Defending Against Co-Residence Attack in Energy-Efficient Cloud: An Optimization Based Real-Time Secure VM Allocation Strategy
Resource sharing among users serves as the foundation of cloud computing, which, however, may also cause vulnerabilities to diverse co-residence attacks launched by malicious virtual machines (VM) residing in the same physical server with the victim VMs. In this paper, we aim to defend against such...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2022-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/9889331/ |
| _version_ | 1798001614029586432 |
|---|---|
| author | Lu Cao Ruiwen Li Xiaojun Ruan Yuhong Liu |
| author_facet | Lu Cao Ruiwen Li Xiaojun Ruan Yuhong Liu |
| author_sort | Lu Cao |
| collection | DOAJ |
| description | Resource sharing among users serves as the foundation of cloud computing, which, however, may also cause vulnerabilities to diverse co-residence attacks launched by malicious virtual machines (VM) residing in the same physical server with the victim VMs. In this paper, we aim to defend against such co-residence attacks through a secure, workload-balanced, and energy-efficient VM allocation strategy. Specifically, we model the problem as an optimization problem by quantifying and minimizing three key factors: (1) the security risks, (2) the power consumption and (3) the unbalanced workloads among different physical servers. Furthermore, this work considers a realistic environmental setting by assuming a random number of VMs from different users arriving at random timings, which requires the optimization solution to be continuously evolving. As the optimization problem is NP-hard, we propose to first cluster VMs in time windows, and further adopt the Ant Colony Optimization (ACO) algorithm to identify the optimal allocation strategy for each time window. Comprehensive experimental results based on real world cloud traces validate the effectiveness of the proposed scheme. |
| first_indexed | 2024-04-11T11:38:56Z |
| format | Article |
| id | doaj.art-6e1f69ea01644276bf01f414aabf561d |
| institution | Directory Open Access Journal |
| issn | 2169-3536 |
| language | English |
| last_indexed | 2024-04-11T11:38:56Z |
| publishDate | 2022-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj.art-6e1f69ea01644276bf01f414aabf561d2022-12-22T04:25:53ZengIEEEIEEE Access2169-35362022-01-0110985499856110.1109/ACCESS.2022.32060219889331Defending Against Co-Residence Attack in Energy-Efficient Cloud: An Optimization Based Real-Time Secure VM Allocation StrategyLu Cao0Ruiwen Li1Xiaojun Ruan2Yuhong Liu3https://orcid.org/0000-0002-3717-427XDepartment of Computer Engineering, Santa Clara University, Santa Clara, CA, USADepartment of Computer Engineering, Santa Clara University, Santa Clara, CA, USADepartment of Computer Science, California State University, East Bay, CA, USADepartment of Computer Engineering, Santa Clara University, Santa Clara, CA, USAResource sharing among users serves as the foundation of cloud computing, which, however, may also cause vulnerabilities to diverse co-residence attacks launched by malicious virtual machines (VM) residing in the same physical server with the victim VMs. In this paper, we aim to defend against such co-residence attacks through a secure, workload-balanced, and energy-efficient VM allocation strategy. Specifically, we model the problem as an optimization problem by quantifying and minimizing three key factors: (1) the security risks, (2) the power consumption and (3) the unbalanced workloads among different physical servers. Furthermore, this work considers a realistic environmental setting by assuming a random number of VMs from different users arriving at random timings, which requires the optimization solution to be continuously evolving. As the optimization problem is NP-hard, we propose to first cluster VMs in time windows, and further adopt the Ant Colony Optimization (ACO) algorithm to identify the optimal allocation strategy for each time window. Comprehensive experimental results based on real world cloud traces validate the effectiveness of the proposed scheme.https://ieeexplore.ieee.org/document/9889331/Computer securitycloud computingco-residence attackant colony optimization |
| spellingShingle | Lu Cao Ruiwen Li Xiaojun Ruan Yuhong Liu Defending Against Co-Residence Attack in Energy-Efficient Cloud: An Optimization Based Real-Time Secure VM Allocation Strategy IEEE Access Computer security cloud computing co-residence attack ant colony optimization |
| title | Defending Against Co-Residence Attack in Energy-Efficient Cloud: An Optimization Based Real-Time Secure VM Allocation Strategy |
| title_full | Defending Against Co-Residence Attack in Energy-Efficient Cloud: An Optimization Based Real-Time Secure VM Allocation Strategy |
| title_fullStr | Defending Against Co-Residence Attack in Energy-Efficient Cloud: An Optimization Based Real-Time Secure VM Allocation Strategy |
| title_full_unstemmed | Defending Against Co-Residence Attack in Energy-Efficient Cloud: An Optimization Based Real-Time Secure VM Allocation Strategy |
| title_short | Defending Against Co-Residence Attack in Energy-Efficient Cloud: An Optimization Based Real-Time Secure VM Allocation Strategy |
| title_sort | defending against co residence attack in energy efficient cloud an optimization based real time secure vm allocation strategy |
| topic | Computer security cloud computing co-residence attack ant colony optimization |
| url | https://ieeexplore.ieee.org/document/9889331/ |
| work_keys_str_mv | AT lucao defendingagainstcoresidenceattackinenergyefficientcloudanoptimizationbasedrealtimesecurevmallocationstrategy AT ruiwenli defendingagainstcoresidenceattackinenergyefficientcloudanoptimizationbasedrealtimesecurevmallocationstrategy AT xiaojunruan defendingagainstcoresidenceattackinenergyefficientcloudanoptimizationbasedrealtimesecurevmallocationstrategy AT yuhongliu defendingagainstcoresidenceattackinenergyefficientcloudanoptimizationbasedrealtimesecurevmallocationstrategy |