An automated security analysis framework and implementation for MTD techniques on cloud
From MaRDI portal
Publication:776353
DOI10.1007/978-3-030-40921-0_9zbMATH Open1446.68024arXiv1904.01758OpenAlexW3006537789MaRDI QIDQ776353FDOQ776353
Authors: Hooman Alavizadeh, Hootan Alavizadeh, Dong Seong Kim, Julian Jang-Jaccard, Masood Niazi Torshiz
Publication date: 8 July 2020
Abstract: Cloud service providers offer their customers with on-demand and cost-effective services, scalable computing, and network infrastructures. Enterprises migrate their services to the cloud to utilize the benefit of cloud computing such as eliminating the capital expense of their computing need. There are security vulnerabilities and threats in the cloud. Many researches have been proposed to analyze the cloud security using Graphical Security Models (GSMs) and security metrics. In addition, it has been widely researched in finding appropriate defensive strategies for the security of the cloud. Moving Target Defense (MTD) techniques can utilize the cloud elasticity features to change the attack surface and confuse attackers. Most of the previous work incorporating MTDs into the GSMs are theoretical and the performance was evaluated based on the simulation. In this paper, we realized the previous framework and designed, implemented and tested a cloud security assessment tool in a real cloud platform named UniteCloud. Our security solution can (1) monitor cloud computing in real-time, (2) automate the security modeling and analysis and visualize the GSMs using a Graphical User Interface via a web application, and (3) deploy three MTD techniques including Diversity, Redundancy, and Shuffle on the real cloud infrastructure. We analyzed the automation process using the APIs and showed the practicality and feasibility of automation of deploying all the three MTD techniques on the UniteCloud.
Full work available at URL: https://arxiv.org/abs/1904.01758
Recommendations
- Moving target defense for the placement of intrusion detection systems in the cloud
- Cognitive survival model and quantitative analysis for cloud computing systems
- Locking the sky: a survey on IaaS cloud security
- An overview of the state-of-the-art of cloud computing cyber-security
- Analyzing infrastructure as code to prevent intra-update sniping vulnerabilities
Cited In (4)
- Analyzing infrastructure as code to prevent intra-update sniping vulnerabilities
- Cloud service security adaptive target detection algorithm based on bio-inspired performance evaluation process algebra
- Moving target defense for the placement of intrusion detection systems in the cloud
- Automation of service-based security-aware business processes in the cloud
This page was built for publication: An automated security analysis framework and implementation for MTD techniques on cloud
Report a bug (only for logged in users!)Click here to report a bug for this page (MaRDI item Q776353)