On Dynamic Recovery of Cloud Storage System Under Advanced Persistent Threats
Open Access
- 30 July 2019
- journal article
- research article
- Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Access
- Vol. 7, 103556-103569
- https://doi.org/10.1109/access.2019.2932020
Abstract
Advanced persistent threat (APT) for data theft poses a severe threat to cloud storage systems (CSSs). An APT actor may steal valuable data from the target CSS even in a strategic fashion. To protect a CSS from APT, the cloud defender has to dynamically allocate the limited security resources to recover the compromised storage servers, aiming at mitigating his total loss. This paper addresses this dynamic cloud storage recovery (DCSR) problem by employing differential game theory. First, by introducing an expected state evolution model capturing the CSS's expected state evolution process under a combination of attack strategy and recovery strategy, we measure the APT attacker's net benefit and the cloud defender's total loss. On this basis and in the worst-case situation where the cloud defender assumes that the APT attacker has full knowledge of his expected loss, we reduce the DCSR problem to a differential game-theoretic problem (the DCSR* problem) to characterize the strategic interactions between the two parties. Second, we derive a necessary condition for Nash equilibrium of the DCSR* problem and thereby introduce the concept of competitive strategy profile. Next, we study the structural properties of the competitive strategy profile, followed by some numerical examples. Then, we conduct extensive comparative experiments to exhibit that the competitive strategy profile is superior to a large number of randomly generated strategy profiles in the sense of Nash equilibrium solution concept. Finally, we briefly analyze the practicability (scalability and feasibility) of this paper. Our findings will be helpful to enhance the APT defense capabilities of the cloud defender.Funding Information
- National Natural Science Foundation of China (61572006)
This publication has 52 references indexed in Scilit:
- Flip the Cloud: Cyber-Physical Signaling Games in the Presence of Advanced Persistent ThreatsPublished by Springer Science and Business Media LLC ,2015
- StoreSim: Optimizing Information Leakage in Multicloud Storage ServicesPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2015
- A Theory of Cyber AttacksPublished by Association for Computing Machinery (ACM) ,2015
- Adversary-aware IP address randomization for proactive agility against sophisticated attackersPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2015
- Cloud-Trust—a Security Assessment Model for Infrastructure as a Service (IaaS) CloudsIEEE Transactions on Cloud Computing, 2015
- Combating advanced persistent threats: From network event correlation to incident detectionComputers & Security, 2015
- FlipIt: The Game of “Stealthy Takeover”Journal of Cryptology, 2012
- µLibCloud: Providing High Available and Uniform Accessing to Multiple Cloud StoragesPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2012
- The Leitmann–Schmitendorf advertising differential gameApplied Mathematics and Computation, 2010
- Weak and Strong Time Consistency in a Differential Oligopoly Game with Capital AccumulationJournal of Optimization Theory and Applications, 2008