Yuqing Qiu, Qingni Shen, Yang Luo, Cong Li, Zhonghai Wu
{"title":"一种安全的虚拟机部署策略以减少在云中的共同驻留","authors":"Yuqing Qiu, Qingni Shen, Yang Luo, Cong Li, Zhonghai Wu","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.257","DOIUrl":null,"url":null,"abstract":"Due to sharing physical resource, the co-residency of virtual machine (VM) in cloud is inevitable, which brings many security threats, such as side channel attacks and covert channel threats. Most of previous work focused on detecting and resisting a bewildering variety of co-resident attacks. Generally, improving the VM deployment strategy can also mitigate the security threats of co-resident attacks effectively by reducing the probability of VM co-residency. In this paper, we propose a co-residency-resistant VM deployment strategy and define four thresholds to adjust the strategy for security and load balancing. Moreover, two metrics(VM co-residency probability and user co-residency coverage probability) are introduced to evaluate the deployment strategy. Finally, we implement the strategy and run experiments on both OpenStack and CloudSim. The results show that our strategy can reduce VM co-residency by 50% to 66.7% and user co-residency by 50% to 66% compared with the existing strategies.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"71 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"16","resultStr":"{\"title\":\"A Secure Virtual Machine Deployment Strategy to Reduce Co-residency in Cloud\",\"authors\":\"Yuqing Qiu, Qingni Shen, Yang Luo, Cong Li, Zhonghai Wu\",\"doi\":\"10.1109/Trustcom/BigDataSE/ICESS.2017.257\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Due to sharing physical resource, the co-residency of virtual machine (VM) in cloud is inevitable, which brings many security threats, such as side channel attacks and covert channel threats. Most of previous work focused on detecting and resisting a bewildering variety of co-resident attacks. Generally, improving the VM deployment strategy can also mitigate the security threats of co-resident attacks effectively by reducing the probability of VM co-residency. In this paper, we propose a co-residency-resistant VM deployment strategy and define four thresholds to adjust the strategy for security and load balancing. Moreover, two metrics(VM co-residency probability and user co-residency coverage probability) are introduced to evaluate the deployment strategy. Finally, we implement the strategy and run experiments on both OpenStack and CloudSim. The results show that our strategy can reduce VM co-residency by 50% to 66.7% and user co-residency by 50% to 66% compared with the existing strategies.\",\"PeriodicalId\":170253,\"journal\":{\"name\":\"2017 IEEE Trustcom/BigDataSE/ICESS\",\"volume\":\"71 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"16\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 IEEE Trustcom/BigDataSE/ICESS\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.257\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE Trustcom/BigDataSE/ICESS","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.257","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Secure Virtual Machine Deployment Strategy to Reduce Co-residency in Cloud
Due to sharing physical resource, the co-residency of virtual machine (VM) in cloud is inevitable, which brings many security threats, such as side channel attacks and covert channel threats. Most of previous work focused on detecting and resisting a bewildering variety of co-resident attacks. Generally, improving the VM deployment strategy can also mitigate the security threats of co-resident attacks effectively by reducing the probability of VM co-residency. In this paper, we propose a co-residency-resistant VM deployment strategy and define four thresholds to adjust the strategy for security and load balancing. Moreover, two metrics(VM co-residency probability and user co-residency coverage probability) are introduced to evaluate the deployment strategy. Finally, we implement the strategy and run experiments on both OpenStack and CloudSim. The results show that our strategy can reduce VM co-residency by 50% to 66.7% and user co-residency by 50% to 66% compared with the existing strategies.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
