A moving-target defense strategy for Cloud-based services with heterogeneous and dynamic attack surfaces

Due to deep automation, the configuration of many Cloud infrastructures is static and homogeneous, which, while easing administration, significantly decreases a potential attacker's uncertainty on a deployed Cloud-based service and hence increases the chance of the service being compromised. Moving-target defense (MTD) is a promising solution to the configuration staticity and homogeneity problem. This paper presents our findings on whether and to what extent MTD is effective in protecting a Cloud-based service with heterogeneous and dynamic attack surfaces - these attributes, which match the reality of current Cloud infrastructures, have not been investigated together in previous works on MTD in general network settings. We 1) formulate a Cloud-based service security model that incorporates Cloud-specific features such as VM migration/snapshotting and the diversity/compatibility of migration, 2) consider the accumulative effect of the attacker's intelligence on the target service's attack surface, 3) model the heterogeneity and dynamics of the service's attack surfaces, as defined by the (dynamic) probability of the service being compromised, as an S-shaped generalized logistic function, and 4) propose a probabilistic MTD service deployment strategy that exploits the dynamics and heterogeneity of attack surfaces for protecting the service against attackers. Through simulation, we identify the conditions and extent of the proposed MTD strategy's effectiveness in protecting Cloud-based services. Namely, 1) MTD is more effective when the service deployment is dense in the replacement pool and/or when the attack is strong, and 2) attack-surface heterogeneity-and-dynamics awareness helps in improving MTD's effectiveness.

[1]  Scott A. DeLoach,et al.  Simulation-based Approaches to Studying Effectiveness of Moving-Target Network Defense | NIST , 2012 .

[2]  Jianhua Gu,et al.  A Scheduling Strategy on Load Balancing of Virtual Machine Resources in Cloud Computing Environment , 2010, 2010 3rd International Symposium on Parallel Architectures, Algorithms and Programming.

[3]  Jeannette M. Wing,et al.  A Formal Model for a System's Attack Surface , 2011, Moving Target Defense.

[4]  Richard Colbaugh,et al.  Predictive Moving Target Defense. , 2012 .

[5]  Arun K. Sood,et al.  Designing SCIT architecture pattern in a Cloud-based environment , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W).

[6]  Ehab Al-Shaer,et al.  Toward Network Configuration Randomization for Moving Target Defense , 2011, Moving Target Defense.

[7]  Michael B. Crouse,et al.  Improving the Diversity Defense of Genetic Algorithm-Based Moving Target Approaches , 2012 .

[8]  Henri Casanova,et al.  Resource allocation algorithms for virtualized service hosting platforms , 2010, J. Parallel Distributed Comput..

[9]  Liudong Xing,et al.  Rebound Wall, A Novel Technology against DoS Attacks , 2009 .

[10]  Aameek Singh,et al.  Server-storage virtualization: Integration and load balancing in data centers , 2008, 2008 SC - International Conference for High Performance Computing, Networking, Storage and Analysis.

[11]  Frederick T. Sheldon,et al.  Moving Toward Trustworthy Systems: R&D Essentials , 2010, Computer.

[12]  Anh Nguyen-Tuong,et al.  Effectiveness of Moving Target Defenses , 2011, Moving Target Defense.

[13]  Yulong Zhang,et al.  Incentive Compatible Moving Target Defense against VM-Colocation Attacks in Clouds , 2012, SEC.

[14]  Angelos D. Keromytis,et al.  SOS: secure overlay services , 2002, SIGCOMM '02.

[15]  Andrew Warfield,et al.  Live migration of virtual machines , 2005, NSDI.

[16]  Y. Huang Self-Cleansing Systems for Intrusion Containment , 2006 .

[17]  Karl N. Levitt,et al.  Artificial Diversity as Maneuvers in a Control Theoretic Moving Target Defense , 2012 .

[18]  Pengcheng Liu,et al.  Heterogeneous Live Migration of Virtual Machines , 2008 .

[19]  Jeannette M. Wing,et al.  An Attack Surface Metric , 2011, IEEE Transactions on Software Engineering.

[20]  Rajkumar Buyya,et al.  Energy-aware resource allocation heuristics for efficient management of data centers for Cloud computing , 2012, Future Gener. Comput. Syst..