首页> 外文期刊>IEEE transactions on dependable and secure computing >Resource-Aware Detection and Defense System against Multi-Type Attacks in the Cloud: Repeated Bayesian Stackelberg Game
【24h】

Resource-Aware Detection and Defense System against Multi-Type Attacks in the Cloud: Repeated Bayesian Stackelberg Game

机译:对云中多种攻击的资源感知检测和防御系统:重复贝叶斯堆栈比赛

获取原文
获取原文并翻译 | 示例

摘要

Cloud-based systems are subject to various attack types launched by Virtual Machines (VMs) manipulated by attackers having different goals and skills. The existing detection and defense mechanisms might be suitable for simple attack environments but become ineffective when the system faces advanced attack scenarios wherein simultaneous attacks of different types are involved. This is because these mechanisms overlook the attackers' strategies in the detection system's design, ignore the system's resource constraints, and lack sufficient knowledge about the attackers' types and abilities. To address these shortcomings, we propose a repeated Bayesian Stackelberg game consisting of the following phases: risk assessment framework that identifies the VMs' risk levels, live-migration-based defense mechanism that protects services from being successful targets for attackers, machine-learning-based technique that collects malicious data from VMs using honeypots and employs one-class Support Vector Machine to learn the attackers' types distributions, and resource-aware Bayesian Stackelberg game that provides the hypervisor with the detection load's optimal distribution over VMs that maximizes the detection of multi-type attacks. Experiments conducted using Amazon's datacenter and Amazon Web Services honeypot data reveal that our solution maximizes the detection, minimizes the number of attacked services, and runs efficiently compared to the state-of-the-art detection and defense strategies, namely Collabra, probabilistic migration, Stackelberg, maxmin, and fair allocation.
机译:基于云的系统受到虚拟机(VMS)推出的各种攻击类型,由具有不同目标和技能的攻击者操纵。现有的检测和防御机制可能适用于简单的攻击环境,但是当系统面对所涉及不同类型的同时攻击不同类型的同时攻击时,当系统面临着高级攻击方案时变得无效。这是因为这些机制在检测系统的设计中忽略了攻击者的策略,忽略了系统的资源限制,缺乏对攻击者类型和能力的充分知识。为解决这些缺点,我们提出了一个重复的贝叶斯堆栈比赛,包括以下阶段:风险评估框架,用于识别VMS的风险水平,基于实时迁移的防御机制,以保护服务成为攻击者的成功目标,机器学习 - 基于技术从VMS使用蜜孔收集VMS并采用单级支持向量机来学习攻击者的类型分布,资源感知贝叶斯贝尔伯格游戏,提供具有检测负载的虚拟机管理程序的VM,最大化检测的VMS的最佳分布多型攻击。使用Amazon的数据中心和亚马逊Web服务蜜罐数据进行的实验表明,我们的解决方案最大限度地提高了检测,最大限度地减少了攻击服务的数量,并有效地与最先进的检测和防御策略相比,即科学的概率迁移, Stackelberg,Maxmin和公平分配。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有
  • 客服微信

  • 服务号