A Stealth Migration Approach to Moving Target Defense in Cloud Computing

  • Saikat DasEmail author
  • Ahmed M. Mahfouz
  • Sajjan Shiva
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 1069)


A stealth migration protocol is proposed in this paper that obfuscates the virtual machine (VM) migration from intruders and enhances the security of the MTD process. Starting by encrypting the VM data and generating a secret key that is split along with the encrypted data into small chunks. Then the fragments are transmitted through intermediate VMs on the way to the destination VM. As a result, the chances of an intruder detecting the VM migration is reduced. The migration traffic is maintained close to normal traffic by adjusting the chunk size, thereby avoiding the attention of the intruder. Finally, the normal and migration traffic patterns are analyzed with the proposed protocol.


Stealth migration Cloud computing Moving Target Defense Secure MTD Live migration 


  1. 1.
    Yackoski, J., et al.: Mission-oriented moving target defense based on cryptographically strong network dynamics. In: Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop. ACM (2013)Google Scholar
  2. 2.
  3. 3.
    Ahmad, R.W., Gani, A., Hamid, S.H.A., Shiraz, M., Xia, F., Madani, S.A.: Virtual machine migration in cloud data centers: a review, taxonomy, and open research issues. J. Supercomput. 71(7), 2473–2515 (2015)CrossRefGoogle Scholar
  4. 4.
    Oberheide, J., Cooke, E., Jahanian, F.: Empirical exploitation of live virtual machine migration. In: Proceedings of BlackHat DC Convention (2008)Google Scholar
  5. 5.
    Kozuch, M., Satyanarayanan, M.: Internet suspend/resume. In: Proceedings of Fourth IEEE Workshop on Mobile Computing Systems and Applications. IEEE (2002)Google Scholar
  6. 6.
    Duncan, A., et al.: Cloud computing: Insider attacks on virtual machines during migration. In: 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). IEEE (2013)Google Scholar
  7. 7.
    Achleitner, S., et al.: Stealth migration: hiding virtual machines on the network. In: INFOCOM 2017-IEEE Conference on Computer Communications (2017)Google Scholar
  8. 8.
    Suetake, M., Kizu, H., Kourai, K.: Split migration of large memory virtual machines. In: Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems. ACM (2016)Google Scholar
  9. 9.
    Deshpande, U., et al.: Fast server deprovisioning through scatter-gather live migration of virtual machines. In: 2014 IEEE 7th International Conference on Cloud Computing (CLOUD). IEEE (2014)Google Scholar
  10. 10.
  11. 11.
    Clerk Maxwell, J.: A Treatise on Electricity and Magnetism, 3rd edn, vol. 2, pp. 68–73. Clarendon, Oxford (1892)Google Scholar
  12. 12.
    Polash, F., Shiva, S.: Automated live migration in openstack: a moving target defense solution. J. Comput. Sci. Appl. Inform. Technol. 2(3), 1–5 (2017). Scholar
  13. 13.
    Xianqin, C., Xiaopeng, G., Han, W., Sumei, W., Xiang, L.: Application-transparent live migration for virtual machine on network security enhanced hypervisor. China Commun. 8, 32–42 (2011). Research paperGoogle Scholar
  14. 14.
    Berger, S., Caceres, R., Goldman, K.A., Perez, R., Sailer, R., Doorn, L.: Virtualizing the trusted platform module. In: USENIX Security, pp. 305–320 (2006)Google Scholar
  15. 15.
    Tamrakar, A.: Security in live migration of virtual machine with automated load balancing. Int. J. Eng. Res. Technol. (IJERT) 3(12) (2014)Google Scholar
  16. 16.
  17. 17.
  18. 18.
    Fu, X., et al.: On effectiveness of link padding for statistical traffic analysis attacks. In: Proceedings of 23rd International Conference on Distributed Computing Systems. IEEE (2003)Google Scholar
  19. 19.
    Houmansadr, A., Brubaker, C., Shmatikov, V.: The parrot is dead: observing unobservable network communications. In: 2013 IEEE Symposium on Security and Privacy (SP). IEEE (2013)Google Scholar
  20. 20.
    Dharam, R., Shiva, S.G.: Runtime monitors for tautology based SQL injection attacks. In: 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec). IEEE (2012)Google Scholar
  21. 21.
    Shiva, S., Das, S.: CoRuM: collaborative runtime monitor framework for application security. In: 2018 IEEE/ACM International Conference on Utility and Cloud Computing Companion (UCC Companion). IEEE (2018)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Department of Computer ScienceThe University of MemphisMemphisUSA

Personalised recommendations