Security-Aware Virtual Machine Allocation in the Cloud: A Game Theoretic Approach

Luke Kwiat; Charles A. Kamhoua; Kevin A. Kwiat; Jian Tang; Andrew Martin

doi:10.1109/CLOUD.2015.80

Security-Aware Virtual Machine Allocation in the Cloud: A Game Theoretic Approach

Luke Kwiat, Charles A. Kamhoua, Kevin A. Kwiat, Jian Tang, Andrew Martin

Department of Electrical Engineering & Computer Science

Research output: Chapter in Book/Entry/Poem › Conference contribution

28 Scopus citations

Abstract

With the growth of cloud computing, many businesses, both small and large, are opting to use cloud services compelled by a great cost savings potential. This is especially true of public cloud computing which allows for quick, dynamic scalability without many overhead or long-term commitments. However, one of the largest dissuasions from using cloud services comes from the inherent and unknown danger of a shared platform such as the hyper visor. An attacker can attack a virtual machine (VM) and then go on to compromise the hyper visor. If successful, then all virtual machines on that hyper visor can become compromised. This is the problem of negative externalities, where the security of one player affects the security of another. This work shows that there are multiple Nash equilibria for the public cloud security game. It also demonstrates that we can allow the players' Nash equilibrium profile to not be dependent on the probability that the hyper visor is compromised, reducing the factor externality plays in calculating the equilibrium. Finally, by using our allocation method, the negative externality imposed onto other players can be brought to a minimum compared to other common VM allocation methods.

Original language	English (US)
Title of host publication	Proceedings - 2015 IEEE 8th International Conference on Cloud Computing, CLOUD 2015
Editors	Calton Pu, Ajay Mohindra
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	556-563
Number of pages	8
ISBN (Electronic)	9781467372879
DOIs	https://doi.org/10.1109/CLOUD.2015.80
State	Published - Aug 19 2015
Event	8th IEEE International Conference on Cloud Computing, CLOUD 2015 - New York, United States Duration: Jun 27 2015 → Jul 2 2015

Publication series

Name	Proceedings - 2015 IEEE 8th International Conference on Cloud Computing, CLOUD 2015

Other

Other	8th IEEE International Conference on Cloud Computing, CLOUD 2015
Country/Territory	United States
City	New York
Period	6/27/15 → 7/2/15

Keywords

Cloud Computing
Cyber security
Externality
Game theory
Virtual machine allocation

ASJC Scopus subject areas

Computer Networks and Communications

Access to Document

10.1109/CLOUD.2015.80

Cite this

Kwiat, L., Kamhoua, C. A., Kwiat, K. A., Tang, J., & Martin, A. (2015). Security-Aware Virtual Machine Allocation in the Cloud: A Game Theoretic Approach. In C. Pu, & A. Mohindra (Eds.), Proceedings - 2015 IEEE 8th International Conference on Cloud Computing, CLOUD 2015 (pp. 556-563). Article 7214090 (Proceedings - 2015 IEEE 8th International Conference on Cloud Computing, CLOUD 2015). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CLOUD.2015.80

Security-Aware Virtual Machine Allocation in the Cloud: A Game Theoretic Approach. / Kwiat, Luke; Kamhoua, Charles A.; Kwiat, Kevin A. et al.
Proceedings - 2015 IEEE 8th International Conference on Cloud Computing, CLOUD 2015. ed. / Calton Pu; Ajay Mohindra. Institute of Electrical and Electronics Engineers Inc., 2015. p. 556-563 7214090 (Proceedings - 2015 IEEE 8th International Conference on Cloud Computing, CLOUD 2015).

Research output: Chapter in Book/Entry/Poem › Conference contribution

Kwiat, L, Kamhoua, CA, Kwiat, KA, Tang, J & Martin, A 2015, Security-Aware Virtual Machine Allocation in the Cloud: A Game Theoretic Approach. in C Pu & A Mohindra (eds), Proceedings - 2015 IEEE 8th International Conference on Cloud Computing, CLOUD 2015., 7214090, Proceedings - 2015 IEEE 8th International Conference on Cloud Computing, CLOUD 2015, Institute of Electrical and Electronics Engineers Inc., pp. 556-563, 8th IEEE International Conference on Cloud Computing, CLOUD 2015, New York, United States, 6/27/15. https://doi.org/10.1109/CLOUD.2015.80

Kwiat L, Kamhoua CA, Kwiat KA, Tang J, Martin A. Security-Aware Virtual Machine Allocation in the Cloud: A Game Theoretic Approach. In Pu C, Mohindra A, editors, Proceedings - 2015 IEEE 8th International Conference on Cloud Computing, CLOUD 2015. Institute of Electrical and Electronics Engineers Inc. 2015. p. 556-563. 7214090. (Proceedings - 2015 IEEE 8th International Conference on Cloud Computing, CLOUD 2015). doi: 10.1109/CLOUD.2015.80

Kwiat, Luke ; Kamhoua, Charles A. ; Kwiat, Kevin A. et al. / Security-Aware Virtual Machine Allocation in the Cloud : A Game Theoretic Approach. Proceedings - 2015 IEEE 8th International Conference on Cloud Computing, CLOUD 2015. editor / Calton Pu ; Ajay Mohindra. Institute of Electrical and Electronics Engineers Inc., 2015. pp. 556-563 (Proceedings - 2015 IEEE 8th International Conference on Cloud Computing, CLOUD 2015).

@inproceedings{10dcb4ddc0a748c9899d857df9a7fa5d,

title = "Security-Aware Virtual Machine Allocation in the Cloud: A Game Theoretic Approach",

abstract = "With the growth of cloud computing, many businesses, both small and large, are opting to use cloud services compelled by a great cost savings potential. This is especially true of public cloud computing which allows for quick, dynamic scalability without many overhead or long-term commitments. However, one of the largest dissuasions from using cloud services comes from the inherent and unknown danger of a shared platform such as the hyper visor. An attacker can attack a virtual machine (VM) and then go on to compromise the hyper visor. If successful, then all virtual machines on that hyper visor can become compromised. This is the problem of negative externalities, where the security of one player affects the security of another. This work shows that there are multiple Nash equilibria for the public cloud security game. It also demonstrates that we can allow the players' Nash equilibrium profile to not be dependent on the probability that the hyper visor is compromised, reducing the factor externality plays in calculating the equilibrium. Finally, by using our allocation method, the negative externality imposed onto other players can be brought to a minimum compared to other common VM allocation methods.",

keywords = "Cloud Computing, Cyber security, Externality, Game theory, Virtual machine allocation",

author = "Luke Kwiat and Kamhoua, {Charles A.} and Kwiat, {Kevin A.} and Jian Tang and Andrew Martin",

note = "Publisher Copyright: {\textcopyright} 2015 IEEE.; 8th IEEE International Conference on Cloud Computing, CLOUD 2015 ; Conference date: 27-06-2015 Through 02-07-2015",

year = "2015",

month = aug,

day = "19",

doi = "10.1109/CLOUD.2015.80",

language = "English (US)",

series = "Proceedings - 2015 IEEE 8th International Conference on Cloud Computing, CLOUD 2015",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "556--563",

editor = "Calton Pu and Ajay Mohindra",

booktitle = "Proceedings - 2015 IEEE 8th International Conference on Cloud Computing, CLOUD 2015",

}

TY - GEN

T1 - Security-Aware Virtual Machine Allocation in the Cloud

T2 - 8th IEEE International Conference on Cloud Computing, CLOUD 2015

AU - Kwiat, Luke

AU - Kamhoua, Charles A.

AU - Kwiat, Kevin A.

AU - Tang, Jian

AU - Martin, Andrew

PY - 2015/8/19

Y1 - 2015/8/19

N2 - With the growth of cloud computing, many businesses, both small and large, are opting to use cloud services compelled by a great cost savings potential. This is especially true of public cloud computing which allows for quick, dynamic scalability without many overhead or long-term commitments. However, one of the largest dissuasions from using cloud services comes from the inherent and unknown danger of a shared platform such as the hyper visor. An attacker can attack a virtual machine (VM) and then go on to compromise the hyper visor. If successful, then all virtual machines on that hyper visor can become compromised. This is the problem of negative externalities, where the security of one player affects the security of another. This work shows that there are multiple Nash equilibria for the public cloud security game. It also demonstrates that we can allow the players' Nash equilibrium profile to not be dependent on the probability that the hyper visor is compromised, reducing the factor externality plays in calculating the equilibrium. Finally, by using our allocation method, the negative externality imposed onto other players can be brought to a minimum compared to other common VM allocation methods.

AB - With the growth of cloud computing, many businesses, both small and large, are opting to use cloud services compelled by a great cost savings potential. This is especially true of public cloud computing which allows for quick, dynamic scalability without many overhead or long-term commitments. However, one of the largest dissuasions from using cloud services comes from the inherent and unknown danger of a shared platform such as the hyper visor. An attacker can attack a virtual machine (VM) and then go on to compromise the hyper visor. If successful, then all virtual machines on that hyper visor can become compromised. This is the problem of negative externalities, where the security of one player affects the security of another. This work shows that there are multiple Nash equilibria for the public cloud security game. It also demonstrates that we can allow the players' Nash equilibrium profile to not be dependent on the probability that the hyper visor is compromised, reducing the factor externality plays in calculating the equilibrium. Finally, by using our allocation method, the negative externality imposed onto other players can be brought to a minimum compared to other common VM allocation methods.

KW - Cloud Computing

KW - Cyber security

KW - Externality

KW - Game theory

KW - Virtual machine allocation

UR - http://www.scopus.com/inward/record.url?scp=84960153768&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84960153768&partnerID=8YFLogxK

U2 - 10.1109/CLOUD.2015.80

DO - 10.1109/CLOUD.2015.80

M3 - Conference contribution

AN - SCOPUS:84960153768

T3 - Proceedings - 2015 IEEE 8th International Conference on Cloud Computing, CLOUD 2015

SP - 556

EP - 563

BT - Proceedings - 2015 IEEE 8th International Conference on Cloud Computing, CLOUD 2015

A2 - Pu, Calton

A2 - Mohindra, Ajay

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 27 June 2015 through 2 July 2015

ER -

Security-Aware Virtual Machine Allocation in the Cloud: A Game Theoretic Approach

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this