research-article

Analysis of VM migration scheduling as moving target defense against insider attacks

Authors:

Matheus Torquato,

Marco VieiraAuthors Info & Claims

SAC '21: Proceedings of the 36th Annual ACM Symposium on Applied Computing

Pages 194 - 202

https://doi.org/10.1145/3412841.3441899

Published: 22 April 2021 Publication History

Abstract

As cybersecurity threats evolve, cloud computing defenses must adapt to face new challenges. Unfortunately, due to resource sharing, cloud computing platforms open the door for insider attacks, which consist of malicious actions from cloud authorized users (e.g., clients of an Infrastructure-as-a-Service (IaaS) cloud) targeting the co-hosted users or the underlying provider environment. Virtual machine (VM) migration is a Moving Target Defense (MTD) technique to mitigate insider attacks effects, as it provides VMs positioning manageability. However, there is a clear demand for studies quantifying the security benefits of VM migration-based MTD considering different system architecture configurations. This paper tries to fill such a gap by presenting a Stochastic Reward Net model for the security evaluation of a VM migration-based MTD. The security metric of interest is the probability of attack success. We consider multiple architectures, ranging from one physical machine pool (without MTD) up to four physical machine pools. The evaluation also considers the unavailability due to VM migration. The key contributions are i) a set of results highlighting the probability of insider attacks success over time in different architectures and VM migration schedules, and ii) suggestions for selecting VMs as candidates for MTD deployment based on the tolerance levels of the attack success probability. The results are validated against simulation results to confirm the accuracy of the model.

References

[1]

Hooman Alavizadeh, Jin B Hong, Julian Jang-Jaccard, and Dong Seong Kim. 2018. Comprehensive security assessment of combined MTD techniques for the cloud. In Proceedings of the 5th ACM Workshop on Moving Target Defense. 11--20.

Digital Library

[2]

Hooman Alavizadeh, Dong Seong Kim, and Julian Jang-Jaccard. 2019. Model-based evaluation of combinations of Shuffle and Diversity MTD techniques on the cloud. Future Generation Computer Systems (2019).

[3]

Jing Bai, Xiaolin Chang, Fumio Machida, Kishor S Trivedi, and Zhen Han. 2020. Analyzing Software Rejuvenation Techniques in a Virtualized System: Service Provider and User Views. IEEE Access 8 (2020), 6448--6459.

[4]

Guilin Cai, Baosheng Wang, Yuebin Luo, and Wei Hu. 2016. A model for evaluating and comparing moving target defense techniques based on generalized stochastic Petri Net. In Conference on Advanced Computer Architecture. Springer, 184--197.

[5]

Samrat Chatterjee, Mahantesh Halappanavar, Ramakrishna Tipireddy, Matthew Oster, and Sudip Saha. 2015. Quantifying mixed uncertainties in cyber attacker payoffs. In 2015 IEEE International Symposium on Technologies for Homeland Security (HST). IEEE, 1--6.

[6]

Zhi Chen, Xiaolin Chang, Zhen Han, and Yang Yang. 2020. Numerical Evaluation of Job Finish Time Under MTD Environment. IEEE Access 8 (2020), 11437--11446.

[7]

Jin-Hee Cho, Dilli P Sharma, Hooman Alavizadeh, Seunghyun Yoon, Noam Ben-Asher, Terrence J Moore, Dong Seong Kim, Hyuk Lim, and Frederica F Nelson. 2020. Toward proactive, adaptive defense: A survey on moving target defense. IEEE Communications Surveys & Tutorials 22, 1 (2020), 709--745.

Digital Library

[8]

Christopher Clark, Keir Fraser, Steven Hand, Jacob Gorm Hansen, Eric Jul, Christian Limpach, Ian Pratt, and Andrew Warfield. 2005. Live migration of virtual machines. In Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation-Volume 2. 273--286.

Digital Library

[9]

Warren Connell, Daniel A Menasce, and Massimiliano Albanese. 2018. Performance modeling of moving target defenses with reconfiguration limits. IEEE Transactions on Dependable and Secure Computing (2018).

Digital Library

[10]

Yuri Diogenes and Erdal Ozkaya. 2018. Cybersecurity??? Attack and Defense Strategies: Infrastructure security with Red Team and Blue Team tactics. Packt Publishing Ltd.

[11]

Ghanshyam Gagged and SM Jaisakthi. 2020. Overview on Security Concerns Associated in Cloud Computing. In Smart Intelligent Computing and Applications. Springer, 85--94.

[12]

Chaima Ghribi, Makhlouf Hadji, and Djamal Zeghlache. 2013. Energy efficient vm scheduling for cloud data centers: Exact allocation and migration algorithms. In 2013 13th IEEE/ACM International Symposium on Cluster, Cloud, and Grid Computing. IEEE, 671--678.

Digital Library

[13]

Jinhua Hu, Jianhua Gu, Guofei Sun, and Tianhai Zhao. 2010. A scheduling strategy on load balancing of virtual machine resources in cloud computing environment. In 2010 3rd International symposium on parallel architectures, algorithms and programming. IEEE, 89--96.

Digital Library

[14]

Raj Jain. 1990. The art of computer systems performance analysis: techniques for experimental design, measurement, simulation, and modeling. John Wiley & Sons.

[15]

Sushil Jajodia, Anup K Ghosh, Vipin Swarup, Cliff Wang, and X Sean Wang. 2011. Moving target defense: creating asymmetric uncertainty for cyber threats. Vol. 54. Springer Science & Business Media.

Digital Library

[16]

Pengcheng Liu, Ziye Yang, Xiang Song, Yixun Zhou, Haibo Chen, and Binyu Zang. 2008. Heterogeneous live migration of virtual machines. In International Workshop on Virtualization Technology (IWVT'08).

[17]

Fumio Machida, Dong Seong Kim, and Kishor S Trivedi. 2013. Modeling and analysis of software rejuvenation in a server virtualized system with live VM migration. Performance Evaluation 70, 3 (2013), 212--230.

Digital Library

[18]

M Ajmone Marsan, Gianfranco Balbo, Gianni Conte, Susanna Donatelli, and Giuliana Franceschinis. 1998. Modelling with generalized stochastic Petri nets. ACM SIGMETRICS performance evaluation review 26, 2 (1998), 2.

[19]

Júlio Mendonça, Jin-Hee Cho, Terrence J Moore, Frederica F Nelson, Hyuk Lim, Armin Zimmermann, and Dong Seong Kim. 2020. Performability analysis of services in a software-defined networking adopting time-based moving target defense mechanisms. In Proceedings of the 35th Annual ACM Symposium on Applied Computing. 1180--1189.

Digital Library

[20]

Tuan Anh Nguyen, Dugki Min, and Eunmi Choi. 2020. A Hierarchical Modeling and Analysis Framework for Availability and Security Quantification of IoT Infrastructures. Electronics 9, 1 (2020), 155.

[21]

Department of Homeland Security. 2020. Moving Target Defense. https://www.dhs.gov/science-and-technology/csd-mtd

[22]

Terry Penner and Mina Guirguis. 2017. Combating the bandits in the cloud: A moving target defense approach. In 2017 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGRID). IEEE, 411--420.

Digital Library

[23]

Sailik Sengupta, Ankur Chowdhary, AbdulhakimSabur, Adel Alshamrani, Dijiang Huang, and Subbarao Kambhampati. 2020. A survey of moving target defenses for network security. IEEE Communications Surveys & Tutorials (2020).

[24]

Hamed Tabrizchi and Marjan Kuchaki Rafsanjani. 2020. A survey on security challenges in cloud computing: issues, threats, and solutions. The Journal of Supercomputing (2020), 1--40.

[25]

Matheus Torquato, Paulo Maciel, and Marco Vieira. 2019. A Model for Availability and Security Risk Evaluation for Systems With VMM Rejuvenation Enabled by VM Migration Scheduling. IEEE Access 7 (2019), 138315--138326.

[26]

Matheus Torquato, Paulo Maciel, and Marco Vieira. 2020. Availability and reliability modeling of VM migration as rejuvenation on a system under varying workload. Software Quality Journal (2020), 1--25.

[27]

Matheus Torquato, Paulo Maciel, and Marco Vieira. 2020. Security and Availability Modeling of VM Migration as Moving Target Defense. In 2020 IEEE 25th Pacific Rim International Symposium on Dependable Computing (PRDC). IEEE.

[28]

Matheus Torquato and Marco Vieira. 2020. Moving Target Defense in Cloud Computing: A Systematic Mapping Study. Computers & Security (2020), 101742.

[29]

Kishor Shridharbhai Trivedi. 1982. Probability and statistics with reliability, queuing, and computer science applications. Vol. 13. Wiley Online Library.

[30]

Kishor S Trivedi and Andrea Bobbio. 2017. Reliability and availability engineering: modeling, analysis, and applications. Cambridge University Press.

[31]

Huangxin Wang, Fei Li, and Songqing Chen. 2016. Towards cost-effective moving target defense against ddos and covert channel attacks. In Proceedings of the 2016 ACM Workshop on Moving Target Defense. 15--25.

Digital Library

[32]

Yuanzhuo Wang, Jingyuan Li, Kun Meng, Chuang Lin, and Xueqi Cheng. 2013. Modeling and security analysis of enterprise network using attack-defense stochastic game Petri nets. Security and Communication Networks 6, 1 (2013), 89--99.

Digital Library

[33]

x. Chang, Y. Shi, z. zhang, Z. xu, and K. Trivedi. 2020. Job Completion Time under Migration-based Dynamic Platform Technique. IEEE Transactions on Services Computing (2020), 1--1.

[34]

Su Zhang. 2012. Deep-diving into an easily-overlooked threat: Inter-VM attacks. Technical Report. Technical Report). Manhattan, Kansas: Kansas State University.

[35]

Armin Zimmermann. 2017. Modelling and performance evaluation with TimeNET 4.4. In International Conference on Quantitative Evaluation of Systems. Springer, 300--303.

Cited By

Nauman UZhang YLi ZZhen T(2024)Secured VM Deployment in the Cloud: Benchmarking the Enhanced Simulation ModelApplied Sciences10.3390/app1402054014:2(540)Online publication date: 8-Jan-2024
https://doi.org/10.3390/app14020540
Zhu WYang YZhang YChang X(2024)Can Migration-Based Dynamic Platform Technique Work Effectively: A Quantitative Analysis PerspectiveIEEE Access10.1109/ACCESS.2024.345776312(138319-138328)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3457763
Shayegan MDamghanian A(2024)A Method for DDoS Attacks Prevention Using SDN and NFVIEEE Access10.1109/ACCESS.2024.343853812(108176-108184)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3438538
Show More Cited By

Index Terms

Analysis of VM migration scheduling as moving target defense against insider attacks

Recommendations

Game Theory Approaches for Evaluating the Deception-based Moving Target Defense
MTD'22: Proceedings of the 9th ACM Workshop on Moving Target Defense

Moving target defense (MTD) is a proactive defensive mechanism proposed to disrupt and disable potential attacks, thus reversing the defender's disadvantages. Cyber deception is a complementary technique that is often used to enhance MTD by utilizing ...
AVDR: A Framework for Migration Policy to Handle DDoS Attacked VM in Cloud
Abstract
The recent trends of Distributed Denial of Service (DDoS) attacks in cloud computing have revealed a new menace of DDoS attacks called collateral damages on non-target stakeholders. These stakeholders are victim Virtual Machine (VM), sibling VMs, ... $_{}$ $_{}$ $_{}$
Insider Threat Mitigation Using Moving Target Defense and Deception
MIST '17: Proceedings of the 2017 International Workshop on Managing Insider Security Threats

The insider threat has been subject of extensive study and many approaches from technical perspective to behavioral perspective and psychological perspective have been proposed to detect or mitigate it. However, it still remains one of the most ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

SAC '21: Proceedings of the 36th Annual ACM Symposium on Applied Computing

March 2021

2075 pages

ISBN:9781450381048

DOI:10.1145/3412841

Conference Chairs:
Chih-Cheng Hung
Kennesaw State University
,
Jiman Hong
Soongsil University, South Korea
,
Program Chairs:
Alessio Bechini
University of Pisa, Italy
,
Eunjee Song
Baylor University

Copyright © 2021 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGAPP: ACM Special Interest Group on Applied Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 April 2021

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Portuguese Foundation for Science and Technology (FCT)
Portuguese Foundation for Science and Technology (FCT)
Operational Program for Competitiveness and Internationalization (COMPETE 2020) and Portuguese Foundation for Science and Technology (under CMU Portugal Program)
Operational Program for Competitiveness and Internationalization (COMPETE 2020)

Conference

SAC '21

Sponsor:

SIGAPP

SAC '21: The 36th ACM/SIGAPP Symposium on Applied Computing

March 22 - 26, 2021

Virtual Event, Republic of Korea

Acceptance Rates

Overall Acceptance Rate 1,650 of 6,669 submissions, 25%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

12
Total Citations
View Citations
164
Total Downloads

Downloads (Last 12 months)27
Downloads (Last 6 weeks)2

Reflects downloads up to 16 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Nauman UZhang YLi ZZhen T(2024)Secured VM Deployment in the Cloud: Benchmarking the Enhanced Simulation ModelApplied Sciences10.3390/app1402054014:2(540)Online publication date: 8-Jan-2024
https://doi.org/10.3390/app14020540
Zhu WYang YZhang YChang X(2024)Can Migration-Based Dynamic Platform Technique Work Effectively: A Quantitative Analysis PerspectiveIEEE Access10.1109/ACCESS.2024.345776312(138319-138328)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3457763
Shayegan MDamghanian A(2024)A Method for DDoS Attacks Prevention Using SDN and NFVIEEE Access10.1109/ACCESS.2024.343853812(108176-108184)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3438538
Torquato MMaciel PVieira M(2024)Evaluation of time-based virtual machine migration as moving target defense against host-based attacksJournal of Systems and Software10.1016/j.jss.2024.112222(112222)Online publication date: Sep-2024
https://doi.org/10.1016/j.jss.2024.112222
Shayegan MDamghanian A(2023)A Review of Methods to Prevent DDOS Attacks Using NFV and SDN2023 9th International Conference on Web Research (ICWR)10.1109/ICWR57742.2023.10139112(346-355)Online publication date: 3-May-2023
https://doi.org/10.1109/ICWR57742.2023.10139112
Yang XSmahi ALi HZhang HRobert Li S(2023)An SRN-Based Model for Assessing Co-Resident Attack Mitigation in Cloud with VM Migration and Allocation Policies*GLOBECOM 2023 - 2023 IEEE Global Communications Conference10.1109/GLOBECOM54140.2023.10437647(4995-5000)Online publication date: 4-Dec-2023
https://doi.org/10.1109/GLOBECOM54140.2023.10437647
Toumi NBagaa MKsentini A(2023)Machine Learning for Service Migration: A SurveyIEEE Communications Surveys & Tutorials10.1109/COMST.2023.327312125:3(1991-2020)Online publication date: 1-Jul-2023
https://dl.acm.org/doi/10.1109/COMST.2023.3273121
Yang XSmahi ALi HZhang HLi S(2022)SPM: A Novel Hierarchical Model for Evaluating the Effectiveness of Combined ACDs in a Blockchain-Based Cloud EnvironmentApplied Sciences10.3390/app1218923012:18(9230)Online publication date: 14-Sep-2022
https://doi.org/10.3390/app12189230
Mendonca JKim MGraczyk RVolp MKim D(2022)Security Modeling and Analysis of Moving Target Defense in Software Defined Networks2022 IEEE 27th Pacific Rim International Symposium on Dependable Computing (PRDC)10.1109/PRDC55274.2022.00028(141-151)Online publication date: Nov-2022
https://doi.org/10.1109/PRDC55274.2022.00028
Torquato MMaciel PVieira M(2022)Software Rejuvenation Meets Moving Target Defense: Modeling of Time-Based Virtual Machine Migration Approach2022 IEEE 33rd International Symposium on Software Reliability Engineering (ISSRE)10.1109/ISSRE55969.2022.00029(205-216)Online publication date: Oct-2022
https://doi.org/10.1109/ISSRE55969.2022.00029
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents