With the increase of cyber attacks such as DoS, there is a need for intelligent counter-strategies to protect critical cloudhosted applications. The challenge for the defense is to minimize the waste of cloud resources and limit loss of availability, yet have effective proactive and reactive measures that can thwart attackers. In this paper we address the defense needs by leveraging moving target defense protection within SoftwareDefined Networking-enabled cloud infrastructure. Our novelty is in the frequency minimization and consequent location selection of target movement across heterogeneous virtual machines based on attack probability, which in turn minimizes cloud management overheads. We evaluate effectiveness of our scheme using a largescale GENI testbed for a just-in-time news feed application setup. Our results show low attack success rate and higher performance of target application in comparison to the existing static moving target defense schemes that assume homogenous virtual machines.
Design of an efficient medium access control protocol is critical for proper functioning of a distributed cognitive radio network and better utilization of the channels not being used by primary users. In this paper, we design a contention based distributed medium access control (MAC) protocol for the secondary users' channel access. The proposed MAC protocol allows collision-free access to the available data channels and eventually their utilization by secondary users, with spectrum sensing part being handled by exclusive sensing nodes. We further introduce the provision of reservation of free channels by secondaries for extended periods to increase utilization without causing harmful interference to primaries. We demonstrate how such extended access to resources can be tuned to provide differential quality of service to the secondary users. The effectiveness of the protocol is evaluated by performing analysis and simulation. We use blocking probability, secondary usage of a secondary user and performance degradation caused to primary incumbents as performance metrics. We obtain the conditions for such extended access and try to gauge the resulting increase in utilization. Under optimal conditions, the proposed scheme enables the secondary network to utilize all available channels. The proposed scheme is shown to outperform the most sophisticated existing MAC schemes for distributed secondary networks.Index Terms-Cognitive radio networks; secondary users; MAC protocol Ç 1536-1233 ß
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.