Stackelberg game modeling of cloud security defending strategy in the case of information leaks and corruption

Abstract

The paper presents the Stackelberg Game (SG) based model for automating security decisions in Cloud Computing systems (CC). The presented model enables to describe the attack-defense scenarios. The game incorporates two types of players competing against each other: defender and attacker. The Cloud provider is the leader. He is allowed to play his strategy first. The attackers, hackers or other malicious individuals, were aggregated into the second player. Second player’s decisions are made based on the leader actions and based on their own aims. The paper presents the black-box method for calculating the strategy of the attacker. In the paper, the utility function was obtained by applying several pipelines of Artificial Neural Networks (ANNs). Additionally, the model assumes information leakages about the attacker strategy and corruption against standard SG models. The solution has been verified by the experimental simulation of Cloud security attacks based on logs from open data set provided by Los Alamos National Security Lab. The best strategy for security controls applying is calculated based on security threats occurrence. It enables finding the relevant defense strategy by the cloud provider.