Toward Smart Moving Target Defense for Linux Container Resiliency

Mohamed Azab; Bassem Mokhtar; Amr S. Abed; Mohamed Eltoweissy

doi:10.1109/LCN.2016.106

Toward Smart Moving Target Defense for Linux Container Resiliency

Mohamed Azab, Bassem Mokhtar, Amr S. Abed, Mohamed Eltoweissy

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

19 Citations (Scopus)

Abstract

This paper presents ESCAPE, an informed moving target defense mechanism for cloud containers. ESCAPE models the interaction between attackers and their target containers as a 'predator searching for a prey' search game. Live migration of Linux-containers (prey) is used to avoid attacks (predator) and failures. The entire process is guided by a novel host-based behavior-monitoring system that seamlessly monitors containers for indications of intrusions and attacks. To evaluate ESCAPE effectiveness, we simulated the attack avoidance process based on a mathematical model mimicking the prey-vs-predator search game. Simulation results show high container survival probabilities with minimal added overhead.

Original language	English
Title of host publication	Proceedings - 2016 IEEE 41st Conference on Local Computer Networks, LCN 2016
Publisher	IEEE Computer Society
Pages	619-622
Number of pages	4
ISBN (Electronic)	9781509020546
DOIs	https://doi.org/10.1109/LCN.2016.106
Publication status	Published - Dec 22 2016
Externally published	Yes
Event	41st IEEE Conference on Local Computer Networks, LCN 2016 - Dubai, United Arab Emirates Duration: Nov 7 2016 → Nov 10 2016

Publication series

Name	Proceedings - Conference on Local Computer Networks, LCN

Other

Other	41st IEEE Conference on Local Computer Networks, LCN 2016
Country/Territory	United Arab Emirates
City	Dubai
Period	11/7/16 → 11/10/16

Keywords

Cloud Security
Linux containers
Live Migration

ASJC Scopus subject areas

Computer Networks and Communications
Hardware and Architecture

Access to Document

10.1109/LCN.2016.106

Cite this

Toward Smart Moving Target Defense for Linux Container Resiliency. / Azab, Mohamed; Mokhtar, Bassem; Abed, Amr S. et al.
Proceedings - 2016 IEEE 41st Conference on Local Computer Networks, LCN 2016. IEEE Computer Society, 2016. p. 619-622 7796855 (Proceedings - Conference on Local Computer Networks, LCN).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Azab, M, Mokhtar, B, Abed, AS & Eltoweissy, M 2016, Toward Smart Moving Target Defense for Linux Container Resiliency. in Proceedings - 2016 IEEE 41st Conference on Local Computer Networks, LCN 2016., 7796855, Proceedings - Conference on Local Computer Networks, LCN, IEEE Computer Society, pp. 619-622, 41st IEEE Conference on Local Computer Networks, LCN 2016, Dubai, United Arab Emirates, 11/7/16. https://doi.org/10.1109/LCN.2016.106

@inproceedings{f08e5f5fda1045ba8ff148456a5defab,

title = "Toward Smart Moving Target Defense for Linux Container Resiliency",

abstract = "This paper presents ESCAPE, an informed moving target defense mechanism for cloud containers. ESCAPE models the interaction between attackers and their target containers as a 'predator searching for a prey' search game. Live migration of Linux-containers (prey) is used to avoid attacks (predator) and failures. The entire process is guided by a novel host-based behavior-monitoring system that seamlessly monitors containers for indications of intrusions and attacks. To evaluate ESCAPE effectiveness, we simulated the attack avoidance process based on a mathematical model mimicking the prey-vs-predator search game. Simulation results show high container survival probabilities with minimal added overhead.",

keywords = "Cloud Security, Linux containers, Live Migration",

author = "Mohamed Azab and Bassem Mokhtar and Abed, {Amr S.} and Mohamed Eltoweissy",

note = "Publisher Copyright: {\textcopyright} 2016 IEEE.; 41st IEEE Conference on Local Computer Networks, LCN 2016 ; Conference date: 07-11-2016 Through 10-11-2016",

year = "2016",

month = dec,

day = "22",

doi = "10.1109/LCN.2016.106",

language = "English",

series = "Proceedings - Conference on Local Computer Networks, LCN",

publisher = "IEEE Computer Society",

pages = "619--622",

booktitle = "Proceedings - 2016 IEEE 41st Conference on Local Computer Networks, LCN 2016",

}

TY - GEN

T1 - Toward Smart Moving Target Defense for Linux Container Resiliency

AU - Azab, Mohamed

AU - Mokhtar, Bassem

AU - Abed, Amr S.

AU - Eltoweissy, Mohamed

PY - 2016/12/22

Y1 - 2016/12/22

N2 - This paper presents ESCAPE, an informed moving target defense mechanism for cloud containers. ESCAPE models the interaction between attackers and their target containers as a 'predator searching for a prey' search game. Live migration of Linux-containers (prey) is used to avoid attacks (predator) and failures. The entire process is guided by a novel host-based behavior-monitoring system that seamlessly monitors containers for indications of intrusions and attacks. To evaluate ESCAPE effectiveness, we simulated the attack avoidance process based on a mathematical model mimicking the prey-vs-predator search game. Simulation results show high container survival probabilities with minimal added overhead.

AB - This paper presents ESCAPE, an informed moving target defense mechanism for cloud containers. ESCAPE models the interaction between attackers and their target containers as a 'predator searching for a prey' search game. Live migration of Linux-containers (prey) is used to avoid attacks (predator) and failures. The entire process is guided by a novel host-based behavior-monitoring system that seamlessly monitors containers for indications of intrusions and attacks. To evaluate ESCAPE effectiveness, we simulated the attack avoidance process based on a mathematical model mimicking the prey-vs-predator search game. Simulation results show high container survival probabilities with minimal added overhead.

KW - Cloud Security

KW - Linux containers

KW - Live Migration

UR - http://www.scopus.com/inward/record.url?scp=85010076723&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85010076723&partnerID=8YFLogxK

U2 - 10.1109/LCN.2016.106

DO - 10.1109/LCN.2016.106

M3 - Conference contribution

AN - SCOPUS:85010076723

T3 - Proceedings - Conference on Local Computer Networks, LCN

SP - 619

EP - 622

BT - Proceedings - 2016 IEEE 41st Conference on Local Computer Networks, LCN 2016

PB - IEEE Computer Society

T2 - 41st IEEE Conference on Local Computer Networks, LCN 2016

Y2 - 7 November 2016 through 10 November 2016

ER -

Toward Smart Moving Target Defense for Linux Container Resiliency

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this