A cost-effective security management for clouds: A game-theoretic deception mechanism

Mohammad Taghi Adili, Amin Mohammadi, Mohammad Hossein Manshaei, Mohammad Ashiqur Rahman

Research output: Chapter in Book/Report/Conference proceedingConference contribution

13 Scopus citations

Abstract

The Information Technology (IT) is observing a rising shift toward cloud computing due to its attractive on-demand storage and computing capabilities that allow moving the computing and storage load from the owner's side to the service provider's place and enjoying the data or computed results efficiently anywhere anytime. This growing use of clouds also introduces significant security concerns, as sensitive data and critical applications are increasingly being moved to clouds. Recent work also reveals different security threats, e.g., side-channel attacks, against cloud services. In this work, we address the need of improved solutions for the security management of cloud computing. We propose a moving target-based deceptive defense mechanism where the moving target idea is centered on frequent migrations of the virtual machines (VMs). We make the moves cost-efficient by modeling the problem as a signaling game between the adversary and the VMs and introducing deceptions. We solve the game and obtain two Nash equilibria. These results illustrate the best possible moves by the adversary and the corresponding strategy for the VMs that should reduce the adversary's chance of being successful at most.

Original languageEnglish (US)
Title of host publicationProceedings of the IM 2017 - 2017 IFIP/IEEE International Symposium on Integrated Network and Service Management
EditorsProsper Chemouil, Paulo Simoes, Edmundo Madeira, Stefano Secci, Edmundo Monteiro, Luciano Paschoal Gaspary, Carlos Raniery P. dos Santos, Marinos Charalambides
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages98-106
Number of pages9
ISBN (Electronic)9783901882890
DOIs
StatePublished - Jul 20 2017
Externally publishedYes
Event15th IFIP/IEEE International Symposium on Integrated Network and Service Management, IM 2017 - Lisbon, Portugal
Duration: May 8 2017May 12 2017

Publication series

NameProceedings of the IM 2017 - 2017 IFIP/IEEE International Symposium on Integrated Network and Service Management

Conference

Conference15th IFIP/IEEE International Symposium on Integrated Network and Service Management, IM 2017
Country/TerritoryPortugal
CityLisbon
Period5/8/175/12/17

Keywords

  • Cloud computing
  • VM migration
  • deceptive strategies
  • game-theoretic analysis
  • moving target defense

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Hardware and Architecture
  • Information Systems and Management

Fingerprint

Dive into the research topics of 'A cost-effective security management for clouds: A game-theoretic deception mechanism'. Together they form a unique fingerprint.

Cite this