English

An Automated Security Analysis Framework and Implementation for Cloud

Cryptography and Security 2019-04-04 v1

Abstract

Cloud service providers offer their customers with on-demand and cost-effective services, scalable computing, and network infrastructures. Enterprises migrate their services to the cloud to utilize the benefit of cloud computing such as eliminating the capital expense of their computing need. There are security vulnerabilities and threats in the cloud. Many researches have been proposed to analyze the cloud security using Graphical Security Models (GSMs) and security metrics. In addition, it has been widely researched in finding appropriate defensive strategies for the security of the cloud. Moving Target Defense (MTD) techniques can utilize the cloud elasticity features to change the attack surface and confuse attackers. Most of the previous work incorporating MTDs into the GSMs are theoretical and the performance was evaluated based on the simulation. In this paper, we realized the previous framework and designed, implemented and tested a cloud security assessment tool in a real cloud platform named UniteCloud. Our security solution can (1) monitor cloud computing in real-time, (2) automate the security modeling and analysis and visualize the GSMs using a Graphical User Interface via a web application, and (3) deploy three MTD techniques including Diversity, Redundancy, and Shuffle on the real cloud infrastructure. We analyzed the automation process using the APIs and showed the practicality and feasibility of automation of deploying all the three MTD techniques on the UniteCloud.

Keywords

Cite

@article{arxiv.1904.01758,
  title  = {An Automated Security Analysis Framework and Implementation for Cloud},
  author = {Hootan Alavizadeh and Hooman Alavizadeh and Dong Seong Kim and Julian Jang-Jaccard and Masood Niazi Torshiz},
  journal= {arXiv preprint arXiv:1904.01758},
  year   = {2019}
}

Comments

8 pages, 8 figures

R2 v1 2026-06-23T08:27:35.499Z