A Game-Theoretic Framework for the Virtual Machines Migration Timing Problem

03/14/2018
by   Ahmed H. Anwar, et al.
0

In a multi-tenant cloud, a number of Virtual Machines (VMs) are collocated on the same physical machine to optimize performance, power consumption and maximize profit. This, however, increases the risk of a malicious VM performing side-channel attacks and leaking sensitive information from neighboring VMs. To this end, this paper develops and analyzes a game-theoretic framework for the VM migration timing problem in which the cloud provider decides when to migrate a VM to a different physical machine to reduce the risk of being compromised by a collocated malicious VM. The adversary decides the rate at which she launches new VMs to collocate with the victim VMs. Our formulation captures a data leakage model in which the cost incurred by the cloud provider depends on the duration of collocation with malicious VMs. It also captures costs incurred by the adversary in launching new VMs and by the defender in migrating VMs. We establish sufficient conditions for the existence of Nash equilibria for general cost functions, as well as for specific instantiations, and characterize the best response for both players. Furthermore, we extend our model to characterize its impact on the attacker's payoff when the cloud utilizes intrusion detection systems that detect side-channel attacks. Our theoretical findings are corroborated with extensive numerical results in various settings.

READ FULL TEXT

page 14

page 18

research
07/16/2020

Containers Placement and Migration on Cloud System

Currently, many businesses are using cloud computing to obtain an entire...
research
04/27/2015

Deterministically Deterring Timing Attacks in Deterland

The massive parallelism and resource sharing embodying today's cloud bus...
research
10/14/2020

Exploiting Interfaces of Secure Encrypted Virtual Machines

Cloud computing is a convenient model for processing data remotely. Howe...
research
06/22/2020

Counting Down Thunder: Timing Attacks on Privacy in Payment Channel Networks

The Lightning Network is a scaling solution for Bitcoin that promises to...
research
02/27/2018

Leakage and Protocol Composition in a Game-Theoretic Perspective

In the inference attacks studied in Quantitative Information Flow (QIF),...
research
04/22/2010

Performance Evaluation of DCA and SRC on a Single Bot Detection

Malicious users try to compromise systems using new techniques. One of t...
research
05/30/2019

Optimal Timing of Moving Target Defense: A Stackelberg Game Model

As an effective approach to thwarting advanced attacks, moving target de...

Please sign up or login with your details

Forgot password? Click here to reset