Security and interdependency in a public cloud

A game-theoretic approach

Charles A. Kamhoua, Luke Kwiat, Kevin A. Kwiat, Joon S. Park, Ming Zhao, Manuel Rodriguez

Research output: Chapter in Book/Report/Conference proceedingChapter

Abstract

As cloud computing thrives, many organizations - both large and small - are taking advantage of the multiple benefits of joining a public cloud. Public cloud computing is cost-effective: a cloud user can reduce spending on technology infrastructure and have easy access to their information without an up-front or long-term commitment of resources. Despite such benefits, concern over cyber security deters many large organizations with sensitive information to use a public cloud such as the Department of Defense. This is because different public cloud users share a common platform such as the hypervisor. An attacker can compromise a virtual machine (VM) to launch an attack on the hypervisor which, if compromised, can instantly yield the compromising of all the VMs running on top of that hypervisor. In this paper we evaluate the cloud user-attacker dynamic using game theory, which models competition among rational agents. This work will show that there are multiple Nash equilibria of the public cloud game. The Nash equilibrium profile that results will be shown to depend on several factors, including the probability that the hypervisor is compromised given a successful attack on a user and the total expense required to invest in security.

Original languageEnglish (US)
Title of host publicationStatic and Dynamic Game Theory
Subtitle of host publicationFoundations and Applications
PublisherBirkhauser
Pages253-284
Number of pages32
DOIs
StatePublished - Jan 1 2018

Publication series

NameStatic and Dynamic Game Theory: Foundations and Applications
VolumePart F2
ISSN (Print)2363-8516
ISSN (Electronic)2363-8524

Fingerprint

Interdependencies
Cloud computing
Game
Game theory
Joining
Cloud Computing
Nash Equilibrium
Attack
Multiple Equilibria
Costs
Competition Model
Dynamic Games
Virtual Machine
Game Theory
Infrastructure
Resources
Evaluate
Virtual machine
Nash equilibrium

ASJC Scopus subject areas

  • Statistics, Probability and Uncertainty
  • Statistics and Probability
  • Applied Mathematics

Cite this

Kamhoua, C. A., Kwiat, L., Kwiat, K. A., Park, J. S., Zhao, M., & Rodriguez, M. (2018). Security and interdependency in a public cloud: A game-theoretic approach. In Static and Dynamic Game Theory: Foundations and Applications (pp. 253-284). (Static and Dynamic Game Theory: Foundations and Applications; Vol. Part F2). Birkhauser. https://doi.org/10.1007/978-3-319-75268-6_11

Security and interdependency in a public cloud : A game-theoretic approach. / Kamhoua, Charles A.; Kwiat, Luke; Kwiat, Kevin A.; Park, Joon S.; Zhao, Ming; Rodriguez, Manuel.

Static and Dynamic Game Theory: Foundations and Applications. Birkhauser, 2018. p. 253-284 (Static and Dynamic Game Theory: Foundations and Applications; Vol. Part F2).

Research output: Chapter in Book/Report/Conference proceedingChapter

Kamhoua, CA, Kwiat, L, Kwiat, KA, Park, JS, Zhao, M & Rodriguez, M 2018, Security and interdependency in a public cloud: A game-theoretic approach. in Static and Dynamic Game Theory: Foundations and Applications. Static and Dynamic Game Theory: Foundations and Applications, vol. Part F2, Birkhauser, pp. 253-284. https://doi.org/10.1007/978-3-319-75268-6_11
Kamhoua CA, Kwiat L, Kwiat KA, Park JS, Zhao M, Rodriguez M. Security and interdependency in a public cloud: A game-theoretic approach. In Static and Dynamic Game Theory: Foundations and Applications. Birkhauser. 2018. p. 253-284. (Static and Dynamic Game Theory: Foundations and Applications). https://doi.org/10.1007/978-3-319-75268-6_11
Kamhoua, Charles A. ; Kwiat, Luke ; Kwiat, Kevin A. ; Park, Joon S. ; Zhao, Ming ; Rodriguez, Manuel. / Security and interdependency in a public cloud : A game-theoretic approach. Static and Dynamic Game Theory: Foundations and Applications. Birkhauser, 2018. pp. 253-284 (Static and Dynamic Game Theory: Foundations and Applications).
@inbook{e7032a351c294b06856ea7cf0d8860dc,
title = "Security and interdependency in a public cloud: A game-theoretic approach",
abstract = "As cloud computing thrives, many organizations - both large and small - are taking advantage of the multiple benefits of joining a public cloud. Public cloud computing is cost-effective: a cloud user can reduce spending on technology infrastructure and have easy access to their information without an up-front or long-term commitment of resources. Despite such benefits, concern over cyber security deters many large organizations with sensitive information to use a public cloud such as the Department of Defense. This is because different public cloud users share a common platform such as the hypervisor. An attacker can compromise a virtual machine (VM) to launch an attack on the hypervisor which, if compromised, can instantly yield the compromising of all the VMs running on top of that hypervisor. In this paper we evaluate the cloud user-attacker dynamic using game theory, which models competition among rational agents. This work will show that there are multiple Nash equilibria of the public cloud game. The Nash equilibrium profile that results will be shown to depend on several factors, including the probability that the hypervisor is compromised given a successful attack on a user and the total expense required to invest in security.",
author = "Kamhoua, {Charles A.} and Luke Kwiat and Kwiat, {Kevin A.} and Park, {Joon S.} and Ming Zhao and Manuel Rodriguez",
year = "2018",
month = "1",
day = "1",
doi = "10.1007/978-3-319-75268-6_11",
language = "English (US)",
series = "Static and Dynamic Game Theory: Foundations and Applications",
publisher = "Birkhauser",
pages = "253--284",
booktitle = "Static and Dynamic Game Theory",

}

TY - CHAP

T1 - Security and interdependency in a public cloud

T2 - A game-theoretic approach

AU - Kamhoua, Charles A.

AU - Kwiat, Luke

AU - Kwiat, Kevin A.

AU - Park, Joon S.

AU - Zhao, Ming

AU - Rodriguez, Manuel

PY - 2018/1/1

Y1 - 2018/1/1

N2 - As cloud computing thrives, many organizations - both large and small - are taking advantage of the multiple benefits of joining a public cloud. Public cloud computing is cost-effective: a cloud user can reduce spending on technology infrastructure and have easy access to their information without an up-front or long-term commitment of resources. Despite such benefits, concern over cyber security deters many large organizations with sensitive information to use a public cloud such as the Department of Defense. This is because different public cloud users share a common platform such as the hypervisor. An attacker can compromise a virtual machine (VM) to launch an attack on the hypervisor which, if compromised, can instantly yield the compromising of all the VMs running on top of that hypervisor. In this paper we evaluate the cloud user-attacker dynamic using game theory, which models competition among rational agents. This work will show that there are multiple Nash equilibria of the public cloud game. The Nash equilibrium profile that results will be shown to depend on several factors, including the probability that the hypervisor is compromised given a successful attack on a user and the total expense required to invest in security.

AB - As cloud computing thrives, many organizations - both large and small - are taking advantage of the multiple benefits of joining a public cloud. Public cloud computing is cost-effective: a cloud user can reduce spending on technology infrastructure and have easy access to their information without an up-front or long-term commitment of resources. Despite such benefits, concern over cyber security deters many large organizations with sensitive information to use a public cloud such as the Department of Defense. This is because different public cloud users share a common platform such as the hypervisor. An attacker can compromise a virtual machine (VM) to launch an attack on the hypervisor which, if compromised, can instantly yield the compromising of all the VMs running on top of that hypervisor. In this paper we evaluate the cloud user-attacker dynamic using game theory, which models competition among rational agents. This work will show that there are multiple Nash equilibria of the public cloud game. The Nash equilibrium profile that results will be shown to depend on several factors, including the probability that the hypervisor is compromised given a successful attack on a user and the total expense required to invest in security.

UR - http://www.scopus.com/inward/record.url?scp=85052373572&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85052373572&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-75268-6_11

DO - 10.1007/978-3-319-75268-6_11

M3 - Chapter

T3 - Static and Dynamic Game Theory: Foundations and Applications

SP - 253

EP - 284

BT - Static and Dynamic Game Theory

PB - Birkhauser

ER -