A Game Theoretic Approach for Virtual Machine Allocation Security in Cloud Computing

Abstract

The Virtualization technologies make cloud computing desirable but they also introduce serious security risks like co-resident attack and interdependence between users on the same hypervisor. The previous works on the subject of virtualization security have some limitations: either we can not implement them, no performance evaluation or it increases the workload at servers or haven't quantitative analysis. This paper proposes a new approach to minimize Virtual machine escape attack in which the attacker's goal is to co-locate their VMs with the targets VMs on the same physical server. In order to proliferate his attack on the virtual machines of other users on the same hypervisor. Hence, we model different basic VM allocation policies using a game theoretic approach to get quantitative analysis. In each VM allocation policies, attacker's action is to decide when to start the VMs, how many VMs to start, what is the security level of its VMs. The goal of the defender will be to find a VM allocation policy that minimizes attacker's possibility. We also presented the attack efficiency, cost, coverage, power consumption and workload balance under the VM allocation policies and compute the numerical solution in CloudSim. This solution does not require any changes to the underlying infrastructure. Our results show that the Round Robin policy is the least secure allocation policy against Virtual machine escape attack. In order to minimise the efficiency rates for the attacker, the cloud provider should use a probabilistic VM allocation policy.