IDEAS home Printed from https://ideas.repec.org/a/eee/reensy/v167y2017icp248-254.html
   My bibliography  Save this article

Balancing theft and corruption threats by data partition in cloud system with independent server protection

Author

Listed:
  • Xing, Liudong
  • Levitin, Gregory

Abstract

This paper models cloud computing systems subject to co-resident attacks, where an attacker can get access to a user's sensitive data through co-residence of their virtual machines on the same physical server. Both attackers’ and users’ virtual machines are distributed among cloud servers at random. It is assumed that attacker's successes in getting unauthorized access to data in different servers are independent events that can occur with a given probability. To mitigate effects of the co-resident attacks, a data protection policy based on the partition technique is applied where sensitive data are divided and distributed among multiple virtual machines in the cloud. As the information is useful only in its integrity, the attacker should get access to all of the separated data blocks to steal the information. On the other hand, corrupting any block can destroy the information and make it useless. Hence, creating more blocks can make data more difficult to steal (lower data theft probability), but easier to corrupt (higher data corruption probability). This work makes original contributions by formulating and solving constrained optimization problems to balance the data theft and data corruption probabilities. Particularly probabilistic models are first presented, which derive probabilities that an attacker can succeed in the data theft and data corruption. Further an optimal number of different data blocks (corresponding to the number of user's virtual machines) is obtained, which minimizes the data theft probability subject to meeting a data corruption probability constraint. Both fixed and uncertain numbers of attacker's virtual machines are considered. Numerical examples are presented to demonstrate influence of cloud system parameters on the optimal user's data partition policy obtained.

Suggested Citation

  • Xing, Liudong & Levitin, Gregory, 2017. "Balancing theft and corruption threats by data partition in cloud system with independent server protection," Reliability Engineering and System Safety, Elsevier, vol. 167(C), pages 248-254.
  • Handle: RePEc:eee:reensy:v:167:y:2017:i:c:p:248-254
    DOI: 10.1016/j.ress.2017.06.006
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S0951832017300819
    Download Restriction: Full text for ScienceDirect subscribers only

    File URL: https://libkey.io/10.1016/j.ress.2017.06.006?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Levitin, Gregory & Hausken, Kjell, 2013. "Is it wise to leave some false targets unprotected?," Reliability Engineering and System Safety, Elsevier, vol. 112(C), pages 176-186.
    2. Peng, R. & Zhai, Q.Q. & Levitin, G., 2016. "Defending a single object against an attacker trying to detect a subset of false targets," Reliability Engineering and System Safety, Elsevier, vol. 149(C), pages 137-147.
    3. Levitin, Gregory & Hausken, Kjell & Taboada, Heidi A. & Coit, David W., 2012. "Data survivability vs. security in information systems," Reliability Engineering and System Safety, Elsevier, vol. 100(C), pages 19-27.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Levitin, Gregory & Xing, Liudong & Xiang, Yanping, 2020. "Optimization of time constrained N-version programming service components with competing task execution and version corruption processes," Reliability Engineering and System Safety, Elsevier, vol. 193(C).
    2. Han, Zhong & Tian, Liting & Cheng, Lin, 2021. "A deducing-based reliability optimization for electrical equipment with constant failure rate components duration their mission profile," Reliability Engineering and System Safety, Elsevier, vol. 212(C).
    3. Levitin, Gregory & Xing, Liudong & Xiang, Yanping, 2020. "Optimal early warning defense of N-version programming service against co-resident attacks in cloud system," Reliability Engineering and System Safety, Elsevier, vol. 201(C).
    4. Xiao, Hui & Lin, Chen & Kou, Gang & Peng, Rui, 2020. "Optimal resource allocation for defending k-out-of-n systems against sequential intentional and unintentional impacts," Reliability Engineering and System Safety, Elsevier, vol. 201(C).
    5. Levitin, Gregory & Xing, Liudong & Dai, Yuanshun, 2018. "Co-residence based data vulnerability vs. security in cloud computing system with random server assignment," European Journal of Operational Research, Elsevier, vol. 267(2), pages 676-686.
    6. Zhang, Xiaoyu & Xu, Maochao & Da, Gaofeng & Zhao, Peng, 2021. "Ensuring confidentiality and availability of sensitive data over a network system under cyber threats," Reliability Engineering and System Safety, Elsevier, vol. 214(C).
    7. Levitin, Gregory & Xing, Liudong & Dai, Yuanshun, 2022. "Co-residence based data theft game in cloud system with virtual machine replication and cancellation," Reliability Engineering and System Safety, Elsevier, vol. 222(C).
    8. Levitin, Gregory & Xing, Liudong & Xiang, Yanping, 2021. "Minimization of Expected User Losses Considering Co-resident Attacks in Cloud System with Task Replication and Cancellation," Reliability Engineering and System Safety, Elsevier, vol. 214(C).
    9. Chen, Liwei & Dui, Hongyan & Zhang, Chi, 2020. "A resilience measure for supply chain systems considering the interruption with the cyber-physical systems," Reliability Engineering and System Safety, Elsevier, vol. 199(C).
    10. Gregory Levitin & Liudong Xing & Hong‐Zhong Huang, 2019. "Security of Separated Data in Cloud Systems with Competing Attack Detection and Data Theft Processes," Risk Analysis, John Wiley & Sons, vol. 39(4), pages 846-858, April.
    11. Luo, Liang & Xing, Liudong & Levitin, Gregory, 2019. "Optimizing dynamic survivability and security of replicated data in cloud systems under co-residence attacks," Reliability Engineering and System Safety, Elsevier, vol. 192(C).
    12. Heping Jia & Rui Peng & Yi Ding & Changzheng Shao, 2020. "Reliability analysis of distributed storage systems considering data loss and theft," Journal of Risk and Reliability, , vol. 234(2), pages 303-321, April.
    13. Levitin, Gregory & Xing, Liudong & Dai, Yanshun, 2021. "Security and reliability of N-version cloud-based task solvers with individual version cancellation under data theft attacks," Reliability Engineering and System Safety, Elsevier, vol. 216(C).
    14. Peng, Rui & Xiao, Hui & Guo, Jianjun & Lin, Chen, 2020. "Optimal defense of a distributed data storage system against hackers’ attacks," Reliability Engineering and System Safety, Elsevier, vol. 197(C).

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Levitin, Gregory & Xing, Liudong & Xiang, Yanping, 2020. "Optimal early warning defense of N-version programming service against co-resident attacks in cloud system," Reliability Engineering and System Safety, Elsevier, vol. 201(C).
    2. Wu, Di & Xiao, Hui & Peng, Rui, 2018. "Object defense with preventive strike and false targets," Reliability Engineering and System Safety, Elsevier, vol. 169(C), pages 76-80.
    3. Peng, Rui & Xiao, Hui & Guo, Jianjun & Lin, Chen, 2020. "Defending a parallel system against a strategic attacker with redundancy, protection and disinformation," Reliability Engineering and System Safety, Elsevier, vol. 193(C).
    4. Gao, Kaiye & Yan, Xiangbin & Liu, Xiang-dong & Peng, Rui, 2019. "Object defence of a single object with preventive strike of random effect," Reliability Engineering and System Safety, Elsevier, vol. 186(C), pages 209-219.
    5. Hausken, Kjell, 2024. "Fifty Years of Operations Research in Defense," European Journal of Operational Research, Elsevier, vol. 318(2), pages 355-368.
    6. Wu, Di & Yan, Xiangbin & Peng, Rui & Wu, Shaomin, 2020. "Risk-attitude-based defense strategy considering proactive strike, preventive strike and imperfect false targets," Reliability Engineering and System Safety, Elsevier, vol. 196(C).
    7. Zhang, Xiaoxiong & Ye, Yanqing & Tan, Yuejin, 2020. "How to protect a genuine target against an attacker trying to detect false targets," Physica A: Statistical Mechanics and its Applications, Elsevier, vol. 553(C).
    8. Zhang, Xiaoxiong & Ding, Song & Ge, Bingfeng & Xia, Boyuan & Pedrycz, Witold, 2021. "Resource allocation among multiple targets for a defender-attacker game with false targets consideration," Reliability Engineering and System Safety, Elsevier, vol. 211(C).
    9. Chen, Die & Xu, Maochao & Shi, Weidong, 2018. "Defending a cyber system with early warning mechanism," Reliability Engineering and System Safety, Elsevier, vol. 169(C), pages 224-234.
    10. Levitin, Gregory & Xing, Liudong & Dai, Yuanshun, 2022. "Co-residence based data theft game in cloud system with virtual machine replication and cancellation," Reliability Engineering and System Safety, Elsevier, vol. 222(C).
    11. Guizhou Wang & Jonathan W. Welburn & Kjell Hausken, 2020. "A Two-Period Game Theoretic Model of Zero-Day Attacks with Stockpiling," Games, MDPI, vol. 11(4), pages 1-26, December.
    12. Qingqing Zhai & Rui Peng & Jun Zhuang, 2020. "Defender–Attacker Games with Asymmetric Player Utilities," Risk Analysis, John Wiley & Sons, vol. 40(2), pages 408-420, February.
    13. Levitin, Gregory & Xing, Liudong & Xiang, Yanping, 2021. "Minimization of Expected User Losses Considering Co-resident Attacks in Cloud System with Task Replication and Cancellation," Reliability Engineering and System Safety, Elsevier, vol. 214(C).
    14. Gao, Xing & Zhong, Weijun & Mei, Shue, 2013. "A game-theory approach to configuration of detection software with decision errors," Reliability Engineering and System Safety, Elsevier, vol. 119(C), pages 35-43.
    15. Levitin, Gregory & Xing, Liudong & Dai, Yuanshun, 2018. "Co-residence based data vulnerability vs. security in cloud computing system with random server assignment," European Journal of Operational Research, Elsevier, vol. 267(2), pages 676-686.
    16. Kjell Hausken, 2014. "Choosing what to protect when attacker resources and asset valuations are uncertain," Operations Research and Decisions, Wroclaw University of Science and Technology, Faculty of Management, vol. 24(3), pages 23-44.
    17. Kress, Moshe & Caulkins, Jonathan P. & Feichtinger, Gustav & Grass, Dieter & Seidl, Andrea, 2018. "Lanchester model for three-way combat," European Journal of Operational Research, Elsevier, vol. 264(1), pages 46-54.
    18. Hu, Xiaoxiao & Xu, Maochao & Xu, Shouhuai & Zhao, Peng, 2017. "Multiple cyber attacks against a target with observation errors and dependent outcomes: Characterization and optimization," Reliability Engineering and System Safety, Elsevier, vol. 159(C), pages 119-133.
    19. Ramirez-Marquez, José Emmanuel & Li, Qing, 2018. "Locating and protecting facilities from intentional attacks using secrecyAuthor-Name: Zhang, Chi," Reliability Engineering and System Safety, Elsevier, vol. 169(C), pages 51-62.
    20. Olive Emil Wetter & Valentino Wüthrich, 2015. "“What is dear to you?” Survey of beliefs regarding protection of critical infrastructure against terrorism," Defense & Security Analysis, Taylor & Francis Journals, vol. 31(3), pages 185-198, September.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:reensy:v:167:y:2017:i:c:p:248-254. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/reliability-engineering-and-system-safety .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.