Skip to main content
SpringerLink
Log in

A Game Theoretic Approach for Cloud Computing Security Assessment Using Moving Target Defense Mechanisms

  • Conference paper
  • First Online:
Innovations in Smart Cities and Applications (SCAMS 2017)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 37))

Included in the following conference series:

  • 2096 Accesses

Abstract

Nowadays, the security of the Internet is always dressing severe challenges. To achieve network system’s security with the complexity and the diversity of attack types is too difficult and costly. However, to make the network systems more resistant to attacks, Moving Target Defense (MTD) has been introduced to maximize the complexity and the uncertainty of various attacks. Indeed, these proactive defense techniques have been deployed as a game changer to prevent or delay attacks and limit their opportunity windows. This paper provides an important branch of MTD mechanisms named IP address hopping mechanism using detection systems for attack mitigation in the cloud environment. We have used a game theory approach to model the attack-defense interaction and analyze the effect of MTD on the payoff of both the attacker and the defender. Consequently, we have used Matlab simulator to validate the proposed model. Our approach demonstrated its feasibility in terms of attack mitigation in the cloud and proved the efficiency of IP address hopping mechanism to reduce the attacker’s opportunity window.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Xu, J., Guo, P., Zhao, M., Erbacher, R.F., Zhu, M., Liu, P.: Comparing different moving target defense techniques. In: Proceedings of the First ACM Workshop on Moving Target Defense, pp. 97–107. ACM (2014)

    Google Scholar 

  2. Carter, K.M., Riordan, J.F., Okhravi, H.: A game theoretic approach to strategy determination for dynamic platform defenses. In: Proceedings of the First ACM Workshop on Moving Target Defense, pp. 21–30. ACM (2014)

    Google Scholar 

  3. Okhravi, H., Hobson, T., Bigelow, D., Streilein, W.: Finding focus in the blur of moving-target techniques. IEEE Secur. Priv. 12(2), 16–26 (2014)

    Article  Google Scholar 

  4. Zhuang, R., DeLoach, S.A., Ou, X.: Towards a theory of moving target defense. In: Proceedings of the First ACM Workshop on Moving Target Defense, pp. 31–40. ACM (2014)

    Google Scholar 

  5. Jafarian, J.H., Al-Shaer, E., Duan, Q.: Openflow random host mutation: transparent moving target defense using software defined networking. In: Proceedings of the First Workshop on Hot Topics in Software Defined Networks, pp. 127–132. ACM (2012)

    Google Scholar 

  6. El Kafhali, S., Salah, K.: Stochastic modelling and analysis of cloud computing data center. In: Proceedings of 20th Conference on Innovations in Clouds, Internet and Networks, pp. 122–126. IEEE (2017)

    Google Scholar 

  7. Harsanyi, J.C.: Games with incomplete information played by Bayesian players, III: part I. The basic model. Manage. Sci. 50(12-supp), 1804–1817 (2004)

    Article  Google Scholar 

  8. Debroy, S., Calyam, P., Nguyen, M., Stage, A., Georgiev, V.: Frequency-minimal moving target defense using software-defined networking. In: Proceedings of the International Conference on Computing, Networking and Communications, pp. 1–6. IEEE (2016)

    Google Scholar 

  9. Wang, H., Jia, Q., Fleck, D., Powell, W., Li, F., Stavrou, A.: A moving target DDoS defense mechanism. Comput. Commun. 46, 10–21 (2014)

    Article  Google Scholar 

  10. Jia, Q., Wang, H., Fleck, D., Li, F., Stavrou, A., Powell, W.: Catch me if you can: a cloud-enabled DDoS defense. In: Proceedings of the 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 264–275 (2014)

    Google Scholar 

  11. Peng, W., Li, F., Huang, C.-T., Zou, X.: A moving-target defense strategy for cloud-based services with heterogeneous and dynamic attack surfaces. In: Proceedings of the International Conference on Communications (ICC), pp. 804–809. IEEE (2014)

    Google Scholar 

  12. El Mir, I., Chowdhary, A., Huang, D., Pisharody, S., Kim, D.S., Haqiq, A.: Software defined stochastic model for moving target defense. In: Proceedings of the Third International Afro-European Conference for Industrial Advancement, pp. 188–197. Springer, Cham (2016)

    Google Scholar 

  13. Kampanakis, P., Perros, H., Beyene, T.: SDN-based solutions for moving target defense network protection. In: Proceedings of the 15th International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM), pp. 1–6. IEEE (2014)

    Google Scholar 

  14. Zhuang, R., Zhang, S., Bardas, A., DeLoach, S.A., Ou, X., Singhal, A.: Investigating the application of moving target defenses to network security. In: Proceedings of the 6th International Symposium on Resilient Control Systems, pp. 162–169. IEEE (2013)

    Google Scholar 

  15. El Mir, I., Kim, D.S., Haqiq, A.: Cloud computing security modeling and analysis based on a self-cleansing intrusion tolerance technique. J. Inf. Assur. Secur. 11(5), 273–282 (2016)

    Google Scholar 

  16. El Mir, I., Kim, D.S., Haqiq, A.: Security modeling and analysis of an intrusion tolerant cloud data center. In: Proceedings of the Third World Conference on Complex Systems (WCCS), pp. 1–6. IEEE (2015)

    Google Scholar 

  17. Lei, C., Ma, D.-H., Zhang, H.-Q.: Optimal strategy selection for moving target defense based on Markov game. IEEE Access 5, 156–169 (2017)

    Article  Google Scholar 

  18. Beckery, S., Seibert, J., Zage, D., Nita-Rotaru, C., Statey, R.: Applying game theory to analyze attack and defenses in virtual coordinate systems. In: IEEE/IFIP Proceedings of the 41st International Conference on Dependable Systems & Networks, pp. 133–144 (2011)

    Google Scholar 

  19. Cai, G., Wang, B., Wang, X., Yuan, Y., Li, S.: An introduction to network address shuffling. In: Proceedings of the 18th International Conference on Advanced Communication Technology, pp. 185–190. IEEE (2016)

    Google Scholar 

  20. Carroll, T.E., Crouse, M., Fulp, E.W., Berenhaut, K.S.: Analysis of network address shuffling as a moving target defense. In: Proceedings of the International Conference on Communications, pp. 701–706. IEEE (2014)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer, Networks, Mobility and Modeling Laboratory, Faculty of Sciences and Technology, Hassan 1st University, Settat, Morocco

    Iman El Mir & Abdelkrim Haqiq

  2. Department of Computer Science and Software Engineering, University of Canterbury, Christchurch, New Zealand

    Dong Seong Kim

Authors
  1. Iman El Mir
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Abdelkrim Haqiq
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dong Seong Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Iman El Mir .

Editor information

Editors and Affiliations

  1. Computer Sciences Department, Faculty of Sciences and Techniques, Abdelmalek Essaadi University, Tangier, Morocco

    Mohamed Ben Ahmed

  2. Computer Sciences Department, Faculty of Sciences and Techniques, Abdelmalek Essaadi University, Tangier, Morocco

    Anouar Abdelhakim Boudhir

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

El Mir, I., Haqiq, A., Kim, D.S. (2018). A Game Theoretic Approach for Cloud Computing Security Assessment Using Moving Target Defense Mechanisms. In: Ben Ahmed, M., Boudhir, A. (eds) Innovations in Smart Cities and Applications. SCAMS 2017. Lecture Notes in Networks and Systems, vol 37. Springer, Cham. https://doi.org/10.1007/978-3-319-74500-8_22

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-74500-8_22

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-74499-5

  • Online ISBN: 978-3-319-74500-8

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation