Cyber Situation Awareness Monitoring and Proactive Response for Enterprises on the Cloud
作者: Julian Jang-Jaccard , Hooman Alavizadeh , Hootan Alavizadeh
DOI:
关键词: Cloud computing 、 Computer science 、 Outsourcing 、 Authentication 、 Computer security 、 Secure communication 、 Security analysis 、 Cloud computing security 、 Situation awareness 、 Commit
摘要: The cloud model allows many enterprises able to outsource computing resources at an affordable price without having commit the expense upfront. Although providers are responsible for security of cloud, there still concerns due inherently complex operate on (e.g.,multi-tenancy). In addition, whose services have migrated into a preference their own cybersecurity situation awareness capability top mechanisms provided by providers. this way, can monitor performance offerings and choice decide select potential response strategies more appropriate enterprise in presence attack where defense doesn't work them. However, some strategies, such as Moving Target Defense (MTD) techniques shown be effective secure cannot deployed themselves. paper, we propose framework that enables better collaboration between Our proposed framework, which offers in-depth analysis based set most advanced metrics, experts obtain situational cloud. With security, our support decision making further deploy threat responses protect outsourced resources. We also protocol facilitate communication provider. Using protocol, is authentication key exchange mechanism, send request provider perform selected defensive strategy.
arxiv.org
harvard.edu参考文章(28)
Jin Bum Hong, Dong Seong Kim, HARMs: Hierarchical Attack Representation Models for Network Security Analysis australian information security management conference. pp. 74- 81 ,(2012) , 10.4225/75/57B559A3CD8DA
Murray E. Jennex, Steven Furnell, Vassilis Dimopoulos, Ioannis Kritharas, Approaches to IT Security in Small and Medium Enterprises. australian information security management conference. pp. 73- 82 ,(2004)
Yulong Zhang, Min Li, Kun Bai, Meng Yu, Wanyu Zang, Incentive Compatible Moving Target Defense against VM-Colocation Attacks in Clouds information security conference. pp. 388- 399 ,(2012) , 10.1007/978-3-642-30436-1_32
Thomas Ristenpart, Venkatanathan Varadarajan, Yinqian Zhang, Michael Swift, A placement vulnerability study in multi-tenant public clouds usenix security symposium. pp. 913- 928 ,(2015)
Mica R. Endsley, DESIGN AND EVALUATION FOR SITUATION AWARENESS ENHANCEMENT Proceedings of the Human Factors and Ergonomics Society Annual Meeting. ,vol. 32, pp. 97- 101 ,(1988) , 10.1177/154193128803200221
Wei Yu, Guobin Xu, Zhijiang Chen, Paul Moulema, A cloud computing based architecture for cyber security situation awareness communications and networking symposium. pp. 488- 492 ,(2013) , 10.1109/CNS.2013.6682765
Helmut Hlavacs, Thomas Treutner, Jean-Patrick Gelas, Laurent Lefevre, Anne-Cecile Orgerie, Energy Consumption Side-Channel Attack at Virtual Machines in a Cloud ieee international conference on dependable, autonomic and secure computing. pp. 605- 612 ,(2011) , 10.1109/DASC.2011.110
Dimitrios Zissis, Dimitrios Lekkas, Addressing cloud computing security issues Future Generation Computer Systems. ,vol. 28, pp. 583- 592 ,(2012) , 10.1016/J.FUTURE.2010.12.006
Soo-Jin Moon, Vyas Sekar, Michael K. Reiter, Nomad: Mitigating Arbitrary Cloud Side Channels via Provider-Assisted Migration computer and communications security. pp. 1595- 1606 ,(2015) , 10.1145/2810103.2813706
Peter Mell, Karen Scarfone, Sasha Romanosky, Common Vulnerability Scoring System ieee symposium on security and privacy. ,vol. 4, pp. 85- 89 ,(2006) , 10.1109/MSP.2006.145