Cyber-Threats Information Sharing in Cloud Computing: A Game Theoretic Approach

Kamhoua, Charles A.; Martin, Andrew P.; Tosh, Deepak K.; Kwiat, Kevin; Heitzenrater, Chad; Sengupta, Shamik

doi:10.1109/cscloud.2015.80

Cited by 22 publications

(7 citation statements)

References 14 publications

(21 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The use of game theory has largely focused on the VM allocation problem in the presence of adversaries [13], [14], [40], [15], [41]. A common assumption in such formulations is that the adversary is known which does not typically hold in practice.…”

Section: B Cloud Security Using Game-theoretic Techniquesmentioning

confidence: 99%

See 1 more Smart Citation

A Game-Theoretic Framework for the Virtual Machines Migration Timing Problem

Anwar

Atia

Guirguis

2021

IEEE Trans. Cloud Comput.

View full text Add to dashboard Cite

In a multi-tenant cloud, a number of Virtual Machines (VMs) are collocated on the same physical machine to optimize performance, power consumption and maximize profit. This, however, increases the risk of a malicious VM performing side-channel attacks and leaking sensitive information from neighboring VMs. To this end, this paper develops and analyzes a game-theoretic framework for the VM migration timing problem in which the cloud provider decides when to migrate a VM to a different physical machine to reduce the risk of being compromised by a collocated malicious VM. The adversary decides the rate at which she launches new VMs to collocate with the victim VMs. Our formulation captures a data leakage model in which the cost incurred by the cloud provider depends on the duration of collocation with malicious VMs. It also captures costs incurred by the adversary in launching new VMs and by the defender in migrating VMs. We establish sufficient conditions for the existence of Nash equilibria for general cost functions, as well as for specific instantiations, and characterize the best response for both players. Furthermore, we extend our model to characterize its impact on the attacker's payoff when the cloud utilizes intrusion detection systems that detect side-channel attacks.Our theoretical findings are corroborated with extensive numerical results in various settings.

show abstract

Section: B Cloud Security Using Game-theoretic Techniquesmentioning

confidence: 99%

“…• Unlike [13], [14], [15], we do not assume the defender has prior knowledge of the exact location of the attacker, thereby allowing for realistic threat and defense models. The defender has to migrate the VMs at the right time(s) to defend against malicious collocating users.…”

Section: Introductionmentioning

confidence: 99%

A Game-Theoretic Framework for the Virtual Machines Migration Timing Problem

Anwar

Atia

Guirguis

2021

IEEE Trans. Cloud Comput.

View full text Add to dashboard Cite

show abstract

“…This was one of the first frameworks to share information about security vulnerabilities. The research in [30] presented a game theoretic model for CTI sharing in the cloud. The model focused on trade-offs between the security and risks of sharing CTI.…”

Section: Cti Sharing Collaborationmentioning

confidence: 99%

“…The 4 previously presented works contributing to CTI collaboration from various perspectives. Where [29], [30], and [31] are applicable to generic CTI collaboration; [32] focuses on specific CTI sharing collaboration pertaining to environmental needs, i.e., country specific.…”

Section: Cti Sharing Collaborationmentioning

confidence: 99%

Cyber threat intelligence sharing: Survey and research directions

Wagner

Mahbub

Palomar

et al. 2019

Computers & Security

173

View full text Add to dashboard Cite

Cyber Threat Intelligence (CTI) sharing has become a novel weapon in the arsenal of cyber defenders to proactively mitigate increasing cyber attacks. Automating the process of CTI sharing, and even the basic consumption, has raised new challenges for researchers and practitioners. This extensive literature survey explores the current state-of-the-art and approaches different problem areas of interest pertaining to the larger field of sharing cyber threat intelligence. The motivation for this research stems from the recent emergence of sharing cyber threat intelligence and the involved challenges of automating its processes. This work comprises a considerable amount of articles from academic and gray literature, and focuses on technical and non-technical challenges. Moreover, the findings reveal which topics were widely discussed, and hence considered relevant by the authors and cyber threat intelligence sharing communities.

show abstract

“…In these settings, sector‐specific views together with experiences and extended case descriptions need to be exchanged to derive complete benefits . Cyberincident IS has the potential for improving vulnerabilities discovery with reduced costs . It facilitates keeping up with the evolving threat landscape, enhances threat awareness, and enables effective incident response .…”

Section: Introductionmentioning

confidence: 99%

Threat intelligence platform for the energy sector

Wróbel

2019

Softw Pract Exp

View full text Add to dashboard Cite

In recent years, critical infrastructures and power systems in particular have been subjected to sophisticated cyberthreats, including targeted attacks and advanced persistent threats. A promising response to this challenging situation is building up enhanced threat intelligence (TI) that interlinks information sharing and fine-grained situation awareness. In this paper, a framework that integrates all levels of TI, ie, strategic, tactical, operational, and technical, is presented. The platform implements the centralized model of information exchange with peer-to-peer interactions between partners as an option. Several supportive solutions were introduced, including anonymity mechanisms or data processing and correlation algorithms. A data model that enables communication of cyberincident information, both in natural language and machine-readable formats, was defined. Similarly, security requirements for critical components were devised. A pilot implementation of the platform was developed and deployed in the operational environment, which enabled practical evaluation of the design. Also, the security of the anonymity architecture was analyzed.

show abstract

Cyber-Threats Information Sharing in Cloud Computing: A Game Theoretic Approach

Cited by 22 publications

References 14 publications

A Game-Theoretic Framework for the Virtual Machines Migration Timing Problem

A Game-Theoretic Framework for the Virtual Machines Migration Timing Problem

Cyber threat intelligence sharing: Survey and research directions

Threat intelligence platform for the energy sector

Contact Info

Product

Resources

About