Response to Co-resident Threats in Cloud Computing Using Machine Learning
Virtualization technologies in cloud computing brings merits for resource utilization and on-demand sharing. However, users can face new security risks when they use the virtualized platforms. The co-resident attack means that the malicious users build side channels and threaten the virtual machines co-located on the same server. In 2017, Abazari et al. proposed a multi-objective, under the constraints of minimum cost and threat, response to co-resident attacks in cloud environment. In this paper, we aimed to propose a novel method for countermeasures decision to the attacks. We used machine learning to train the intrusion response model and conducted a set of experiments to demonstrate the effect of the proposed model. It showed that the near optimal solutions with good accuracy is obtainable and the response efficiency is improved.
This research was partly supported by the Ministry of Science and Technology, Taiwan, under grant number MOST 107 - 2221 - E - 029 - 005 - MY3.
- 1.Abazari, F., Analoui, M., Takab, H.: Multi-objective response to co-resident attacks in cloud environment. Int. J. Inf. Commun. Technol. Res. 9(3), 25–36 (2018)Google Scholar
- 3.Han, Y., Chan, J., Alpcan, T., Leckie, C.: Using virtual machine allocation policies to defend against co-resident attacks in cloud computing. IEEE Trans. Dependable Secure Comput. 14, 95–108 (2017)Google Scholar
- 5.Varadarajan, V., Kooburat, T., Farley, B., Ristenpart, T., Swift, M.M.: Resource-freeing attacks: improve your cloud performance (at your neighbor’s expense). In: Computer and Communications Security, CCS 2012, pp. 281–292. ACM, New York (2012)Google Scholar
- 6.Zhou, F., Goel, M., Desnoyers, P., Sundaram, R.: Scheduler vulnerabilities and coordinated attacks in cloud computing. In: IEEE 10th International Symposium on Network Computing and Applications, Cambridge, MA, pp. 123–130 (2011)Google Scholar
- 7.Atya, A.O.F., Qian, Z., Krishnamurthy, S.V., Porta, T.L., McDaniel, P., Marvel, L.: Malicious co-residency on the cloud: attacks and defense. In: IEEE INFOCOM 2017 - IEEE Conference on Computer Communications, Atlanta, GA, pp. 1–9 (2017)Google Scholar
- 8.Zhang, W., Jia, X., Wang, C., Zhang, S., Huang, Q., Wang, M., Liu, P.: A comprehensive study of co-residence threat in multi-tenant public PaaS clouds. In: Lam, K.Y., Chi, C.H., Qing, S. (eds.) Information and Communications Security, ICICS, Lecture Notes in Computer Science, vol. 9977. Springer, Cham (2016)Google Scholar
- 10.Abazari, F., Analoui, M.: Exploring the effects of virtual machine placement on the transmission of infections in cloud. In: 7th International Symposium on Telecommunications, Tehran, pp. 278–282 (2014)Google Scholar
- 11.Sun, Q., Shen, Q., Li, C., Wu, Z.: SeLance: secure load balancing of virtual machines in cloud. In: IEEE Trustcom/BigDataSE/ISPA, Tianjin, pp. 662–669 (2016)Google Scholar
- 12.Wu, J., Ding, L., Lin, Y., Min-Allah, N., Wang, Y.: XenPump: a new method to mitigate timing channel in cloud computing. In: IEEE Fifth International Conference on Cloud Computing, Honolulu, HI, pp. 678–685 (2012)Google Scholar
- 14.Balasubramanian, S., Lobbes, M.M., O’connell, B.M., Snitzer, B.J.: Automated Response to Detection of Threat to Cloud Virtual Machine. US Patent 20,160,094,568, March 2016Google Scholar