Summary: | Cloud Computing is emerging as a new paradigm that aims at delivering computing as a utility. For the cloud computing paradigm to be fully adopted and effectively used it is critical that the security mechanisms are robust and resilient to malicious faults and attacks. Securing cloud is a challenging research problem because it suffers from current cybersecurity problems in computer networks and data centers and additional complexity introduced by virtualizations, multi-tenant occupancy, remote storage, and cloud management. It is widely accepted that we cannot build software and computing systems that are free from vulnerabilities and that cannot be penetrated or attacked. Furthermore, it is widely accepted that cyber resilient techniques are the most promising solutions to mitigate cyberattacks and change the game to advantage defender over attacker. Moving Target Defense (MTD) has been proposed as a mechanism to make it extremely challenging for an attacker to exploit existing vulnerabilities by varying different aspects of the execution environment. By continuously changing the environment (e.g. Programming language, Operating System, etc.) we can reduce the attack surface and consequently, the attackers will have very limited time to figure out current execution environment and vulnerabilities to be exploited. In this dissertation, we present a methodology to develop an Autonomic Resilient Cloud Management (ARCM) based on MTD and autonomic computing. The proposed research will utilize the following capabilities: Software Behavior Obfuscation (SBO), replication, diversity, and Autonomic Management (AM). SBO employs spatiotemporal behavior hiding or encryption and MTD to make software components change their implementation versions and resources randomly to avoid exploitations and penetrations. Diversity and random execution is achieved by using AM that will randomly "hot" shuffling multiple functionally-equivalent, behaviorally-different software versions at runtime (e.g., the software task can have multiple versions implemented in a different language and/or run on a different platform). The execution environment encryption will make it extremely difficult for an attack to disrupt normal operations of cloud. In this work, we evaluated the performance overhead and effectiveness of the proposed ARCM approach to secure and protect a wide range of cloud applications such as MapReduce and scientific and engineering applications.
|