Skip to main content

2020 | OriginalPaper | Buchkapitel

Defender Vs Attacker Security Game Model for an Optimal Solution to Co-resident DoS Attack in Cloud

verfasst von : S. Rethishkumar, R. Vijayakumar

Erschienen in: Intelligent Communication Technologies and Virtual Mobile Networks

Verlag: Springer International Publishing

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Virtual Machines (VM) are considered as the fundamental components to cloud computing systems. Though VMs provide efficient computing resources, they are also exposed to several security threats. While some threats are easy to block, some attacks such as co-resident attacks are much harder even to detect. This paper proposes Defender Vs Attacker Security Game Model otherwise called Two-Player security game approach based defense mechanism for minimizing the Co-resistance DOS attacks by making it hard for intruders to initiate attacks. The proposed defense mechanism first analyzes the attacker behavior difference between attacker and normal users under PSSF VM allocation policy. Then the clustering analysis is performed by EDBSCAN (Enhanced Density-based Spatial Clustering of Applications with Noise). The partial labeling is done depending on the clustering algorithm to partially distinguish the users as legal or malicious. Then the semi-supervised learning using Deterministic Annealing Semi-supervised SVM (DAS3VM) optimized by branch and bounds method is done to classify the nodes. Once the user accounts are classified, the two-player security game approach is utilized to increase the cost of launching new VMs thus minimizing the probability of initiating co-resident DOS attack.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Literatur
1.
Zurück zum Zitat Bedi, H.S., Shiva, S.: Securing cloud infrastructure against co-resident DoS attacks using game theoretic defense mechanisms. In: Proceedings of the International Conference on Advances in Computing, Communications and Informatics, pp. 463–469. ACM (2012) Bedi, H.S., Shiva, S.: Securing cloud infrastructure against co-resident DoS attacks using game theoretic defense mechanisms. In: Proceedings of the International Conference on Advances in Computing, Communications and Informatics, pp. 463–469. ACM (2012)
2.
Zurück zum Zitat Han, Y., Alpcan, T., Chan, J., Leckie, C.: Security games for virtual machine allocation in cloud computing. In: International Conference on Decision and Game Theory for Security, pp. 99–118. Springer, Cham (2013)MATH Han, Y., Alpcan, T., Chan, J., Leckie, C.: Security games for virtual machine allocation in cloud computing. In: International Conference on Decision and Game Theory for Security, pp. 99–118. Springer, Cham (2013)MATH
3.
Zurück zum Zitat Han, Y., Alpcan, T., Chan, J., Leckie, C., Rubinstein, B.I.: A game theoretical approach to defend against co-resident attacks in cloud computing: preventing co-residence using semi-supervised learning. IEEE Trans. Inf. Forensics Secur. 11(3), 556–570 (2016)CrossRef Han, Y., Alpcan, T., Chan, J., Leckie, C., Rubinstein, B.I.: A game theoretical approach to defend against co-resident attacks in cloud computing: preventing co-residence using semi-supervised learning. IEEE Trans. Inf. Forensics Secur. 11(3), 556–570 (2016)CrossRef
4.
Zurück zum Zitat Kwiat, L., Kamhoua, C.A., Kwiat, K.A., Tang, J., Martin, A.: Security-aware virtual machine allocation in the cloud: A game theoretic approach. In: 2015 IEEE 8th International Conference on Cloud Computing, pp. 556–563. IEEE (2015) Kwiat, L., Kamhoua, C.A., Kwiat, K.A., Tang, J., Martin, A.: Security-aware virtual machine allocation in the cloud: A game theoretic approach. In: 2015 IEEE 8th International Conference on Cloud Computing, pp. 556–563. IEEE (2015)
5.
Zurück zum Zitat Do, C.T., Tran, N.H., Hong, C., Kamhoua, C.A., Kwiat, K.A., Blasch, E., Ren, S., Pissinou, N., Iyengar, S.S.: Game theory for cyber security and privacy. ACM Comput. Surv. (CSUR) 50(2), 30 (2017)CrossRef Do, C.T., Tran, N.H., Hong, C., Kamhoua, C.A., Kwiat, K.A., Blasch, E., Ren, S., Pissinou, N., Iyengar, S.S.: Game theory for cyber security and privacy. ACM Comput. Surv. (CSUR) 50(2), 30 (2017)CrossRef
6.
Zurück zum Zitat Chen, J., Zhu, Q.: Security as a service for cloud-enabled internet of controlled things under advanced persistent threats: a contract design approach. IEEE Trans. Inf. Forensics Secur. 12(11), 2736–2750 (2017)CrossRef Chen, J., Zhu, Q.: Security as a service for cloud-enabled internet of controlled things under advanced persistent threats: a contract design approach. IEEE Trans. Inf. Forensics Secur. 12(11), 2736–2750 (2017)CrossRef
7.
Zurück zum Zitat Njilla, L.Y., Pissinou, N., Makki, K.: Game theoretic modeling of security and trust relationship in cyberspace. Int. J. Commun. Syst 29(9), 1500–1512 (2016)CrossRef Njilla, L.Y., Pissinou, N., Makki, K.: Game theoretic modeling of security and trust relationship in cyberspace. Int. J. Commun. Syst 29(9), 1500–1512 (2016)CrossRef
8.
Zurück zum Zitat Wu, H., Wang, W.: A game theory based collaborative security detection method for internet of things systems. IEEE Trans. Inf. Forensics Secur. 13(6), 1432–1445 (2018)CrossRef Wu, H., Wang, W.: A game theory based collaborative security detection method for internet of things systems. IEEE Trans. Inf. Forensics Secur. 13(6), 1432–1445 (2018)CrossRef
9.
Zurück zum Zitat Hasan, M.G.M.M., Rahman, M.A.: Protection by detection: a signaling game approach to mitigate co-resident attacks in cloud. In: 2017 IEEE 10th International Conference on Cloud Computing (CLOUD), pp. 552–559. IEEE (2017) Hasan, M.G.M.M., Rahman, M.A.: Protection by detection: a signaling game approach to mitigate co-resident attacks in cloud. In: 2017 IEEE 10th International Conference on Cloud Computing (CLOUD), pp. 552–559. IEEE (2017)
10.
Zurück zum Zitat Rethishkumar, S., Vijayakumar, R.: Two-Player Security Game Approach Based Co-Resident Dos Attack Defence Mechanism for Cloud Computing (2017) Rethishkumar, S., Vijayakumar, R.: Two-Player Security Game Approach Based Co-Resident Dos Attack Defence Mechanism for Cloud Computing (2017)
11.
Zurück zum Zitat Annapoorani, S., Srinivasan, B., Mylavathi, G.A.: Analysis of various virtual machine attacks in cloud computing. In: 2018 2nd International Conference on Inventive Systems and Control (ICISC), pp. 1016–1019. IEEE (2018) Annapoorani, S., Srinivasan, B., Mylavathi, G.A.: Analysis of various virtual machine attacks in cloud computing. In: 2018 2nd International Conference on Inventive Systems and Control (ICISC), pp. 1016–1019. IEEE (2018)
12.
Zurück zum Zitat Jebalia, M., Letaïfa, A.B., Hamdi, M., Tabbane, S.: A secure data storage based on revocation game-theoretic approaches in cloud computing environments. In: 2017 13th International Wireless Communications and Mobile Computing Conference (IWCMC), pp. 435–440. IEEE (2017) Jebalia, M., Letaïfa, A.B., Hamdi, M., Tabbane, S.: A secure data storage based on revocation game-theoretic approaches in cloud computing environments. In: 2017 13th International Wireless Communications and Mobile Computing Conference (IWCMC), pp. 435–440. IEEE (2017)
13.
Zurück zum Zitat Abdul Wahab, O.: Game-theoretic foundations for forming trusted coalitions of multi-cloud services in the presence of active and passive attacks. Ph.D. dissertation, Concordia University (2017) Abdul Wahab, O.: Game-theoretic foundations for forming trusted coalitions of multi-cloud services in the presence of active and passive attacks. Ph.D. dissertation, Concordia University (2017)
14.
Zurück zum Zitat Njilla, L.L.Y.: Modeling Security and Resource Allocation for Mobile Multi-hop Wireless Networks Using Game Theory (2015) Njilla, L.L.Y.: Modeling Security and Resource Allocation for Mobile Multi-hop Wireless Networks Using Game Theory (2015)
16.
Zurück zum Zitat Zhang, Y., Reiter, M.K.: Düppel: retrofitting commodity operating systems to mitigate cache side channels in the cloud. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 827–838. ACM (2013) Zhang, Y., Reiter, M.K.: Düppel: retrofitting commodity operating systems to mitigate cache side channels in the cloud. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 827–838. ACM (2013)
Metadaten
Titel
Defender Vs Attacker Security Game Model for an Optimal Solution to Co-resident DoS Attack in Cloud
verfasst von
S. Rethishkumar
R. Vijayakumar
Copyright-Jahr
2020
DOI
https://doi.org/10.1007/978-3-030-28364-3_54