Probabilistic Inference of the Stealthy Bridges between Enterprise Networks in Cloud

Sun, Xiaoyan and Dai, Jun and Singhal, Anoop and Liu, Peng (2018) Probabilistic Inference of the Stealthy Bridges between Enterprise Networks in Cloud. EAI Endorsed Transactions on Security and Safety, 4 (13). e3. ISSN 2032-9393

[img]
Preview
Text
eai.4-1-2018.153526.pdf
Available under License Creative Commons Attribution No Derivatives.

Download (1MB) | Preview

Abstract

Cloud computing, with the paradigm of computing as a utility, has the potential to significantly tranform the IT industry. Attracted by the high efficiency, low cost, and great flexibility of cloud, enterprises began to migrate large parts of their networks into cloud. The cloud becomes a public space where multiple “tenants” reside. Except for some public services, the enterprise networks in cloud should be absolutely isolated from each other. However, some “stealthy bridges” could be established to break such isolation due to two features of the public cloud: virtual machine image sharing and virtual machine co-residency. This paper proposes to use cross-layer Bayesian networks to infer the stealthy bridges existing between enterprise network islands. Cloud-level attack graphs are firstly built to capture the potential attacks enabled by stealthy bridges and reveal hidden possible attack paths. Cross-layer Bayesian networks are then constructed to infer the probability of stealthy bridge existence. The experiment results show that the cross-layer Bayesian networks are capable of inferring the existence of stealthy bridges given supporting evidence from other intrusion steps in a multi-step attack.

Item Type: Article
Uncontrolled Keywords: cloud, stealthy bridge, Bayesian network, attack graph
Subjects: H Social Sciences > H Social Sciences (General)
Q Science > QA Mathematics > QA75 Electronic computers. Computer science
QA75 Electronic computers. Computer science
Depositing User: EAI Editor IV
Date Deposited: 26 Mar 2021 13:52
Last Modified: 26 Mar 2021 13:52
URI: https://eprints.eudl.eu/id/eprint/2079

Actions (login required)

View Item View Item