A Stochastic Game Model for Cloud Platform Security

Lu Li; Lisheng Huang; Guanling Zhao; Kai Shi; Fengjun Zhang

doi:10.5220/0011778900003405

A Stochastic Game Model for Cloud Platform Security

Lu Li, Lisheng Huang, Guanling Zhao, Kai Shi, Fengjun Zhang

2023

Abstract

The extensive use of virtualization technologies in cloud platforms has caused traditional security measures to partially fail. It was a hard struggle for static protection mechanisms to get work done in time when facing constantly evolving network threats. In this paper, an active defense approach is proposed to address the dynamic and variable security threats in cloud environment. Stochastic game model is introduced to model the cloud platform security elements. An attack-defense payoff function and matrix are also defined based on the features of the cloud platform. To accurately describe the attack action and the corresponding defense action, the overall attack graph and single-point defense graph are optimized. Based on proposed game model and attack-defense graph, the optimal defense strategy algorithm for the cloud platform is designed. The optimal defense strategy is obtained after a multi-stage stochastic game considering the long-term gain. Finally, the model’s reliability is evaluated using stochastic Petri nets and Markov chains. Experimental simulation demonstrates that the presented model outperforms the existing mainstream game models, such as the evolutionary game model and Bayesian game model, in terms of the optimal strategy, defense success rate, and steady-state availability.

Download

Paper Citation

in Harvard Style

Li L., Huang L., Zhao G., Shi K. and Zhang F. (2023). A Stochastic Game Model for Cloud Platform Security. In Proceedings of the 9th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-624-8, pages 152-162. DOI: 10.5220/0011778900003405

in Bibtex Style

@conference{icissp23,
author={Lu Li and Lisheng Huang and Guanling Zhao and Kai Shi and Fengjun Zhang},
title={A Stochastic Game Model for Cloud Platform Security},
booktitle={Proceedings of the 9th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2023},
pages={152-162},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0011778900003405},
isbn={978-989-758-624-8},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 9th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - A Stochastic Game Model for Cloud Platform Security
SN - 978-989-758-624-8
AU - Li L.
AU - Huang L.
AU - Zhao G.
AU - Shi K.
AU - Zhang F.
PY - 2023
SP - 152
EP - 162
DO - 10.5220/0011778900003405