Skip to main content
SpringerLink
Log in
Book cover

International Multi Topic Conference

IMTIC 2012: Emerging Trends and Applications in Information Communication Technologies pp 132–143Cite as

Intrusion Damage Assessment for Multi-stage Attacks for Clouds

  • Conference paper

  • 1443 Accesses

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 281))

Abstract

Clouds represent a major paradigm shift from contemporary systems, inspiring the contemporary approach to computing. They present fascinating opportunities to address dynamic user requirements with the provision of flexible computing infrastructures that are available on demand. Clouds, however, introduce novel challenges particularly with respect to security that require dedicated efforts to address them. This paper is focused at one such challenge i.e. determining the extent of damage caused by an intrusion for a victim virtual machine. It has significant implications with respect to effective response to the intrusion. The paper presents our efforts to address this challenge for Clouds in the form of a novel scheme for intrusion damage assessment for Clouds which facilitates protection against multi-stage attacks. The paper also includes the formal specification and evaluation of the scheme which successfully demonstrate its effectiveness to achieve rigorous damage assessment for Clouds.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Goldberg, R.P.: A Survey of Virtual Machine Research. IEEE Computer 7, 34–45 (1974)

    Google Scholar 

  2. Amazon Elastic Computing Cloud, http://aws.amazon.com/ec2

  3. GoGrid: Scalable Load-Balanced Windows and Linux Cloud-Server Hosting, http://www.gogrid.com/

  4. Nimbus Cloud, http://www.workspace.globus.org

  5. OpenNebula Project, http://www.opennebula.org

  6. Mell, P., Grance, T.: A NIST National Definition of Cloud Computing, http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-def-v15.doc

  7. New IDC IT Cloud Services Survey: Top Benefits and Challenges (December 2009), http://blogs.idc.com/ie/?p=730

  8. Garfinkel, T., Rosenblum, M.: When Virtual is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments. In: The Proceedings of 10th Workshop on Hot Topics in Operating Systems (2005), usenix.org

  9. Brackney, R.: Cyber-Intrusion Response. In: Proceedings of the 17th IEEE Symposium on Reliable Distributed Systems, West Lafayette, IN, p. 413 (1998)

    Google Scholar 

  10. Arshad, J.: Integrated Intrusion Detection and Diagnosis for Clouds. In: The Proceedings of Dependable Systems and Networks (DSN), Student Forum (2009)

    Google Scholar 

  11. Alserhani, F., Akhlaq, M., Awan, I., Cullen, A.: MARS: Multi-stage Attack Recognition System. In: The Proceedings of the 24th IEEE International Conference on Advanced Information Networking and Applications, Perth, Australia (2010)

    Google Scholar 

  12. Cheung, S., Lindqvist, U., Fong, M.W.: Modelling Multistep Cyber Attacks for Scenario Recognition. In: The Proceedings of the 3rd DARPA Information Survivability Conference and Exposition, Washington, D.C. (2003)

    Google Scholar 

  13. White, G., Fisch, E., Pooch, U.: Cooperating Security Managers: A Peer-based Intrusion Detection System. IEEE Network, 20–23 (1996)

    Google Scholar 

  14. Piesco, A.L., Walsh, J.H.: Attack Impact Prediction System, US Patent (October 2007), Patent number: US 7,281,270 B2

    Google Scholar 

  15. Luo, Y., Szidarovszky, F., Al-Nashif, Y., Hariri, S.: A Game Theory based Risk and Impact Analysis Method for Intrusion Defence Systems. IEEE (2009)

    Google Scholar 

  16. Arshad, J., Townend, P., Xu, J.: An Intrusion Diagnosis Perspective on Clouds. In: Guide to e-Science: Next Generation Scientific Research and Discovery, part 3, pp. 299–319. Springer, Heidelberg (2011), doi:10.1007/978-0-85729-439-5_11

    Google Scholar 

  17. Arshad, J., Townend, P., Xu, J.: A Context-aware Intrusion Severity Analysis Scheme for Clouds. Submitted for the UK-All Hands Meeting (2011)

    Google Scholar 

  18. Lewis, L., Jakobson, G., Buford, J.: Enabling Cyber Situation Awareness, Impact Assessment, and Situation Projection. IEEE ISBN:978-1-4244-2677-5/08/

    Google Scholar 

  19. Yau, S.S., Zhang, X.: Computer Network Intrusion Detection, Assessment and Prevention based on Security Dependency Relation. IEEE (1999)

    Google Scholar 

  20. Zhang, Z., Ho, P., He, L.: Measuring IDS-estimated Attack Impacts for Rational Incident Response: A Decision Theoretic Approach. Computers and Security (2009), doi: 10.1016/j.cose.2009.03.05

    Google Scholar 

  21. Townend, P., Xu, J.: Fault tolerance within a grid environment. In: UK e-Science All Hands Meeting (2003)

    Google Scholar 

  22. Looker, N., Xu, J.: Assessing the Dependability of OGSA Middleware by Fault Injection. In: The Proceedings of the International Symposium on Reliable Distributed Systems, Italy (2003)

    Google Scholar 

  23. Avizienis, A., Laprie, J.-C., Randell, B.: Dependability and its Threats: A Taxonomy. In: Proceedings of Building the Information Society: Proc. IFIP 18th World Computer Congress, Toulouse, August 22-27, pp. 91–120. Kluwer Academic Publishers (2004)

    Google Scholar 

  24. Arshad, J., Townend, P., Xu, J.: Quantification of Security from the Perspective of Compute intensive Workloads for Clouds. In: The Proceedings of the 13th International Conference for Parallel and Distributed Systems (December 2009)

    Google Scholar 

  25. Ning, P., Xu, D.: Learning Attack Strategies from Intrusion Alert. In: The Proceedings of ACM Conference for Computer and Communications Security (2003)

    Google Scholar 

  26. Huai, J., Li, Q., Hu, C.: CIVIC: A Hypervisor based Computing Environment. In: The Proceedings of the 2007 International Conference on Parallel Processing (2007)

    Google Scholar 

  27. Al-Mamory, S.O., Zhang, H.L.: A Survey on Alert Processing Techniques. In: The Proceedings of the International Conference on Information Security and Privacy, Tenerife, Spain (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of CS & IT, University of AJK, Kotli, Pakistan

    Junaid Arshad

  2. Department of Software Engineering, Mehran University of Engineering and Technology, Jomshoro, Pakistan

    Imran Ali Jokhio

  3. Lancashire Business School, University of Central Lancashire, Preston, UK

    Mahmood Shah

Authors
  1. Junaid Arshad
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Imran Ali Jokhio
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mahmood Shah
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Electronics and Telecommunication Engineering, Faculty of Electrical, Electronics & Computer Engineering, Mehran UET, Jamshoro, Pakistan

    Bhawani Shankar Chowdhry

  2. Department of Telecommunication Engineering, Mehran University of Engineering and Technology, 76062, Jamshoro, Sindh, Pakistan

    Faisal Karim Shaikh

  3. Department of Software Engineering & Media Technology, Aalborg University, Niels Bohrs Vej 8, 6700, Esbjerg, Denmark

    Dil Muhammad Akbar Hussain

  4. Department of Electrical Engineering, Mehran University of Engineering and Technology, 76062, Jamshoro, Sindh, Pakistan

    Muhammad Aslam Uqaili

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Arshad, J., Jokhio, I.A., Shah, M. (2012). Intrusion Damage Assessment for Multi-stage Attacks for Clouds. In: Chowdhry, B.S., Shaikh, F.K., Hussain, D.M.A., Uqaili, M.A. (eds) Emerging Trends and Applications in Information Communication Technologies. IMTIC 2012. Communications in Computer and Information Science, vol 281. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28962-0_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-28962-0_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-28961-3

  • Online ISBN: 978-3-642-28962-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation