Go to DBLP homepageUB-CRAF: A User Behavior-Driven Co-resident Risk Assessment Framework for Dynamically Migrating VMs in Clouds
Abstract: Cloud computing offers cost-effective resource sharing to users, which also brings additional security risks. Malicious neighbors exploit side-channels to steal information from other resource-sharing users’ virtual machine (VM), which are called co-resident attacks. However, focusing on eliminating or detecting side channels through intelligent algorithms, most of previous static methods suffer from limitations as they either require modifications to existing deployments or only address known co-resident attacks. Providing an alternative perspective, moving target defense prevents the establishment of side channels by constantly breaking the co-residency, but its dynamic characteristics increase the difficulty of intelligent migration. In this paper, we propose a user behavior-driven co-resident risk assessment framework for dynamically migrating VMs in clouds, named UB-CRAF. Firstly, based on an improved DBSCAN algorithm, we develop a user threat quantification (UTQ) model that distinguishes high-threat users and trusted services by analyzing behaviors of users. Meanwhile, we propose a VM multi-risk assessment (VMA) model based on vulnerability detection which describes multi-risk of VMs to capture high-risk VMs as the migrating target. Moreover, we propose a heuristic adaptive migration algorithm to migrate VM adaptively, so that the side-channel attacks can be mitigated effectively. Based on a large-scale dataset collected from the Microsoft Azure Platform, the experimental results demonstrate that the UTQ model achieves an accuracy of 95.8% in user classification. Additionally, the UB-CRAF strategy effectively mitigates VM attacks with an average reduction rate of 37.5%.
Loading