Feedback Control Method for Mimic Defense in Cloud Environment

doi:10.3969/j.issn.1671-1122.2021.01.006

Abstract

Abstract:

The virtualization technology in the cloud environment brings some data and privacy security issues to users. Aiming at the problems of the singleness, homogeneity and static stateof virtual machines in the cloud environment, a feedback control method for mimic defense under the cloud environment is proposed. This method is based on the virtual machine in the cloud and uses mimic defense technology to mimic encapsulation of virtual machines, through the feedback control architecture to achieve closed-loop negative feedback control, and based on the dynamic rotation of heterogeneous virtual machines to change the execution environment to ensure the randomness of the virtual machine system environment. Experiments show that the design achieves error tolerance for user services, suspicious virtual machine detection and dynamic rotation, which increases the difficulty for attackers to exploit vulnerabilities.

Key words: cloud environment, mimic defense, feedback control, dynamic rotation

CLC Number:

TP309

CHEN Fucai, ZHOU Mengli, LIU Wenyan, LIANG Hao. Feedback Control Method for Mimic Defense in Cloud Environment[J]. Netinfo Security, 2021, 21(1): 49-56.

Figures/Tables 7

References 17

[1]	KHORSHED M T, ALI A B M S, WASIMI S A. Trust Issues that Create Threats for Cyber Attacks in Cloud Computing[EB/OL]. https://ieeexplore.ieee.org/document/6121377, 2020-09-08
[2]	ZHANG Miao, JI Xinsheng, AI Jianjian, et al. Virtual Machine Security Deployment Strategy Based on Operating System Diversity[J]. Journal of Network and Information Security, 2017,10(3):35-43.
	张淼, 季新生, 艾健健, 等. 基于操作系统多样性的虚拟机安全部署策略[J]. 网络与信息安全学报, 2017,10(3):35-43.
[3]	GUO Minzhe, BHATTACHARYA P. Diverse Virtual Replicas for Improving Intrusion Tolerance in Cloud[C] //ACM. ACM Press the 9th Annual Cyber and Information Security Research Conference, April 8-10,2014, Oak Ridge, Tennessee. New York: ACM, 2014: 41-44.
[4]	GADZE J D, COBBAH M, KLOGO G S. Network Intrusion Detection and Countermeasure Selection in Virtual Network (NIDCS)[J]. International Journal of Security, 2016,5(1):25-39.
[5]	WANG Yimin. Automated Web Patrol with Strider Honey Monkeys: Finding Web sites that Exploit Brower Vulnerabilities[EB/OL]. http://citeseerx.ist.psu.edu/viewdoc/download;jsessionid=15C7A2D3A59C4B156C686A99F6D0C458?doi=10.1.1.100.224&rep=rep1&type=pdf, 2020-01-03.
[6]	ROSCHKE S, CHENG F, MEINEL C. Intrusion Detection in the Cloud[C] //IEEE. Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing, December 12-14, 2009, Chengdu, China. New York: IEEE, 2009: 729-734.
[7]	BAKSHI A, DUJODWALA YB. Securing Cloud from DDOS Attacks Using Intrusion Detection System in Virtual Machine[C] //IEEE. International Conference on Communication Software & Networks, February 26-28, 2010, Singapore. New York: IEEE, 2010: 260-264.
[8]	WEN Tian, JI Xiaopeng, LIU Weiwei, et al. Honeypot Game‐theoretical Model for Defending Against APT Attacks with Limited Resources in Cyber-physical Systems[J]. ETRI Journal, 2019,41(1):585-598. doi: 10.4218/etrij.2019-0152 URL
[9]	ZHUANG Rui, DELOACH S, OU Xinming. Towards a Theory of Moving Target Defense[C] //ACM. Proceedings of the 1st ACM Workshop on Moving Target Defense, November 7, 2014, Scottsdale, Arizona. New York: ACM, 2014: 31-40.
[10]	WRIGHT M, VENKATESAN S, ALBANESES M, et al. Moving Target Defense against DDOS Attacks: An Empirical Game-theoretic Analysis[C] //ACM. Proceedings of the 3rd ACM Workshop on Moving Target Defense, October 24, 2016, New York, NY, USA. New York: ACM, 2016: 93-104.
[11]	ALAVIZADEH H, HONG J B, DONG S K, et al. Comprehensive Security Assessment of Combined MTD Techniques for the Cloud[C] // ACM. Proceedings of the 5th ACM Workshop on Moving Target Defense, October 15, 2018, Toronto, Canada. New York: ACM, 2018: 94-104.
[12]	JAJODIA S, GHOSH A K, SWARUP V, et al. Moving Target Defense[J]. Advances in Information Security, 2011,11(54):99-108.
[13]	WU Jiangxing. Research on Mimicry Defense in Cyberspace[J]. Journal of Information Security, 2016,1(4):1-10. doi: 10.4236/jis.2010.11001 URL
	邬江兴. 网络空间拟态防御研究[J]. 信息安全学报, 2016,1(4):1-10.
[14]	TONG Qing, ZHANG Zheng, ZHANG Weihua, et al. Design and Implementation of Mimicry Defense Web Server[J]. Journal of Software, 2017,28(4):883-897.
	仝青, 张铮, 张为华, 等. 拟态防御Web服务器设计与实现[J]. 软件学报, 2017,28(4):883-897.
[15]	WANG Zhenpeng, HU Hongchao, CHENG Guozhen. Implementation Architecture of Mimicry Defense in Software Defined Networks[J]. Journal of Information Security, 2017,3(10):52-61.
	王禛鹏, 扈红超, 程国振. 软件定义网络下的拟态防御实现架构[J]. 信息安全学报, 2017,3(10):52-61.
[16]	WANG Zhenpeng, HU Hongchao, CHENG Guozhen. DNS Framework Design Based on Mimicry Security Defense[J]. Chinese Journal of Electronics. 2017,45(11):2705-2714.
	王禛鹏, 扈红超, 程国振. 一种基于拟态安全防御的DNS框架设计[J]. 电子学报, 2017,45(11):2705-2714.
[17]	WANG Yawen, WU Jiangxing, GUO Yunfei, et al. Scientific Workflow Execution System Based on Mimic Defense in the Cloud Environment[J]. Frontiers of Information Technology & Electronic Engineering, 2018,19(12):1522-1536.