.

Chandolikar NS, Nandavadekar VD (2012) Selection of relevant feature for intrusion attack classification by analyzing KDD Cup 99. MIT Int J Comput Sci Inf Technol 2(2):85–90

24.

Menzel M, Meinel C (2009) A security meta-model for service-oriented architectures. In: IEEE Conference on Services Computing, pp 1–9

25.

Burney SMA, Khan MSA, Jilani TA (2010) Feature deduction and ensemble design of parallel neural networks for intrusion detection system. IJCSNS 10(10):259

26.

Kandeeban SS, Rajesh RS (2010) Integrated intrusion detection system using soft computing. IJ Netw Secur 10(2):87–92

27.

Hassan MMM (2013) Network intrusion detection system using genetic algorithm and fuzzy logic. Int J Innov Res Comput Commun Eng 1(7):1435–1445

28.

Nezarat A, Dastghaibyfard G (2016) A game theoretical model for profit maximization resource allocation in cloud environment with budget and deadline constraints. J Supercomput 72:4737. doi:10.1007/s11227-016-1782-z

29.

Nezarat A, Dastghaibyfard G (2016) A game theoretic method for resource allocation in scientific cloud. Int J Cloud Appl Comput (IJCAC) 6(1). doi:10.4018/IJCAC.2016010102

Titel: A game theoretic-based distributed detection method for VM-to-hypervisor attacks in cloud environment
verfasst von: Amin Nezarat
Yaser Shams
Publikationsdatum: 30.03.2017
Verlag: Springer US
Erschienen in: The Journal of Supercomputing / Ausgabe 10/2017
Print ISSN: 0920-8542
Elektronische ISSN: 1573-0484
DOI: https://doi.org/10.1007/s11227-017-2025-7

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Weitere Artikel der Ausgabe 10/2017

A dynamic VM consolidation technique for QoS and energy consumption in cloud environment

A partitioning framework for Cassandra NoSQL database using Rendezvous hashing

Fault-tolerant routing methodology for hypercube and cube-connected cycles interconnection networks

An enhanced active caching strategy for data-intensive computations in distributed GIS

An iso-time scaling method for big data tasks executing on parallel computing systems

Atrak: a MapReduce-based data warehouse for big data