By Topic

Using Mussel-Inspired Self-Organization and Account Proxies to Obfuscate Workload Ownership and Placement in Clouds

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Justin L. Rice ; Department of Computer Science, Louisiana Tech University, LA, USA ; Vir V. Phoha ; Philip Robinson

Recent research has provided evidence indicating how a malicious user could perform coresidence profiling and public-to-private IP mapping to target and exploit customers which share physical resources. The attacks rely on two steps: resource placement on the target's physical machine and extraction. Our proposed solution, in part inspired by mussel self-organization, relies on user account and workload clustering to mitigate coresidence profiling. Users with similar preferences and workload characteristics are mapped to the same cluster. To obfuscate the public-to-private IP map, each cluster is managed and accessed by an account proxy. Each proxy uses one public IP address, which is shared by all clustered users when accessing their instances, and maintains the mapping to private IP addresses. We describe a set of capabilities and attack paths an attacker needs to execute for targeted coresidence, and present arguments to show how our approach disrupts the critical steps in the attack path for most cases. We then perform a risk assessment to determine the likelihood an individual user will be victimized, given that a successful nondirected exploit has occurred. Our results suggest that while possible, this event is highly unlikely.

Published in:

IEEE Transactions on Information Forensics and Security  (Volume:8 ,  Issue: 6 )