I Know You Are Watching Me: Stackelberg-Based Adaptive Intrusion Detection Strategy for Insider Attacks in the Cloud

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

9 Scopus citations

Abstract

Insider attacks in which misbehaving Virtual Machines (VMs) take part of the cloud system and learn about its internal vulnerabilities constitute a major threat against cloud resources and infrastructure. This demands setting up continuous and comprehensive security arrangements to restrict the effects of such attacks. However, limited security resources prohibit full detection coverage on all VMs at all times, which can be exploited by attackers to examine the selective detection strategies and adjust their own attack plans accordingly. Motivated by the absence of any approach that accounts for such a challenge in the domain of cloud computing, we propose in this work an adaptive detection strategy that formulates a Stackelberg security game to enable the cloud system to optimally exploit its available amount of security resources to maximize the detection of distributed attacks, knowing that attackers have the ability to monitor the cloud system's strategies and adjust their own attack plans. Experiments carried out on the CloudSim framework reveal that the proposed solution maximizes the detection of distributed attacks and minimizes false negatives and positives compared to a maximin-based detection strategy, while being scalable to the increase in both the number of co-hosted VMs and percentage of co-resident attackers.

Original languageBritish English
Title of host publicationProceedings - 2017 IEEE 24th International Conference on Web Services, ICWS 2017
EditorsShiping Chen, Ilkay Altintas
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages728-735
Number of pages8
ISBN (Electronic)9781538607527
DOIs
StatePublished - 7 Sep 2017
Event24th IEEE International Conference on Web Services, ICWS 2017 - Honolulu, United States
Duration: 25 Jun 201730 Jun 2017

Publication series

NameProceedings - 2017 IEEE 24th International Conference on Web Services, ICWS 2017

Conference

Conference24th IEEE International Conference on Web Services, ICWS 2017
Country/TerritoryUnited States
CityHonolulu
Period25/06/1730/06/17

Keywords

  • intrusion detection
  • limited resources
  • Load distribution
  • security
  • Stackelberg game theory
  • virtualized cloud

Fingerprint

Dive into the research topics of 'I Know You Are Watching Me: Stackelberg-Based Adaptive Intrusion Detection Strategy for Insider Attacks in the Cloud'. Together they form a unique fingerprint.

Cite this