TY - GEN
T1 - Protecting Critical Cloud Infrastructures with Predictive Capability
AU - Yau, Sik-Sang
AU - Buduru, Arun Balaji
AU - Nagaraja, Vinjith
PY - 2015/8/19
Y1 - 2015/8/19
N2 - Emerging trends in cyber system security breaches, including those in critical infrastructures involving cloud systems, such as in applications of military, homeland security, finance, utilities and transportation systems, have shown that attackers have abundant resources, including both human and computing power, to launch attacks. The sophistication and resources used in attacks reflect that the attackers may be supported by large organizations and in some cases by foreign governments. Hence, there is an urgent need to develop intelligent cyber defense approaches to better protecting critical cloud infrastructures. In order to have much better protection for critical cloud infrastructures, effective approaches with predictive capability are needed. Much research has been done by applying game theory to generating adversarial models for predictive defense of critical infrastructures. However, these approaches have serious limitations, some of which are due to the assumptions used in these approaches, such as rationality and Nash equilibrium, which may not be valid for current and emerging cloud infrastructures. Another major limitation of these approaches is that they do not capture probabilistic human behaviors accurately, and hence do not incorporate human behaviors. In order to greatly improve the protection of critical cloud infrastructures, it is necessary to predict potential security breaches on critical cloud infrastructures with accurate system-wide causal relationship and probabilistic human behaviors. In this paper, the challenges and our vision on developing such proactive protection approaches are discussed.
AB - Emerging trends in cyber system security breaches, including those in critical infrastructures involving cloud systems, such as in applications of military, homeland security, finance, utilities and transportation systems, have shown that attackers have abundant resources, including both human and computing power, to launch attacks. The sophistication and resources used in attacks reflect that the attackers may be supported by large organizations and in some cases by foreign governments. Hence, there is an urgent need to develop intelligent cyber defense approaches to better protecting critical cloud infrastructures. In order to have much better protection for critical cloud infrastructures, effective approaches with predictive capability are needed. Much research has been done by applying game theory to generating adversarial models for predictive defense of critical infrastructures. However, these approaches have serious limitations, some of which are due to the assumptions used in these approaches, such as rationality and Nash equilibrium, which may not be valid for current and emerging cloud infrastructures. Another major limitation of these approaches is that they do not capture probabilistic human behaviors accurately, and hence do not incorporate human behaviors. In order to greatly improve the protection of critical cloud infrastructures, it is necessary to predict potential security breaches on critical cloud infrastructures with accurate system-wide causal relationship and probabilistic human behaviors. In this paper, the challenges and our vision on developing such proactive protection approaches are discussed.
KW - Critical cloud infrastructures
KW - Predictive defense
KW - Pro-active protection
KW - Probabilistic human behaviors
KW - Probabilistic reasoning
KW - Security breaches
UR - http://www.scopus.com/inward/record.url?scp=84960153360&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84960153360&partnerID=8YFLogxK
U2 - 10.1109/CLOUD.2015.165
DO - 10.1109/CLOUD.2015.165
M3 - Conference contribution
AN - SCOPUS:84960153360
T3 - Proceedings - 2015 IEEE 8th International Conference on Cloud Computing, CLOUD 2015
SP - 1119
EP - 1124
BT - Proceedings - 2015 IEEE 8th International Conference on Cloud Computing, CLOUD 2015
A2 - Pu, Calton
A2 - Mohindra, Ajay
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 8th IEEE International Conference on Cloud Computing, CLOUD 2015
Y2 - 27 June 2015 through 2 July 2015
ER -