An MTD-Based Self-Adaptive Resilience Approach for Cloud Systems

Advances in cloud computing have made it a feasible and cost-effective solution to improve the resiliency of enterprise systems. However, the replication approach taken by cloud computing to provide resiliency leads to an increase in the number of ways an attacker can exploit or penetrate the systems. This calls for designing cloud systems that can accurately detect anomalies and dynamically adapt themselves to keep performing mission-critical functions even under attacks and failures. In this paper, we propose a self-adaptive resiliency approach for cloud enterprise systems that employs a live monitoring and moving target defense based approach to automatically detect deviations from normal behavior and reconfigure critical cloud processes through software-defined networking to mitigate attacks and reduce system downtime. The proposed solution is promising to present a unified framework for resilient cloud systems.

[1]  Angelos D. Keromytis,et al.  Smashing the Gadgets: Hindering Return-Oriented Programming Using In-place Code Randomization , 2012, 2012 IEEE Symposium on Security and Privacy.

[2]  Bill Freeman,et al.  A CONDENSED APPROACH TO THE CYBER RESILIENT DESIGN SPACE , 2016 .

[3]  Tal Garfinkel,et al.  A Virtual Machine Introspection Based Architecture for Intrusion Detection , 2003, NDSS.

[4]  Keith Kirkpatrick,et al.  Software-defined networking , 2013, CACM.

[5]  Dijiang Huang,et al.  Moving Target Defense , 2018, Software-Defined Networking and Security.

[6]  Barak A. Pearlmutter,et al.  Detecting intrusions using system calls: alternative data models , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[7]  M. H. Marghny Ahmed I. Taloba,et al.  Outlier Detection using Improved Genetic K-means , 2011, ArXiv.

[8]  Bharat K. Bhargava,et al.  A Distributed Monitoring and Reconfiguration Approach for Adaptive Network Computing , 2015, 2015 IEEE 34th Symposium on Reliable Distributed Systems Workshop (SRDSW).

[9]  Malik Yousef,et al.  One-Class SVMs for Document Classification , 2002, J. Mach. Learn. Res..

[10]  Bharat K. Bhargava,et al.  Towards Targeted Intrusion Detection Deployments in Cloud Computing , 2015, Int. J. Next Gener. Comput..

[11]  Richard Ford,et al.  Moving-Target Defenses for Computer Networks , 2014, IEEE Security & Privacy.

[12]  Angelos D. Keromytis,et al.  Countering code-injection attacks with instruction-set randomization , 2003, CCS '03.

[13]  Bharat K. Bhargava,et al.  Mayflies: A Moving Target Defense Framework for Distributed Systems , 2016, MTD@CCS.

[14]  Ravishankar K. Iyer,et al.  Transparent runtime randomization for security , 2003, 22nd International Symposium on Reliable Distributed Systems, 2003. Proceedings..

[15]  Sushil Jajodia,et al.  Moving Target Defense - Creating Asymmetric Uncertainty for Cyber Threats , 2011, Moving Target Defense.

[16]  Hovav Shacham,et al.  On the effectiveness of address-space randomization , 2004, CCS '04.

[17]  Noor Ahmed Design, implementation and experiments for Moving Target Defense , 2016 .