國立虎尾科技大學 |

Detection and Mitigation of Security Threats in Cloud Computing.

紀錄類型:	書目-語言資料,手稿 : Monograph/item
正題名/作者:	Detection and Mitigation of Security Threats in Cloud Computing./
作者:	Zhang, Tianwei.
面頁冊數:	1 online resource (273 pages)
附註:	Source: Dissertation Abstracts International, Volume: 79-04(E), Section: B.
Contained By:	Dissertation Abstracts International79-04B(E).
標題:	Computer engineering. -
電子資源:	click for full text (PQDT)
ISBN:	9780355323498

Detection and Mitigation of Security Threats in Cloud Computing.
Zhang, Tianwei.

Detection and Mitigation of Security Threats in Cloud Computing. - 1 online resource (273 pages)

Source: Dissertation Abstracts International, Volume: 79-04(E), Section: B.

Thesis (Ph.D.)--Princeton University, 2017.

Includes bibliographical references

Infrastructure-as-a-Service (IaaS) clouds provide computation and storage services to enterprises and individuals with increased elasticity and low cost. Cloud customers rent resources in the form of virtual machines (VMs). However, these VMs may face various security threats.

Electronic reproduction.
Ann Arbor, Mich. :
ProQuest,
2018

Mode of access: World Wide Web

ISBN: 9780355323498Subjects--Topical Terms:

569006
Computer engineering.
Index Terms--Genre/Form:

554714
Electronic books.

Detection and Mitigation of Security Threats in Cloud Computing.
LDR:03701ntm a2200385Ki 4500 001 917057
005 20181005115847.5
006 m o u
007 cr mn||||a|a||
008 190606s2017 xx obm 000 0 eng d
020 $a 9780355323498
035 $a (MiAaPQ)AAI10622170
035 $a (MiAaPQ)princeton:12300
035 $a AAI10622170
040 $a MiAaPQ $b eng $c MiAaPQ $d NTU
100 1 $a Zhang, Tianwei. $3 1190976
245 1 0 $a Detection and Mitigation of Security Threats in Cloud Computing.
264 0 $c 2017
300 $a 1 online resource (273 pages)
336 $a text $b txt $2 rdacontent
337 $a computer $b c $2 rdamedia
338 $a online resource $b cr $2 rdacarrier
500 $a Source: Dissertation Abstracts International, Volume: 79-04(E), Section: B.
500 $a Adviser: Ruby B. Lee.
502 $a Thesis (Ph.D.)--Princeton University, 2017.
504 $a Includes bibliographical references
520 $a Infrastructure-as-a-Service (IaaS) clouds provide computation and storage services to enterprises and individuals with increased elasticity and low cost. Cloud customers rent resources in the form of virtual machines (VMs). However, these VMs may face various security threats.
520 $a This dissertation proposes a new architectural framework, CloudMonatt , to detect and mitigate potential security threats targeting customers' VMs in cloud computing. CloudMonatt monitors the security health of VMs and attests to customers if they are getting their desired security. It takes actions to mitigate the potential threats that can compromise the security properties requested. We design cloud management and security services, and define new hardware-software modules in cloud servers to provide the underlying measurements. We define secure communications protocols to guarantee that the monitoring service takes place in an unforgeable way.
520 $a To demonstrate how CloudMonatt can enhance the VMs' security, we consider a variety of threats and their defenses that can be integrated in CloudMonatt. We first consider threats on resource availability. We design a set of memory Denial-of-Service (DoS) attacks: an attacker VM can abuse the shared memory resources to significantly degrade a victim VM's performance. Then we statistically monitor VMs' resource consumption behaviors to detect these attacks, and use resource throttling to mitigate the availability threats.
520 $a Next, we consider subtle attacks on confidentiality, specifically cache side-channel attacks. An attacker VM can exploit a shared CPU cache to steal information from the victim VM. We collect VMs' micro-architectural behaviors and use a combination of signature and anomaly detection techniques to identify the existence of various side-channel attacks. We use targeted VM migration to eliminate these confidentiality threats.
520 $a Then, we consider attacks on system integrity within a VM. We show how to protect a VM's system integrity from malware, using Virtual Machine Introspection (VMI) to passively collect information for malware detection and also actively change the VM's execution paths to defeat the potential malware.
520 $a In summary, CloudMonatt is a general-purpose architecture for providing VM security monitoring and protection to cloud customers. We hope CloudMonatt can be a foundation for future work on protecting VMs' security health in cloud computing.
533 $a Electronic reproduction. $b Ann Arbor, Mich. : $c ProQuest, $d 2018
538 $a Mode of access: World Wide Web
650 4 $a Computer engineering. $3 569006
655 7 $a Electronic books. $2 local $3 554714
690 $a 0464
710 2 $a ProQuest Information and Learning Co. $3 1178819
710 2 $a Princeton University. $b Electrical Engineering. $3 1181685
773 0 $t Dissertation Abstracts International $g 79-04B(E).
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=10622170 $z click for full text (PQDT)