Effective and Economical Moving Target Defense for Secure Cloud Computing

Cloud computing becomes increasingly popular as it provides economical, elastic and scalable computing resources to customers. Unfortunately, the security concern of the cloud environments has been one of the major reasons that hinders individuals or organizations from adopting cloud computing. The virtualization technology employed in the cloud computing as well as the resource pricing scheme expose the cloud customers to new security threats. Fortunately, the elasticity and scalability of the cloud computing resources offer good opportunities for designing provable powerful defense mechanisms to improve cloud security.;In this dissertation, I focus on designing defense mechanisms based on moving target defense (MTD) strategy. Traditionally, network and system configurations are static and therefore, attackers have plenty of time to exploit the system's vulnerabilities and are able to choose when to launch the attacks wisely with the objective of maximizing damage. An unpredictable system configuration can significantly lift the bar for attackers to conduct successful attacks. Moving target defense has been proposed for the purpose of introducing internal randomness to the system. It aims to introduce dynamics and uncertainty to the defense system through changing the configurations dynamically over time. The highly scalable and configurable cloud environments provide large and flexible configuration spaces for MTD, and thus potentially improve the system's security levels.;In studying cloud security threats, I investigate three important cloud security problems algorithmically and experimentally. These attacks are distributed denial of service (DDoS) attacks, economic denial of sustainability (EDoS) attacks, and covert channel attacks. I propose effective and economical moving target defense strategies to defend against these attacks.;The DDoS attack is a severe threat to the Internet security as well as to the cloud security. A reactive moving target defense scheme called 'shuffling' is to migrate the client traffic from the attacked proxies to those unattacked proxies. I investigate how a cloud consumer can take advantage of the characteristics of cloud computing resources to perform effective migrations. To that end, I design an optimal moving-target-based defense mechanism to effectively defend against DDoS attacks and prove its optimality. I also present an effective and easy-to-implement greedy algorithm. Both algorithms are evaluated empirically.;The EDoS is a new breed of denial of service attacks. It is a newly emerging threat to the cloud consumers due to the utility pricing scheme employed by the cloud providers. Specifically, most of the cloud providers use a "pay-as-you-go'' charging scheme in which each cloud consumer is charged for the bandwidth volume and the server hours he has used. An attacker has the motivation to drive up the resource usage of his target cloud consumers and eventually drain their financial budget. I empirically study how EDoS attacks can be conducted easily with very low costs for the attackers. Through measuring the impact of EDoS attacks on the cloud consumers, I reveal that EDoS attacks severely threaten the cost-effectiveness of the cloud computing. Then I propose an effective moving target defense mechanism which can be employed by the cloud consumers to defend against EDoS attacks for web-based systems.;The covert channel attack is one of the most important information security problems for the cloud consumers. Recent research has demonstrated that the multi-tenancy model employed in the cloud exposes the cloud consumers under the threat of covert channel attacks. Specifically, a virtual machine (VM) can steal information from the other VMs which are co-resident on the same physical machine. Moving target defense has been proposed as an effective defense for covert channel attacks. However, as the moving target defense introduces overhead to the defense system, it is critical to determine the timing of making adaptations in order to tradeoff the cost of making adaptations and the cost of being attacked. I propose an economical moving target defense scheme based on renewal reward theory to tradeoff the defense cost. This economical moving target defense mechanism can be applied to defend against a broad family of attacks, including the DDoS attacks.