Protecting scientific workflows in clouds with an intrusion tolerant system

Wang, Yawen; Guo, Yunfei; Guo, Zehua; Liu, Wenyan; Yang, Chao

doi:10.1049/iet-ifs.2018.5279

Cited by 9 publications

(2 citation statements)

References 37 publications

(44 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Ahmed et al [27] designed a Byzantine fault-tolerant system combining OpenStack and software-defined networks by taking advantage of the virtualization characteristics of cloud computing and using multiple short-period replicas to meet the Byzantine fault-tolerant conditions. Wang et al [28,29] proposed an intrusion tolerance system for cloud scientific workflow based on mimicry defense, which deployed redundant executors according to the number of common-mode vulnerabilities between operating systems without affecting the efficiency of scientific workflow and made a lag decision on the running results of the executors.…”

Section: Related Workmentioning

confidence: 99%

Multi-Dimensional Moving Target Defense Method Based on Adaptive Simulated Annealing Genetic Algorithm

Xu,

Cheng,

Yang

et al. 2024

Electronics

Self Cite

View full text Add to dashboard Cite

Due to the fine-grained splitting of microservices and frequent communication between microservices, the exposed attack surface of microservices has exploded, facilitating the lateral movement of attackers between microservices. To solve this problem, a multi-dimensional moving target defense method based on an adaptive simulated annealing genetic algorithm (MD2RS) is proposed. Firstly, according to the characteristics of microservices in the cloud, a microservice attack graph is proposed to quantify the attack scenario of microservices in the cloud so as to conveniently and intuitively observe the vulnerability of microservices in the cloud and the dependency relationship between microservices. Secondly, the security gain and resource cost are quantified for the key nodes selected by measuring the degree of dependence of each node according to the degree centrality. Finally, the Adaptive Simulated Annealing Genetic Algorithm (ASAGA) is used to solve the optimal security configuration information of the moving target defense, that is, the combination of the number of copies of the multi-copy deployment and the rotation cycle of the dynamic rotation of microservices, in order to quickly evaluate the security risks of microservices and optimize the security policy. Experiments show that the defense return rate of MD2RS is 85.95% higher than that of the mainstream methods, and the experimental results are conducive to applying this method to the dynamic defense of microservices in the cloud.

show abstract

Section: Related Workmentioning

confidence: 99%

Multi-Dimensional Moving Target Defense Method Based on Adaptive Simulated Annealing Genetic Algorithm

Xu,

Cheng,

Yang

et al. 2024

Electronics

Self Cite

View full text Add to dashboard Cite

show abstract

“…No prior information is needed in this model, which is a big difference between mimic defense and the reactive defense, such as intrusion detection system [8]. Besides, the running service units can be replaced periodically or at the moment when MDP detect a fault output result, thus to further enhance the security.…”

Section: Serverless Computing and Mimic Defensementioning

confidence: 99%

The MDSC paradigm design for serverless computing defense

Zhang

et al. 2023

Third International Conference on Artificial Intelligence and Computer Engineering (ICAICE 2022)

View full text Add to dashboard Cite

Serverless computing aims to handle all the system administration operations needed in cloud computing, thus to provide a paradigm that greatly simplifies cloud programming. However, the security in serverless computing is regarded as an independent technology. The lack of security consideration in the initial design makes it difficult to handle the increasingly complicated attack scenario in serverless computing, especially for the vulnerabilities and backdoor based network attack. In this paper, we propose MDSC, a mimic defense enabled paradigm for serverless computing. Specifically, MDSC paradigm introduces Dynamic Heterogeneous Redundancy (DHR) structural model to serverless computing, and make fully use of features introduced by serverless computing to achieve an intrinsic security system with acceptable costs. We show the feasibility of MDSC paradigm by implementing a trial of MDSC paradigm based on Kubernetes and Knative. Analysis and experimental results show that MDSC paradigm can achieve high level security with acceptable cost.

show abstract

Enhancing Workflow Security in Multi-cloud Environments Through Monitoring and Adaptation upon Cloud Service and Network Security Violations

Soveizi,

Karastoyanova

2023

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Protecting scientific workflows in clouds with an intrusion tolerant system

Cited by 9 publications

References 37 publications

Multi-Dimensional Moving Target Defense Method Based on Adaptive Simulated Annealing Genetic Algorithm

Multi-Dimensional Moving Target Defense Method Based on Adaptive Simulated Annealing Genetic Algorithm

The MDSC paradigm design for serverless computing defense

Enhancing Workflow Security in Multi-cloud Environments Through Monitoring and Adaptation upon Cloud Service and Network Security Violations

Contact Info

Product

Resources

About