Intrusion damage assessment for multi-stage attacks for clouds

Abstract

Clouds represent a major paradigm shift from contemporary systems, inspiring the contemporary approach to computing. They present fascinating opportunities to address dynamic user requirements with the provision of flexible computing infrastructures that are available on demand. Clouds, however, introduce novel challenges particularly with respect to security that require dedicated efforts to address them. This paper is focused at one such challenge i.e. determining the extent of damage caused by an intrusion for a victim virtual machine. It has significant implications with respect to effective response to the intrusion. The paper presents our efforts to address this challenge for Clouds in the form of a novel scheme for intrusion damage assessment for Clouds which facilitates protection against multi-stage attacks. The paper also includes the formal specification and evaluation of the scheme which successfully demonstrate its effectiveness to achieve rigorous damage assessment for Clouds. © 2012 Springer-Verlag.