Multi-Objective Response to Co-Resident Attacks in Cloud Environment

Cloud computing is a dynamic environment that offers variety of on-demand services with low cost. However, customers face new security risks due to shared infrastructure in the cloud. Co-residency of virtual machines on the same physical machine, leads to several threats for cloud tenants. Cloud administrators are often encountered with a more challenging problem since they have to work within a fixed budget for cloud hardening. The problem is how to select a subset of countermeasures to be within the budget and yet minimize the residual damage to the cloud caused by malicious VMs. We address this problem by introducing a novel multi-objective attack response system. We consider response cost, co-residency threat, and virtual machines interactions to select optimal response in face of the attack. Optimal response selection as a multi-objective optimization problem calculates alternative responses, with minimum threat and cost. Our method estimates threat level based on the collaboration graph and suggests proper countermeasures based on threat type with minimum cost. Experimental result shows that our system can suggest optimal responses based on the current state of the cloud.