Hao Peng, Zhe Liu, Jie Shen, Xue Li, Hanteng Chen, Jianxin Li, Lu Liu
{"title":"Eagle: An Agile Approach to Automaton Updating in Cloud Security Services","authors":"Hao Peng, Zhe Liu, Jie Shen, Xue Li, Hanteng Chen, Jianxin Li, Lu Liu","doi":"10.1109/SOSE.2016.17","DOIUrl":null,"url":null,"abstract":"Automaton-based pattern matching methods have been widely used in security services for traffic inspection and filtering. However, a large scale of patterns may be updated frequently in a multi-tenant cloud, which poses new challenges to avoid attacks while updating new patterns. This paper presents an agile approach named Eagle for \"on-the-fly\" updating automaton in cloud security services. The approach provides three algorithms on AC and SBOM, adding, deleting and updating operation, to update state and links of automaton in high-speed online cloud traffic. Theoretical analysis shows that Eagle lowers the computational complexity of updating patterns from O (n2) to O (n). The effectiveness of this agile approach is verified when applied to a real cloud gateway. It turns out that 68% - 89% of the time can be saved and the throughput of cloud traffic filtering proves no reduction during and after the pattern update.","PeriodicalId":153118,"journal":{"name":"2016 IEEE Symposium on Service-Oriented System Engineering (SOSE)","volume":"432 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE Symposium on Service-Oriented System Engineering (SOSE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SOSE.2016.17","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
Abstract
Automaton-based pattern matching methods have been widely used in security services for traffic inspection and filtering. However, a large scale of patterns may be updated frequently in a multi-tenant cloud, which poses new challenges to avoid attacks while updating new patterns. This paper presents an agile approach named Eagle for "on-the-fly" updating automaton in cloud security services. The approach provides three algorithms on AC and SBOM, adding, deleting and updating operation, to update state and links of automaton in high-speed online cloud traffic. Theoretical analysis shows that Eagle lowers the computational complexity of updating patterns from O (n2) to O (n). The effectiveness of this agile approach is verified when applied to a real cloud gateway. It turns out that 68% - 89% of the time can be saved and the throughput of cloud traffic filtering proves no reduction during and after the pattern update.