IDEAS home Printed from https://ideas.repec.org/a/eee/reensy/v192y2019ics0951832017314321.html
   My bibliography  Save this article

Optimizing dynamic survivability and security of replicated data in cloud systems under co-residence attacks

Author

Listed:
  • Luo, Liang
  • Xing, Liudong
  • Levitin, Gregory

Abstract

Utilizing the virtualization technology, multiple virtual machines (VMs) can be created on a single physical server for different tasks, enabling cost-effective resource sharing in cloud computing systems. However, this co-resident VM architecture can be exploited by malicious attackers, posing unique survivability and security risks for cloud users. This paper addresses one of such risks called co-residence attacks, where a malicious attacker can steal or corrupt a user's sensitive information through co-residing the attacker's VM with the target user's VM on the same physical server. We model users’ data protection policy in which sensitive data are replicated and stored on different VMs to enhance data survivability. Both user's and attacker's VMs are distributed among cloud servers at random. The arrival of attacker's requests for creating VMs is modeled by a Poisson stochastic process. We propose a probabilistic model to obtain dynamic data survivability and security indices. Based on the suggested evaluation model, dynamic data replication policies are analyzed and optimized. Numerical examples are presented to demonstrate impacts of different model parameters on the dynamic data survivability and security.

Suggested Citation

  • Luo, Liang & Xing, Liudong & Levitin, Gregory, 2019. "Optimizing dynamic survivability and security of replicated data in cloud systems under co-residence attacks," Reliability Engineering and System Safety, Elsevier, vol. 192(C).
    • Handle: RePEc:eee:reensy:v:192:y:2019:i:c:s0951832017314321
    DOI: 10.1016/j.ress.2018.09.014
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S0951832017314321
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.ress.2018.09.014?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Xing, Liudong & Levitin, Gregory, 2017. "Balancing theft and corruption threats by data partition in cloud system with independent server protection," Reliability Engineering and System Safety, Elsevier, vol. 167(C), pages 248-254.
    2. Levitin, Gregory & Xing, Liudong & Dai, Yuanshun, 2018. "Co-residence based data vulnerability vs. security in cloud computing system with random server assignment," European Journal of Operational Research, Elsevier, vol. 267(2), pages 676-686.
    3. Levitin, Gregory & Hausken, Kjell & Taboada, Heidi A. & Coit, David W., 2012. "Data survivability vs. security in information systems," Reliability Engineering and System Safety, Elsevier, vol. 100(C), pages 19-27.
    4. Chen Peng & Maochao Xu & Shouhuai Xu & Taizhong Hu, 2017. "Modeling and predicting extreme cyber attack rates via marked point processes," Journal of Applied Statistics, Taylor & Francis Journals, vol. 44(14), pages 2534-2563, October.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Levitin, Gregory & Xing, Liudong & Xiang, Yanping, 2020. "Optimal early warning defense of N-version programming service against co-resident attacks in cloud system," Reliability Engineering and System Safety, Elsevier, vol. 201(C).
    2. Zhang, Xiaoyu & Xu, Maochao & Da, Gaofeng & Zhao, Peng, 2021. "Ensuring confidentiality and availability of sensitive data over a network system under cyber threats," Reliability Engineering and System Safety, Elsevier, vol. 214(C).
    3. Levitin, Gregory & Xing, Liudong & Dai, Yuanshun, 2022. "Co-residence based data theft game in cloud system with virtual machine replication and cancellation," Reliability Engineering and System Safety, Elsevier, vol. 222(C).
    4. Levitin, Gregory & Xing, Liudong & Xiang, Yanping, 2021. "Minimization of Expected User Losses Considering Co-resident Attacks in Cloud System with Task Replication and Cancellation," Reliability Engineering and System Safety, Elsevier, vol. 214(C).
    5. Chen, Zhiwei & Hong, Dongpao & Cui, Weiwei & Xue, Weikang & Wang, Yao & Zhong, Jilong, 2023. "Resilience evaluation and optimal design for weapon system of systems with dynamic reconfiguration," Reliability Engineering and System Safety, Elsevier, vol. 237(C).
    6. Levitin, Gregory & Xing, Liudong & Dai, Yanshun, 2021. "Security and reliability of N-version cloud-based task solvers with individual version cancellation under data theft attacks," Reliability Engineering and System Safety, Elsevier, vol. 216(C).

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Levitin, Gregory & Xing, Liudong & Xiang, Yanping, 2020. "Optimal early warning defense of N-version programming service against co-resident attacks in cloud system," Reliability Engineering and System Safety, Elsevier, vol. 201(C).
    2. Levitin, Gregory & Xing, Liudong & Xiang, Yanping, 2020. "Optimization of time constrained N-version programming service components with competing task execution and version corruption processes," Reliability Engineering and System Safety, Elsevier, vol. 193(C).
    3. Zhang, Xiaoyu & Xu, Maochao & Da, Gaofeng & Zhao, Peng, 2021. "Ensuring confidentiality and availability of sensitive data over a network system under cyber threats," Reliability Engineering and System Safety, Elsevier, vol. 214(C).
    4. Peng, Rui & Xiao, Hui & Guo, Jianjun & Lin, Chen, 2020. "Optimal defense of a distributed data storage system against hackers’ attacks," Reliability Engineering and System Safety, Elsevier, vol. 197(C).
    5. Gregory Levitin & Liudong Xing & Hong‐Zhong Huang, 2019. "Security of Separated Data in Cloud Systems with Competing Attack Detection and Data Theft Processes," Risk Analysis, John Wiley & Sons, vol. 39(4), pages 846-858, April.
    6. Heping Jia & Rui Peng & Yi Ding & Changzheng Shao, 2020. "Reliability analysis of distributed storage systems considering data loss and theft," Journal of Risk and Reliability, , vol. 234(2), pages 303-321, April.
    7. Levitin, Gregory & Xing, Liudong & Xiang, Yanping, 2021. "Minimization of Expected User Losses Considering Co-resident Attacks in Cloud System with Task Replication and Cancellation," Reliability Engineering and System Safety, Elsevier, vol. 214(C).
    8. Levitin, Gregory & Xing, Liudong & Dai, Yanshun, 2021. "Security and reliability of N-version cloud-based task solvers with individual version cancellation under data theft attacks," Reliability Engineering and System Safety, Elsevier, vol. 216(C).
    9. Levitin, Gregory & Xing, Liudong & Dai, Yuanshun, 2018. "Co-residence based data vulnerability vs. security in cloud computing system with random server assignment," European Journal of Operational Research, Elsevier, vol. 267(2), pages 676-686.
    10. Levitin, Gregory & Xing, Liudong & Dai, Yuanshun, 2022. "Co-residence based data theft game in cloud system with virtual machine replication and cancellation," Reliability Engineering and System Safety, Elsevier, vol. 222(C).
    11. Han, Zhong & Tian, Liting & Cheng, Lin, 2021. "A deducing-based reliability optimization for electrical equipment with constant failure rate components duration their mission profile," Reliability Engineering and System Safety, Elsevier, vol. 212(C).
    12. Guizhou Wang & Jonathan W. Welburn & Kjell Hausken, 2020. "A Two-Period Game Theoretic Model of Zero-Day Attacks with Stockpiling," Games, MDPI, vol. 11(4), pages 1-26, December.
    13. Dui, Hongyan & Lu, Yaohui & Chen, Liwei, 2024. "Importance-based system cost management and failure risk analysis for different phases in life cycle," Reliability Engineering and System Safety, Elsevier, vol. 242(C).
    14. Kjell Hausken & Jonathan W. Welburn, 2021. "Attack and Defense Strategies in Cyber War Involving Production and Stockpiling of Zero-Day Cyber Exploits," Information Systems Frontiers, Springer, vol. 23(6), pages 1609-1620, December.
    15. Ben Yaghlane, Asma & Azaiez, M. Naceur, 2017. "Systems under attack-survivability rather than reliability: Concept, results, and applications," European Journal of Operational Research, Elsevier, vol. 258(3), pages 1156-1164.
    16. Xing, Liudong & Levitin, Gregory, 2017. "Balancing theft and corruption threats by data partition in cloud system with independent server protection," Reliability Engineering and System Safety, Elsevier, vol. 167(C), pages 248-254.
    17. Hillairet, Caroline & Réveillac, Anthony & Rosenbaum, Mathieu, 2023. "An expansion formula for Hawkes processes and application to cyber-insurance derivatives," Stochastic Processes and their Applications, Elsevier, vol. 160(C), pages 89-119.
    18. Shouhuai Xu & Moti Yung & Jingguo Wang, 2021. "Seeking Foundations for the Science of Cyber Security," Information Systems Frontiers, Springer, vol. 23(2), pages 263-267, April.
    19. Chen, Liwei & Dui, Hongyan & Zhang, Chi, 2020. "A resilience measure for supply chain systems considering the interruption with the cyber-physical systems," Reliability Engineering and System Safety, Elsevier, vol. 199(C).
    20. Xiao, Hui & Lin, Chen & Kou, Gang & Peng, Rui, 2020. "Optimal resource allocation for defending k-out-of-n systems against sequential intentional and unintentional impacts," Reliability Engineering and System Safety, Elsevier, vol. 201(C).

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:reensy:v:192:y:2019:i:c:s0951832017314321. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/reliability-engineering-and-system-safety .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.