Abstract
Clouds represent a major paradigm shift from contemporary systems, inspiring the contemporary approach to computing. They present fascinating opportunities to address dynamic user requirements with the provision of flexible computing infrastructures that are available on demand. Clouds, however, introduce novel challenges particularly with respect to security that require dedicated efforts to address them. This paper is focused at one such challenge i.e. determining the extent of damage caused by an intrusion for a victim virtual machine. It has significant implications with respect to effective response to the intrusion. The paper presents our efforts to address this challenge for Clouds in the form of a novel scheme for intrusion damage assessment for Clouds which facilitates protection against multi-stage attacks. The paper also includes the formal specification and evaluation of the scheme which successfully demonstrate its effectiveness to achieve rigorous damage assessment for Clouds.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Goldberg, R.P.: A Survey of Virtual Machine Research. IEEE Computer 7, 34–45 (1974)
Amazon Elastic Computing Cloud, http://aws.amazon.com/ec2
GoGrid: Scalable Load-Balanced Windows and Linux Cloud-Server Hosting, http://www.gogrid.com/
Nimbus Cloud, http://www.workspace.globus.org
OpenNebula Project, http://www.opennebula.org
Mell, P., Grance, T.: A NIST National Definition of Cloud Computing, http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-def-v15.doc
New IDC IT Cloud Services Survey: Top Benefits and Challenges (December 2009), http://blogs.idc.com/ie/?p=730
Garfinkel, T., Rosenblum, M.: When Virtual is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments. In: The Proceedings of 10th Workshop on Hot Topics in Operating Systems (2005), usenix.org
Brackney, R.: Cyber-Intrusion Response. In: Proceedings of the 17th IEEE Symposium on Reliable Distributed Systems, West Lafayette, IN, p. 413 (1998)
Arshad, J.: Integrated Intrusion Detection and Diagnosis for Clouds. In: The Proceedings of Dependable Systems and Networks (DSN), Student Forum (2009)
Alserhani, F., Akhlaq, M., Awan, I., Cullen, A.: MARS: Multi-stage Attack Recognition System. In: The Proceedings of the 24th IEEE International Conference on Advanced Information Networking and Applications, Perth, Australia (2010)
Cheung, S., Lindqvist, U., Fong, M.W.: Modelling Multistep Cyber Attacks for Scenario Recognition. In: The Proceedings of the 3rd DARPA Information Survivability Conference and Exposition, Washington, D.C. (2003)
White, G., Fisch, E., Pooch, U.: Cooperating Security Managers: A Peer-based Intrusion Detection System. IEEE Network, 20–23 (1996)
Piesco, A.L., Walsh, J.H.: Attack Impact Prediction System, US Patent (October 2007), Patent number: US 7,281,270 B2
Luo, Y., Szidarovszky, F., Al-Nashif, Y., Hariri, S.: A Game Theory based Risk and Impact Analysis Method for Intrusion Defence Systems. IEEE (2009)
Arshad, J., Townend, P., Xu, J.: An Intrusion Diagnosis Perspective on Clouds. In: Guide to e-Science: Next Generation Scientific Research and Discovery, part 3, pp. 299–319. Springer, Heidelberg (2011), doi:10.1007/978-0-85729-439-5_11
Arshad, J., Townend, P., Xu, J.: A Context-aware Intrusion Severity Analysis Scheme for Clouds. Submitted for the UK-All Hands Meeting (2011)
Lewis, L., Jakobson, G., Buford, J.: Enabling Cyber Situation Awareness, Impact Assessment, and Situation Projection. IEEE ISBN:978-1-4244-2677-5/08/
Yau, S.S., Zhang, X.: Computer Network Intrusion Detection, Assessment and Prevention based on Security Dependency Relation. IEEE (1999)
Zhang, Z., Ho, P., He, L.: Measuring IDS-estimated Attack Impacts for Rational Incident Response: A Decision Theoretic Approach. Computers and Security (2009), doi: 10.1016/j.cose.2009.03.05
Townend, P., Xu, J.: Fault tolerance within a grid environment. In: UK e-Science All Hands Meeting (2003)
Looker, N., Xu, J.: Assessing the Dependability of OGSA Middleware by Fault Injection. In: The Proceedings of the International Symposium on Reliable Distributed Systems, Italy (2003)
Avizienis, A., Laprie, J.-C., Randell, B.: Dependability and its Threats: A Taxonomy. In: Proceedings of Building the Information Society: Proc. IFIP 18th World Computer Congress, Toulouse, August 22-27, pp. 91–120. Kluwer Academic Publishers (2004)
Arshad, J., Townend, P., Xu, J.: Quantification of Security from the Perspective of Compute intensive Workloads for Clouds. In: The Proceedings of the 13th International Conference for Parallel and Distributed Systems (December 2009)
Ning, P., Xu, D.: Learning Attack Strategies from Intrusion Alert. In: The Proceedings of ACM Conference for Computer and Communications Security (2003)
Huai, J., Li, Q., Hu, C.: CIVIC: A Hypervisor based Computing Environment. In: The Proceedings of the 2007 International Conference on Parallel Processing (2007)
Al-Mamory, S.O., Zhang, H.L.: A Survey on Alert Processing Techniques. In: The Proceedings of the International Conference on Information Security and Privacy, Tenerife, Spain (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Arshad, J., Jokhio, I.A., Shah, M. (2012). Intrusion Damage Assessment for Multi-stage Attacks for Clouds. In: Chowdhry, B.S., Shaikh, F.K., Hussain, D.M.A., Uqaili, M.A. (eds) Emerging Trends and Applications in Information Communication Technologies. IMTIC 2012. Communications in Computer and Information Science, vol 281. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28962-0_14
Download citation
DOI: https://doi.org/10.1007/978-3-642-28962-0_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-28961-3
Online ISBN: 978-3-642-28962-0
eBook Packages: Computer ScienceComputer Science (R0)