IDEAS home Printed from https://ideas.repec.org/a/wly/riskan/v39y2019i4p846-858.html
   My bibliography  Save this article

Security of Separated Data in Cloud Systems with Competing Attack Detection and Data Theft Processes

Author

Listed:
  • Gregory Levitin
  • Liudong Xing
  • Hong‐Zhong Huang

Abstract

Empowered by virtualization technology, service requests from cloud users can be honored through creating and running virtual machines. Virtual machines established for different users may be allocated to the same physical server, making the cloud vulnerable to co‐residence attacks where a malicious attacker can steal a user's data through co‐residing their virtual machines on the same server. For protecting data against the theft, the data partition technique is applied to divide the user's data into multiple blocks with each being handled by a separate virtual machine. Moreover, early warning agents (EWAs) are deployed to possibly detect and prevent co‐residence attacks at a nascent stage. This article models and analyzes the attack success probability (complement of data security) in cloud systems subject to competing attack detection process (by EWAs) and data theft process (by co‐residence attackers). Based on the suggested probabilistic model, the optimal data partition and protection policy is determined with the objective of minimizing the user's cost subject to providing a desired level of data security. Examples are presented to illustrate effects of different model parameters (attack rate, number of cloud servers, number of data blocks, attack detection time, and data theft time distribution parameters) on the attack success probability and optimization solutions.

Suggested Citation

  • Gregory Levitin & Liudong Xing & Hong‐Zhong Huang, 2019. "Security of Separated Data in Cloud Systems with Competing Attack Detection and Data Theft Processes," Risk Analysis, John Wiley & Sons, vol. 39(4), pages 846-858, April.
  • Handle: RePEc:wly:riskan:v:39:y:2019:i:4:p:846-858
    DOI: 10.1111/risa.13219
    as

    Download full text from publisher

    File URL: https://doi.org/10.1111/risa.13219
    Download Restriction: no

    File URL: https://libkey.io/10.1111/risa.13219?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    References listed on IDEAS

    as
    1. Xing, Liudong & Levitin, Gregory, 2017. "Balancing theft and corruption threats by data partition in cloud system with independent server protection," Reliability Engineering and System Safety, Elsevier, vol. 167(C), pages 248-254.
    2. Levitin, Gregory & Xing, Liudong & Dai, Yuanshun, 2018. "Co-residence based data vulnerability vs. security in cloud computing system with random server assignment," European Journal of Operational Research, Elsevier, vol. 267(2), pages 676-686.
    3. Yuan, Wei & Zhao, Long & Zeng, Bo, 2014. "Optimal power grid protection through a defender–attacker–defender model," Reliability Engineering and System Safety, Elsevier, vol. 121(C), pages 83-89.
    4. Kjell Hausken & Gregory Levitin, 2008. "Efficiency of Even Separation of Parallel Elements with Variable Contest Intensity," Risk Analysis, John Wiley & Sons, vol. 28(5), pages 1477-1486, October.
    5. Torres, Jacob M. & Brumbelow, Kelly & Guikema, Seth D., 2009. "Risk classification and uncertainty propagation for virtual water distribution systems," Reliability Engineering and System Safety, Elsevier, vol. 94(8), pages 1259-1273.
    6. Luca Allodi & Fabio Massacci, 2017. "Security Events and Vulnerability Data for Cybersecurity Risk Estimation," Risk Analysis, John Wiley & Sons, vol. 37(8), pages 1606-1627, August.
    7. Eva Andrijcic & Barry Horowitz, 2006. "A Macro‐Economic Framework for Evaluation of Cyber Security Risks Related to Protection of Intellectual Property," Risk Analysis, John Wiley & Sons, vol. 26(4), pages 907-923, August.
    8. Levitin, Gregory & Hausken, Kjell & Taboada, Heidi A. & Coit, David W., 2012. "Data survivability vs. security in information systems," Reliability Engineering and System Safety, Elsevier, vol. 100(C), pages 19-27.
    9. Meilin He & Laura Devine & Jun Zhuang, 2018. "Perspectives on Cybersecurity Information Sharing among Multiple Stakeholders Using a Decision‐Theoretic Approach," Risk Analysis, John Wiley & Sons, vol. 38(2), pages 215-225, February.
    10. Howard Kunreuther, 2002. "Risk Analysis and Risk Management in an Uncertain World," Risk Analysis, John Wiley & Sons, vol. 22(4), pages 655-664, August.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Zhang, Xiaoyu & Xu, Maochao & Da, Gaofeng & Zhao, Peng, 2021. "Ensuring confidentiality and availability of sensitive data over a network system under cyber threats," Reliability Engineering and System Safety, Elsevier, vol. 214(C).
    2. Levitin, Gregory & Xing, Liudong & Dai, Yuanshun, 2022. "Co-residence based data theft game in cloud system with virtual machine replication and cancellation," Reliability Engineering and System Safety, Elsevier, vol. 222(C).
    3. Heping Jia & Rui Peng & Yi Ding & Changzheng Shao, 2020. "Reliability analysis of distributed storage systems considering data loss and theft," Journal of Risk and Reliability, , vol. 234(2), pages 303-321, April.
    4. Levitin, Gregory & Xing, Liudong & Dai, Yanshun, 2021. "Security and reliability of N-version cloud-based task solvers with individual version cancellation under data theft attacks," Reliability Engineering and System Safety, Elsevier, vol. 216(C).

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Levitin, Gregory & Xing, Liudong & Xiang, Yanping, 2020. "Optimization of time constrained N-version programming service components with competing task execution and version corruption processes," Reliability Engineering and System Safety, Elsevier, vol. 193(C).
    2. Levitin, Gregory & Xing, Liudong & Xiang, Yanping, 2021. "Minimization of Expected User Losses Considering Co-resident Attacks in Cloud System with Task Replication and Cancellation," Reliability Engineering and System Safety, Elsevier, vol. 214(C).
    3. Levitin, Gregory & Xing, Liudong & Dai, Yuanshun, 2022. "Co-residence based data theft game in cloud system with virtual machine replication and cancellation," Reliability Engineering and System Safety, Elsevier, vol. 222(C).
    4. Zhang, Xiaoyu & Xu, Maochao & Da, Gaofeng & Zhao, Peng, 2021. "Ensuring confidentiality and availability of sensitive data over a network system under cyber threats," Reliability Engineering and System Safety, Elsevier, vol. 214(C).
    5. Levitin, Gregory & Xing, Liudong & Dai, Yanshun, 2021. "Security and reliability of N-version cloud-based task solvers with individual version cancellation under data theft attacks," Reliability Engineering and System Safety, Elsevier, vol. 216(C).
    6. Natalie M. Scala & Allison C. Reilly & Paul L. Goethals & Michel Cukier, 2019. "Risk and the Five Hard Problems of Cybersecurity," Risk Analysis, John Wiley & Sons, vol. 39(10), pages 2119-2126, October.
    7. Peng, Rui & Xiao, Hui & Guo, Jianjun & Lin, Chen, 2020. "Optimal defense of a distributed data storage system against hackers’ attacks," Reliability Engineering and System Safety, Elsevier, vol. 197(C).
    8. Levitin, Gregory & Xing, Liudong & Xiang, Yanping, 2020. "Optimal early warning defense of N-version programming service against co-resident attacks in cloud system," Reliability Engineering and System Safety, Elsevier, vol. 201(C).
    9. Luo, Liang & Xing, Liudong & Levitin, Gregory, 2019. "Optimizing dynamic survivability and security of replicated data in cloud systems under co-residence attacks," Reliability Engineering and System Safety, Elsevier, vol. 192(C).
    10. Heping Jia & Rui Peng & Yi Ding & Changzheng Shao, 2020. "Reliability analysis of distributed storage systems considering data loss and theft," Journal of Risk and Reliability, , vol. 234(2), pages 303-321, April.
    11. Guizhou Wang & Jonathan W. Welburn & Kjell Hausken, 2020. "A Two-Period Game Theoretic Model of Zero-Day Attacks with Stockpiling," Games, MDPI, vol. 11(4), pages 1-26, December.
    12. Kjell Hausken & Jonathan W. Welburn, 2021. "Attack and Defense Strategies in Cyber War Involving Production and Stockpiling of Zero-Day Cyber Exploits," Information Systems Frontiers, Springer, vol. 23(6), pages 1609-1620, December.
    13. Levitin, Gregory & Xing, Liudong & Dai, Yuanshun, 2018. "Co-residence based data vulnerability vs. security in cloud computing system with random server assignment," European Journal of Operational Research, Elsevier, vol. 267(2), pages 676-686.
    14. Mo, Huadong & Xie, Min & Levitin, Gregory, 2015. "Optimal resource distribution between protection and redundancy considering the time and uncertainties of attacks," European Journal of Operational Research, Elsevier, vol. 243(1), pages 200-210.
    15. Han, Zhong & Tian, Liting & Cheng, Lin, 2021. "A deducing-based reliability optimization for electrical equipment with constant failure rate components duration their mission profile," Reliability Engineering and System Safety, Elsevier, vol. 212(C).
    16. Marcos Costa Roboredo & Luiz Aizemberg & Artur Alves Pessoa, 2019. "An exact approach for the r-interdiction covering problem with fortification," Central European Journal of Operations Research, Springer;Slovak Society for Operations Research;Hungarian Operational Research Society;Czech Society for Operations Research;Österr. Gesellschaft für Operations Research (ÖGOR);Slovenian Society Informatika - Section for Operational Research;Croatian Operational Research Society, vol. 27(1), pages 111-131, March.
    17. M. Islam & Rehan Sadiq & Manuel Rodriguez & Homayoun Najjaran & Alex Francisque & Mina Hoorfar, 2013. "Evaluating Water Quality Failure Potential in Water Distribution Systems: A Fuzzy-TOPSIS-OWA-based Methodology," Water Resources Management: An International Journal, Published for the European Water Resources Association (EWRA), Springer;European Water Resources Association (EWRA), vol. 27(7), pages 2195-2216, May.
    18. Wang, Wei & Cammi, Antonio & Di Maio, Francesco & Lorenzi, Stefano & Zio, Enrico, 2018. "A Monte Carlo-based exploration framework for identifying components vulnerable to cyber threats in nuclear power plants," Reliability Engineering and System Safety, Elsevier, vol. 175(C), pages 24-37.
    19. Richard Li-Yang Chen & Neng Fan & Ali Pinar & Jean-Paul Watson, 2017. "Contingency-constrained unit commitment with post-contingency corrective recourse," Annals of Operations Research, Springer, vol. 249(1), pages 381-407, February.
    20. Zio, E., 2018. "The future of risk assessment," Reliability Engineering and System Safety, Elsevier, vol. 177(C), pages 176-190.

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:wly:riskan:v:39:y:2019:i:4:p:846-858. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Wiley Content Delivery (email available below). General contact details of provider: https://doi.org/10.1111/(ISSN)1539-6924 .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.