Security and interdependency in a public cloud: A game-theoretic approach

Charles A. Kamhoua, Luke Kwiat, Kevin A. Kwiat, Joon S. Park, Ming Zhao, Manuel Rodriguez

Research output: Chapter in Book/Report/Conference proceedingChapter

1 Scopus citations

Abstract

As cloud computing thrives, many organizations - both large and small - are taking advantage of the multiple benefits of joining a public cloud. Public cloud computing is cost-effective: a cloud user can reduce spending on technology infrastructure and have easy access to their information without an up-front or long-term commitment of resources. Despite such benefits, concern over cyber security deters many large organizations with sensitive information to use a public cloud such as the Department of Defense. This is because different public cloud users share a common platform such as the hypervisor. An attacker can compromise a virtual machine (VM) to launch an attack on the hypervisor which, if compromised, can instantly yield the compromising of all the VMs running on top of that hypervisor. In this paper we evaluate the cloud user-attacker dynamic using game theory, which models competition among rational agents. This work will show that there are multiple Nash equilibria of the public cloud game. The Nash equilibrium profile that results will be shown to depend on several factors, including the probability that the hypervisor is compromised given a successful attack on a user and the total expense required to invest in security.

Original languageEnglish (US)
Title of host publicationStatic and Dynamic Game Theory
Subtitle of host publicationFoundations and Applications
PublisherBirkhauser
Pages253-284
Number of pages32
DOIs
StatePublished - Jan 1 2018

Publication series

NameStatic and Dynamic Game Theory: Foundations and Applications
VolumePart F2
ISSN (Print)2363-8516
ISSN (Electronic)2363-8524

    Fingerprint

ASJC Scopus subject areas

  • Statistics, Probability and Uncertainty
  • Statistics and Probability
  • Applied Mathematics

Cite this

Kamhoua, C. A., Kwiat, L., Kwiat, K. A., Park, J. S., Zhao, M., & Rodriguez, M. (2018). Security and interdependency in a public cloud: A game-theoretic approach. In Static and Dynamic Game Theory: Foundations and Applications (pp. 253-284). (Static and Dynamic Game Theory: Foundations and Applications; Vol. Part F2). Birkhauser. https://doi.org/10.1007/978-3-319-75268-6_11