Mitigating cloud co-resident attacks via grouping-based virtual machine placement strategy

Liang, Xin; Gui, Xiaolin; Jian, Ai; Ren, Dewang

doi:10.1109/pccc.2017.8280448

Cited by 14 publications

(6 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The pioneering works presented for secure VM allocation includes minimization of the resource sharing by reducing the number of users per server [126], [9], raising the difficulty of achieving co-residence [127], [128], elimination of side-channels [129], periodic migration of VMs [130] and reducing security risks via VM placement [131]. Han et al [126] have proposed previously-selected-servers-first (PSSF) policy to minimize exposure of benign VMs to malicious VMs.…”

Section: Secure Load Balancingmentioning

confidence: 99%

A Review on Secure Cloud Resource Management

Chhabra¹,

Saxena²,

Rekha³

2023

Preprint

View full text Add to dashboard Cite

<p>Security is always a prime concern of every cloud user. Many pioneer surveys have been done concerning security during data communication among owners, users, and stakeholders. However, there is a lack of literature surveys that address the concern of security during data processing or the workload execution within cloud data centers. In this context, we present a concise review of the existing methods that have addressed the security of workload or user data during load scheduling and execution within cloud environments. These methods have applied load-balancing strategies that helped to minimize the security attacks via co-residency or covert channels. The pandect comparative summary of these methods follows the corresponding review. The paper is concluded with limitations and future direction concerning secure load management.</p>

show abstract

Section: Secure Load Balancingmentioning

confidence: 99%

A Review on Secure Cloud Resource Management

Chhabra¹,

Saxena²,

Rekha³

2023

Preprint

View full text Add to dashboard Cite

show abstract

“…The considerable works presented for preserving cybersecurity of computational data via VM allocation have focused on both defensive strategies as well as preventive strategies. The defensive strategies include minimization of resource sharing by reducing the number of users per server [11], [16], raising the difficulties for achieving co-residency [17], [18], and eliminating side-channel based cyberthreats [19]. While some other researchers have provided preventive strategies merely by periodic migration of VMs [20], [21].…”

Section: A Related Workmentioning

confidence: 99%

“…To predict future threat status of VM V i , values of R 1 , R 2 , R 3 , R 4 associated with V i are assessed by applying Eqs. ( 14)- (19). The assessment of R 5 is done by analysing the behaviour of co-resident users of V i by using RFC based user classifier trained with U db .…”

Section: Operational Design and Complexitymentioning

confidence: 99%

“…}, the VMs of ONeb dataset that have experienced attacks, are assigned vulnerability score higher than the threshold value of VM threat (which is considered 0.5 for the experiments) and the rest of the risk scores are computed using Eqs. ( 13)- (19). These VM threats information is learned by the VM threat predictor for estimation of threats on VMs before occurrence.…”

Section: B Datasets and Simulation Parametersmentioning

confidence: 99%

See 1 more Smart Citation

An AI-Driven VM Threat Prediction Model for Multi-Risks Analysis-Based Cloud Cybersecurity

Saxena

Gupta

et al. 2023

IEEE Trans. Syst. Man Cybern, Syst.

View full text Add to dashboard Cite

Cloud virtualization technology, ingrained with physical resource sharing, prompts cybersecurity threats on users' virtual machines (VM)s due to the presence of inevitable vulnerabilities on the offsite servers. Contrary to the existing works which concentrated on reducing resource sharing and encryption/decryption of data before transfer for improving cybersecurity which raises computational cost overhead, the proposed model operates diversely for efficiently serving the same purpose. This paper proposes a novel Multiple Risks Analysis based VM Threat Prediction Model (MR-TPM) to secure computational data and minimize adversary breaches by proactively estimating the VMs threats. It considers multiple cybersecurity risk factors associated with the configuration and management of VMs, along with analysis of users' behaviour. All these threat factors are quantified for the generation of respective risk score values and fed as input into a machine learning based classifier to estimate the probability of threat for each VM. The performance of MR-TPM is evaluated using benchmark Google Cluster and OpenNebula VM threat traces. The experimental results demonstrate that the proposed model efficiently computes the cybersecurity risks and learns the VM threat patterns from historical and live data samples. The deployment of MR-TPM with existing VM allocation policies reduces cybersecurity threats up to 88.9%.

show abstract

“…The delicate data from the co-resident VMs are gotten to by the malicious users characterized as co-resident attacks. [10][11][12] The cryptographic keys, workloads, and web traffic rates are the delicate data gotten by the malicious clients. Then, the VMs are placed in the physical server by using the VM allocation policy.…”

Section: Introductionmentioning

confidence: 99%

Secure virtual machine allocation against attacks using support value based game policy

Naik

Singh

Samaddar

2019

Int J Communication

View full text Add to dashboard Cite

Summary Cloud computing, as a supreme computing stage, presents new security challenges. At the point when virtual machines (VMs) are sent in a cloud domain, VM placement strategies can essentially influence the general security dangers of the whole cloud. As of late, the attacks are explicitly intended to co‐locate with target VMs in the cloud. The VM placement without considering the security risks may put the clients, or even the whole cloud, in threat. Therefore, here we prompt an exhaustive approach to appraise the cloud environment security risk from network, host, and VM. In like manner, secure VM allocation against co‐resident attacks using support value based game policy is proposed that lessens the general security dangers of a cloud, while decides the multi‐objective measures such as efficiency, coverage, and the maximum link utilization. Then, the support value is calculated for the given multi‐objective values. At last, the game theory is used to allocate the best VM. The experimental results prove that the proposed method outperforms than the existing methods in regards of efficiency, coverage maximum link utilization, execution time, throughput, latency, workload balance, power consumption, and standard deviation.

show abstract

Mitigating cloud co-resident attacks via grouping-based virtual machine placement strategy

Cited by 14 publications

References 28 publications

A Review on Secure Cloud Resource Management

A Review on Secure Cloud Resource Management

An AI-Driven VM Threat Prediction Model for Multi-Risks Analysis-Based Cloud Cybersecurity

Secure virtual machine allocation against attacks using support value based game policy

Contact Info

Product

Resources

About