EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Toward an integrated dynamic defense system for strategic detecting attacks in cloud networks using stochastic game

El Mehdi Kandoussi (), Mohamed Hanini (), Iman Mir () and Abdelkrim Haqiq ()
Additional contact information
El Mehdi Kandoussi: Hassan 1st University
Mohamed Hanini: Hassan 1st University
Iman Mir: University Abdelmalek Essaadi
Abdelkrim Haqiq: Hassan 1st University

Telecommunication Systems: Modelling, Analysis, Design and Management, 2020, vol. 73, issue 3, No 5, 397-417

Abstract: Abstract In a complex network as a cloud computing environment, security is becoming increasingly based on deception techniques. To date, the static nature of cyber networks offers to adversaries good opportunities to systematically study the network environment, launch a cyber-attack effortlessly and wide-spread and finally defeat the target system. In order to resolve the limitations of the traditional security measures as intrusion prevention or detection systems, firewall, access list, etc., which did not change the attack surface and cannot avoid zero-days attacks, technics that provide dynamic defense, such virtual machine migration and honeypot should be deployed. Despite this, with a virtual machine migration technique, not all virtual machines’ migration between servers enhances security considerably. In this paper, we propose an integrated defense system combining virtual machine migration and honeypot. The effectiveness of the proposed system is discussed in terms of security policies. In addition, our proposed model determines the potential attack paths quantitatively then classifies them into two sub-sets: attack paths explored only and attack paths explored and exploited based on the black box intrusion steps. Thus, to model the interaction attacker–defender, the attack graph combined with the stochastic game theory is used. Finally, we carry out some numerical results to demonstrate the effectiveness of the proposed security game model.

Keywords: Honeypot; VM migration; Cloud computing; Stochastic game; Bayesian game; Attack graph (search for similar items in EconPapers)
Date: 2020
References: View references in EconPapers View complete reference list from CitEc
Citations: View citations in EconPapers (1)

Downloads: (external link)
http://link.springer.com/10.1007/s11235-019-00616-1 Abstract (text/html)
Access to the full text of the articles in this series is restricted.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:spr:telsys:v:73:y:2020:i:3:d:10.1007_s11235-019-00616-1

Ordering information: This journal article can be ordered from
http://www.springer.com/journal/11235

DOI: 10.1007/s11235-019-00616-1

Access Statistics for this article

Telecommunication Systems: Modelling, Analysis, Design and Management is currently edited by Muhammad Khan

More articles in Telecommunication Systems: Modelling, Analysis, Design and Management from Springer
Bibliographic data for series maintained by Sonal Shukla () and Springer Nature Abstracting and Indexing ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-04-26
Handle: RePEc:spr:telsys:v:73:y:2020:i:3:d:10.1007_s11235-019-00616-1