Abstract
Virtualization plays an important role in the recent trend of cloud computing. It allows the administrator to manage and allocate hardware resources flexibly. However, it also causes some security issues. This is a critical problem for service providers, who simultaneously strive to defend against malicious attackers while providing legitimate users with high quality service. In this paper, the attack-defense scenario is formulated as a mathematical model where the defender applies both proactive and reactive defense mechanisms against attackers with different attack strategies. In order to simulate real-world conditions, the attackers are assumed to have incomplete information and imperfect knowledge of the target network. This raises the difficulty of solving the model greatly, by turning the problem nondeterministic. After examining the experiment results, effective proactive and reactive defense strategies are proposed. This paper finds that a proactive defense strategy is suitable for dealing with aggressive attackers under “winner takes all” circumstances, while a reactive defense strategy works better in defending against less aggressive attackers under “fight to win or die” circumstances.
Highlights
The vision for most service providers is to provide highquality service and improve customer satisfaction, maximizing profit
This paper finds that a proactive defense strategy is suitable for dealing with aggressive attackers under “winner takes all” circumstances, while a reactive defense strategy works better in defending against less aggressive attackers under “fight to win or die” circumstances
As observed in the IBM X-Force Mid Year Trend and Risk Report conducted in August 2010 [1], attackers continue to take advantage of security flaws
Summary
The vision for most service providers is to provide highquality service and improve customer satisfaction, maximizing profit. It is much more important for a system or network to enhance robustness in order to satisfy QoS requirements for service users, than to prevent all categories of malicious attacks This symbiotic concept to security is called survivability, which is widely defined and applied in previous works [2,3,4,5,6]. Choosing the most appropriate one as the target, yet the restriction of game theory enforces the choosing probability which should be determined at the beginning of the cyber warfare In other words, those variations happened during attack and defense, like traffic reroute, link status, node conditions, are ignored. In this work, Monte Carlo simulation is applied to consider hopefully and cover every angle in the attack and defense scenario
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
