Mohammad Taghi Adili, Amin Mohammadi, M. Manshaei, M. Rahman
{"title":"一种经济有效的云安全管理:博弈论欺骗机制","authors":"Mohammad Taghi Adili, Amin Mohammadi, M. Manshaei, M. Rahman","doi":"10.23919/INM.2017.7987269","DOIUrl":null,"url":null,"abstract":"The Information Technology (IT) is observing a rising shift toward cloud computing due to its attractive on-demand storage and computing capabilities that allow moving the computing and storage load from the owner's side to the service provider's place and enjoying the data or computed results efficiently anywhere anytime. This growing use of clouds also introduces significant security concerns, as sensitive data and critical applications are increasingly being moved to clouds. Recent work also reveals different security threats, e.g., side-channel attacks, against cloud services. In this work, we address the need of improved solutions for the security management of cloud computing. We propose a moving target-based deceptive defense mechanism where the moving target idea is centered on frequent migrations of the virtual machines (VMs). We make the moves cost-efficient by modeling the problem as a signaling game between the adversary and the VMs and introducing deceptions. We solve the game and obtain two Nash equilibria. These results illustrate the best possible moves by the adversary and the corresponding strategy for the VMs that should reduce the adversary's chance of being successful at most.","PeriodicalId":119633,"journal":{"name":"2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)","volume":"10 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":"{\"title\":\"A cost-effective security management for clouds: A game-theoretic deception mechanism\",\"authors\":\"Mohammad Taghi Adili, Amin Mohammadi, M. Manshaei, M. Rahman\",\"doi\":\"10.23919/INM.2017.7987269\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The Information Technology (IT) is observing a rising shift toward cloud computing due to its attractive on-demand storage and computing capabilities that allow moving the computing and storage load from the owner's side to the service provider's place and enjoying the data or computed results efficiently anywhere anytime. This growing use of clouds also introduces significant security concerns, as sensitive data and critical applications are increasingly being moved to clouds. Recent work also reveals different security threats, e.g., side-channel attacks, against cloud services. In this work, we address the need of improved solutions for the security management of cloud computing. We propose a moving target-based deceptive defense mechanism where the moving target idea is centered on frequent migrations of the virtual machines (VMs). We make the moves cost-efficient by modeling the problem as a signaling game between the adversary and the VMs and introducing deceptions. We solve the game and obtain two Nash equilibria. These results illustrate the best possible moves by the adversary and the corresponding strategy for the VMs that should reduce the adversary's chance of being successful at most.\",\"PeriodicalId\":119633,\"journal\":{\"name\":\"2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)\",\"volume\":\"10 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-05-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"11\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.23919/INM.2017.7987269\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.23919/INM.2017.7987269","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A cost-effective security management for clouds: A game-theoretic deception mechanism
The Information Technology (IT) is observing a rising shift toward cloud computing due to its attractive on-demand storage and computing capabilities that allow moving the computing and storage load from the owner's side to the service provider's place and enjoying the data or computed results efficiently anywhere anytime. This growing use of clouds also introduces significant security concerns, as sensitive data and critical applications are increasingly being moved to clouds. Recent work also reveals different security threats, e.g., side-channel attacks, against cloud services. In this work, we address the need of improved solutions for the security management of cloud computing. We propose a moving target-based deceptive defense mechanism where the moving target idea is centered on frequent migrations of the virtual machines (VMs). We make the moves cost-efficient by modeling the problem as a signaling game between the adversary and the VMs and introducing deceptions. We solve the game and obtain two Nash equilibria. These results illustrate the best possible moves by the adversary and the corresponding strategy for the VMs that should reduce the adversary's chance of being successful at most.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
