Abstract
It is a common practice that public clouds adopt Virtual Machine (VM) multiplexing to improve resource usage and energy consumption. However, packing multiple VMs of different security requirements into a single hypervisor gives rise to major cybersecurity issues, such as VM to VM Interdependency-based cybersecurity (ICS) risks. For example, the chances of successfully compromising a secure Critical VM (CVM) are very high when an attacker compromises the hosting hypervisor after a successful attack on one of its less secure, non-critical VMs (NVMs). In this paper, we study how to securely and efficiently collocate CVMs with NVMs in public cloud clusters. Specifically, we model and analyze the ICS risks imposed on CVMs by NVMs using noncooperative game models involving two players, i.e., an attacker and a cloud provider. We then introduce a novel approach that can judiciously determine the allocation of VMs so that the ICS risks imposed on critical VMs are guaranteed to be minimized. Our experimental results show that our proposed algorithm can judiciously optimize the provider’s overall resource usage, energy consumption, and operational expense while minimizing the potential security loss given a successful attack on any VM.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
