EVM and IVM Dynamics in Cloud Environment

EVM and IVM Dynamics in Cloud Environment

Available online at www.sciencedirect.com ScienceDirect Procedia Computer Science 85 (2016) 834 – 842 International Conference on Computational Mode...

424KB Sizes 0 Downloads 42 Views

Available online at www.sciencedirect.com

ScienceDirect Procedia Computer Science 85 (2016) 834 – 842

International Conference on Computational Modeling and Security (CMS 2016)

EVM and IVM Dynamics in Cloud Environment S.B. Dasha, A.Mishrab, T.C. Pandac, S.Panid* a

Research scholar at CUTM , Paralakhemundi-761211,[email protected] Department of Mathematics, CUTM, Paralakhemundi-761211,[email protected] Department of Mathematics, Ravenshaw University, Cuttack, Odisha, India- 753003,[email protected] d Department of Computer Science & Engineering,Orissa Engineering College,Bhubaneswar-752050,[email protected] b

c

Abstract

Infrastructure as a Service (IaaS) is an innovative and one of the significantly achieved developments in the cloud computing environment. Providing security to the cloud virtual machines and users' data, are the greatest challenge of information system. So understanding the risks of the security and privacy in the cloud and developing efficient and effective solutions for it is really a difficult task. This model outlines the dynamics of both populations i.e. Exposed Virtual machine (EVM) and Infectious Virtual machine (IVM) in the cloud based upon the PredatorPrey Model. The proposed work would minimize the threats to the virtual machines in the cloud environment irrespective of the user’s applications and security policy. It will basically ensure the degree of the security of virtual machines in a cloud environment which helps the cloud service providers to take the quick decisions and about the up gradation of the counter attack measurements. ©2016 2015The TheAuthors. Authors. Published by Elsevier © Published by Elsevier B.V.B.V. This is an open access article under the CC BY-NC-ND license Peer-review under responsibility of organizing committee of the 2016 International Conference on Computational Modeling and (http://creativecommons.org/licenses/by-nc-nd/4.0/). Security (CMS Peer-review under2016). responsibility of the Organizing Committee of CMS 2016

Keywords: Cloud computing; Cloud Virtualization Security; Predator-Prey model ; Exposed Virtual machine; Infectious Virtual machine.

1877-0509 © 2016 The Authors. Published by Elsevier B.V. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/). Peer-review under responsibility of the Organizing Committee of CMS 2016 doi:10.1016/j.procs.2016.05.273

S.B. Dash et al. / Procedia Computer Science 85 (2016) 834 – 842

1. Introduction Cloud computing is a distributed computing environment that provides on demand services to the users for deploying their computational needs in a virtualized environment without the knowledge of technical infrastructure.A node in the cloud environment stores the data and information and gives the user a platform to use the application in the form of services. Therefore, there is a significant possibility of intrusions or attacks that occurs in the cloud based applications. An attack is define as an external force by which the nodes existing in one state transfers into other. Based on the attacks in the cloud environment the nodes are classified in different types.Vulnerable/exposed nodes are the nodes those can be exploited by the malicious attacks. Some vulnerable nodes on which attacks are carried out but still they cannot help in propagation of infection are called attacked nodes. Some of them are the infected nodes and help in propagation of infection known as infectious nodes which is the most hazardous category. The recovered nodes from the infectious category and having no infections are called as non-infectious nodes. Therefore, it is better to predict infectious nodes in the network. It can be predicted from the attack history or from the vulnerability analysis of the network which requires a considerable efforts and use of resources. The trustworthiness in a cloud based network is a concept that encompasses not only security but also safety, survivability of its nodes and other properties that guarantee a network will behave as expected. In a network no of infectious nodes will be minimized then the network is worthy and being trusted.[2][5] Therefore, a prediction method can help to fix the suspected domain to check the infectious nodes. It can be achieved by the help of Predator-Prey Model. A small predator population in the midst of plentiful prey eventually outgrows its food source, which eventually contracts by being eaten, the two populations cycling through boom and bust, 90 degrees out of phase with each other[4][6][8]. The details of this model are worth exploring. The prey is assumed to enjoy an unlimited food supply and will grow at a rate proportional to its population, less a rate at which it gets eaten. The rate at which it gets eaten is assumed proportional to both its own population and the predator’s population. The predator dies at a rate proportional to its population, unless it is fed, in which case we add a growth rate proportional to both its population and the population of prey. Predator-Prey model for computing the proportion of the Exposed Virtual machine (EVM) and Infectious Virtual machine (IVM) to check the trustworthiness in the cloud based network. Our proposed model is to make the cloud computing architecture perfect and built a more comprehensive network. Two of the possible cases for the established model for modelling of dynamics of single population i.e. Exposed Virtual machine (EVM) and modelling of dynamics of both populations i.e. Exposed Virtual machine (EVM) and Infectious Virtual machine (IVM) in the cloud are discussed. The Predator-Prey Model can be understood by considering the growth of rabbits in the present of foxes in the jungle. If there is an infinite food supply, the rabbits would live happily and experience exponential growth. On the other hand, if the foxes were left with no prey to eat, they would die faster than they could produce, and would experience exponential population decline. A similar analogy to the Predator-Prey Model can be used to predict the growth of a malicious attack in the cloud based Networks. 2. Literature Review Yunfa Li, Wanqing Li, Congfeng Jiang(2010) in A Survey of Virtual Machine System: Current Technology and Future Trends, describes the current technology and present the future trends of virtual machine system. In the current technology of virtual machine system, the authors mainly describe the virtualization technology, the resource scheduling technology, the migration technology, the security technology and the performance evaluation technology. Dimitrios Zissis , Dimitrios Lekkas(2010) introduce a Trusted Third Party, tasked with assuring specific security characteristics within a cloud environment. The proposed solution calls upon cryptography, specifically Public Key Infrastructure operating in cloud environment, to ensure the authentication, integrity and confidentiality of involved data and communications. The solution, presents a horizontal level of service, available to all implicated entities, that realizes a security mesh, within which essential trust is maintained. Marcos Laureano, Carlos Maziero, Edgard Jamhour presents a proposal to increase the trustworthiness of computing systems using virtual machine technology. It proposes the application of intrusion detection mechanisms in order to detect and block attacks

835

836

S.B. Dash et al. / Procedia Computer Science 85 (2016) 834 – 842

against services running on virtual machines. The main benefit of this approach is to monitor the virtual machine from outside (from the real underlying system), thus keeping the intrusion detection system safe, out of reach from intruders. Mishra and Ansari(2009) proposed two mathematical model to study the prey-predator system in computer network. In the first model the authors outlined the infected and uninfected nodes as prey and malicious objects are predators. In the second model malicious objects constitute the prey and anti-malicious software as the predator. Also Mishra and Saini(2007) developed an epidemiological model for transmission of malicious objects in the computer networks. Chen et al(2003) presented a mathematical model referred to the analytical worm propagation(AAWP) model, which characterizes the propagation of worms that employ random screening taking the concept of prey-predator epidemiological model. They compared the model with the Epidemiological model and weaver’s simulator talking the Red v2 worm and gave a quantitative analysis for monitoring, detecting and defending against worm. Jeffrey et al(1997) analyzed that perhaps computer viruses and computer immune systems are merely precursors of an eventual rich ecosystem of artificial life forms that will live, die, cooperate and prey on one another cyber space. Freedman(1990) studied a prey-predator system, in which some members of prey populations and all predators are subjected to infection by parasites and derived conditions for persistence of all populations. Anderson and May(1986) outlined the invasion of a resident prey-predator or host parasites system by a new strain of parasites. Hadeler and Freedman(1989) also studied the similar phenomena. According to Ambrose & Clave, the predator-prey interactions has-been the purpose of Numerous studies, specially predator those related to use in biological control in agro-ecosystems. The Reduviidae family is Considered as economically important, because it includes an group of generalist predators Associated with many types of pests in different agricultural systems. According to Holling there are four basic types of functional response: I (linear), II (curvilinear), III (sigmoidal), and IV (dome-shaped). The responses of types I and II are found in most invertebrates, where as type III is more common in vertebrates, arthropods, Although some can show this response also, when preferential prey is not available .A type IV response occurs only when other prey of the same or of a different species interfere in handling or if the predator prey show some kind of defence behaviour, which can intensify at higher densities one of the key aspects of a predator-prey interaction outlined by Solomon in 1949 is the relationship Between predator prey density and consumption, to Which Attributed the term "functional response". In 1965 Holling and in 1976 Hassel contributed that the functional response has components: such as exposure time, prey searching time, instant attack rate or rate discovery, search efficiency, and handling time, Which includes the time spent dominating, eating, and digesting the prey. The study of the different types of functional response is Important in understanding the underlining Mechanisms in predator-prey interaction, in Elucidating the practical role of co evolutionary relationships, and in Contributing towards biological control using esta kind of interaction (Houck & Strauss, 1985). In This context, many predaceous insects acerca experiments in agricultural systems evaluated have diverse aspects of the functional response by Veeravel & Baskaran (1997) and Vieira in (1997) with coccinelids; Heimpel & Hough-Goldstein (1994), Saini in (1997), and O 'Neil (1997) With pentatomids; and Fonseca (2000) with neuropters.

3. The Prediction Model An attack is an external force by which the Virtual machines (VM) existing in one category transfers into other category. The vulnerable Virtual machines are the VM those can be exploited by the malicious attacks. Some are non- vulnerable VM that are not exploited by the malicious attacks. The attacked VM are vulnerable machines on which attacks are carried out but still they cannot help in propagation of infection. The Infectious VMs are the infected VM and help in propagation of infection. And some are non-infectious VM are recovered from the infectious category and having no infection [7][8]. The figure-2 shown below is an example of intra VM attack where attack in VM1 reflects to VM2 and VM3.

S.B. Dash et al. / Procedia Computer Science 85 (2016) 834 – 842

Fig-1 : intra VM attack 4. Basic Terminologies Table:1 Assumptions, variables and parameters of the model N0 = The initial no of VM that vulnerable to attack i.e. the prey P = The number of infectious VM actually searching i.e. the predator. A = The coefficient of attack i.e. NA per P K = The maximum number of attacks that can be made per P during the period N0 are Vulnerable α = Coefficient of intraspecific competition. β = Per-capita rate of predation of the predator. γ = Death rate of predator. δ = The product of the per-capita rate of predation and the rate of conversing vulnerable VM into infectious VM μ1 =γ/δ μ2= α/β dP/dt=Growth rate of infectious VM in cloud i.e. Predator dN0/dt =Growth rate of vulnerable VM in cloud i.e. Prey

5. The Preydator-Prey Model The Predator-Prey Model can be understood by considering the growth of rabbits in the presence of foxes in the jungle. If there is an infinite food supply, the rabbits would live happily and experience exponential growth. On the other hand, if the foxes were left with no prey to eat, they would die faster than they could produce, and would experience exponential population decline. A similar analogy to the Predator-Prey Model can be used to predict the growth of a malicious attack in the cloud based Networks[14,15,16,17].Initially, in the virtual machines there are very few infections and hence recovery rate will be less. Gradually, the infections increased and hence the recovery rate will be increased.[21].After some time an equilibrium state will be achieved in between recovery rate and infections by Malicious attacks in the cloud network.

837

838

S.B. Dash et al. / Procedia Computer Science 85 (2016) 834 – 842

Figure 2. [ Predator-Prey Model for cloud based Network] In the present scenario prey is Exposed virtual machines (EVM) in cloud and Predator is Infectious virtual machines (IVM) in cloud. Hence, in the text the Predator-Prey model states thatEVM rises to a constant number of amounts per unit of time as new nodes are added to the network; In other words, there are no other factors limiting EVM population growth apart from predation. Each IVM infects a constant proportion of the EVM population per unit of time; In other words, doubling the EVM population will double the number infected per IVM, regardless of how big the EVM population is. IVM reproduction is directly proportional to EVM consumed; another way of expressing this is that a certain number of EVM consumed results in new IVM s. A constant proportion of the IVM population dies per unit of time. In other words, the IVM death rate (approaching to non-recoverable state) is independent of the recoverable process as there are other means like hardware failure or power failure.[17-19]Above mentioned situation (Figure-2) can be better represented by Lokta-Volterra equations also known as the Predator-Prey equations. They evolve in time according to the following pair of equationsLokta-Volterra Equations = P(α-βN0) = -N0(γ-δP)

(1) (2)

Where, N0 is the number of Prey i.e. exposed VM in cloud to the malicious attacks. P is the number of some Predator i.e. infected VM in cloud which are ready to spread the infection to other healthy VM. and represents the growth rate of the two populations i.e. infected VM and exposed VM respectively. α is a coefficient of intraspecific competition. β is per-capita rate of predation of the predator. γ is death rate of predator. and δ is the product of the per-capita rate of predation and the rate of conversing exposed VM into infectious VM. 6. Modeling Of Dynamics Of Both Populations i.e. Exposed Virtual Machines (EVM) And Infectious Virtual Machines(IVM)

S.B. Dash et al. / Procedia Computer Science 85 (2016) 834 – 842

Figure 3. [Model diagram of dynamics of both populations i.e. EVM and IVM] EVM rises to a constant number of amounts per unit of time as new nodes are added to the network; In other words, there are no other factors limiting EVM population growth apart from predation with prey population as shown by Figure 4.

Figure 4. [Model diagram of EVM population growth] Each IVM infects a constant proportion of the EVM population per unit of time; In other words, doubling the EVM population will double the number infected per IVM, regardless of how big the EVM population is, as shown by Figure 5.

Figure 5. [Model diagram of EVM & IVM population growth]

839

840

S.B. Dash et al. / Procedia Computer Science 85 (2016) 834 – 842

IVM reproduction is directly proportional to EVM consumed; another way of expressing this is that a certain number of EVM consumed results in new IVM s. A constant proportion of the IVM population dies per unit of time. In other words, the IVM death rate (approaching to non-recoverable state) is independent of the recoverable process as there are other means like hardware failure or power failure, as shown by Figure 6.

Figure :6. [Model diagram of EVM & IVM population growth] This reflects the assumption that the IVM reproduction is proportional to rate of predation on the EVM as depicted by figure-7. [7][8].In this case the EVM and the IVM completes the cycle, with the EVM population crashing as the IVM population increases, followed by a crash in the IVM population.

Figure: 7 [Model diagram of EVM and the IVM population growth] 7. Conclusion This paper explains the Predator-Prey model for computing the proportion of the Exposed Virtual Machines (EVM) and Infectious Virtual Machines (IVM) to check the trustworthiness in the cloud virtualization environment. Also this model is to make the cloud computing architecture perfect and built a more comprehensive network. The proposed work will help the cloud service providers to find out the utility of virtual machines (VM) and the impact of Anti Malicious Software (AMS) with its efficiency in the cloud environment so as to increase the trustworthiness.

S.B. Dash et al. / Procedia Computer Science 85 (2016) 834 – 842

8. References [1]. [2]. [3]. [4].

[5].

[6].

Xue Jing, Zhang Jian-jun2: A Brief Survey on the Security Model of Cloud Computing, 978-0-76954110-5/10 © 2010 IEEE DOI 10.1109/DCABES.2010.103 (2010). Engr: Farhan Bashir Shaikh, Sajjad Haider: Security Threats in Cloud Computing, 978-1-908320-001/11@2011 IEEE (2011). H.Sato,et al.: A Cloud Trust Model in a Security Aware Cloud, SAINT2010, pp.121-124 (2010). S. B. Dash, H. Saini , T. C. Panda, A. Mishra: Service Level Agreement Assurance in Cloud Computing: A Trust Issue, International Journal of Computer Science and Information Technologies, Vol. 5 (3) , 2014, 2899-2906 ISSN:0975-9646 (2014). M. Rajendra Prasad, R. Lakshman Naik, V.Bapuji: Cloud Computing: Research Issues and Implications, International Journal of Cloud Computing and Services Science, Vol.2, No.2, pp. 134~140 ISSN: 20893337 (2013). Yunfa Li, Wanqing Li and Congfeng Jiang. A Survey of Virtual Machine System: Current Technology and Future Trends, Third International Symposium on Electronic Commerce and Security (2010).

[7]. [8].

[9].

[10].

[11]. [12]. [13].

[14].

[15]. [16]. [17].

[18].

[19].

[20]. [21].

Francesco M.A, Gianni F.: An approach to a cloud Computing network, IEEE Explorer, pp113-118 (2008). S B. Dash, H. Saini, T C. Panda, A. Mishra: Prediction of Trustworthiness in the Cloud Computing Environment using Predator-Prey Model. International Journal of Cloud Computing and Services Science, Vol.2, No.5, pp. 336~344 ISSN: 2089-3337 (2013). S. B. Dash, H. Saini , T. C. Panda, A. Mishra: A Theoretical Aspect of Cloud Computing Service Models and Its Security Issues: A Paradigm, Journal of Engineering Research and Applications ,ISSN : 2248-9622, Vol. 4, Issue 6, pp.248-254 (2014). Vahid Ashktorab, Seyed Reza Taghizadeh: Security Threats and Countermeasures in Cloud Computing, International Journal of Application or Innovation in Engineering & Management , Volume 1, Issue 2, ISSN 2319 – 4847 (2012). Mladen A. Vouch: Cloud Computing Issues, Research and Implementationsԡ , Journal of Computing and Information Technology - CIT 16, 4, 235–246 (2008). T .Royama: A comparative study of models for predation and parasitism, Canadian forestry services, Canada (1971). Ian M. Chapman, Sylvain P. Leblanc, Andrew Partington: Taxonomy of cyber attacks and simulation of their effects, In Proceedings of the 2011 Military Modeling & Simulation Symposium (MMS '11), Society for Computer Simulation International, San Diego, CA, USA, 73-80 (2011). Sean P. Gorman, Rajendra G. Kulkarni, Laurie A. Schintler, Roger R. Stough: A predator prey approach to the network structure of cyberspace, In Proceedings of the winter international synposium on Information and communication technologies (WISICT '04), Trinity College Dublin 1-6 (2004). P. Cull: Global stability for population models, Bull. Math. Biol. 43, 47–58 (1981). J.D. Murray: Mathematical Biology, Springer-Verlag, Berlin, Heidelberg, New York (1989). Lifeng Wu, Yinao Wang: Estimation the parameters of Lotka-Volterra model based on grey direct method and its application. Expert Syst. Appl. 38, 6, 6412-6416. modelling DOI=10.1016/j.eswa.2010.09.013 http://dx.doi.org/10.1016/j.eswa.2010.09.013 (2011). B. Batiha, M. S. M. Noorani, I. Hashim: Variational iteration method for solving multispecies LotkaVolterra equations. Comput. Math. Appl. 54, 7-8, 903-909. DOI=10.1016/j.camwa.2006.12.058 http://dx.doi.org/10.1016/j.camwa.2006.12.058 (2007). AMBROSE, DP & CLAVER, MA, 1996, Size preference and functional response of the predator reduviid Rhynocoris marginatus Fabricius (Heteroptera: Reduviidae) con sus prey Spodoptera litura (Fabricius) (lepdoptera: Noctuidae). J. Biol Control.. , 10 . 29-37 Holling, CS, 1965, The functional response of predators to prey density and Its role in mimicry and population regulation. Mem. Entomol. Can Soc.. , 45 : 1-60 AMBROSE, DP & CLAVER, MA, 1997, Functional and numerical responses of the reduviid predator, Rhynocoris fuscipes F . (Het., Reduviidae) to cotton leafworm F Spodoptera litura . (Lep., Noctuidae). J. App Entomol.. , 121: 336. Number 333

841

842

S.B. Dash et al. / Procedia Computer Science 85 (2016) 834 – 842

[22]. [23]. [24].

SOLOMON, ME, 1949, The natural control of Populations animal. J. Anim. Ecol, 18. . 1-35 Claire Elliott. Botnets: To what extent are they a threat to information security?, Inf. Secur. Tech. Rep. 15, 3, 79-103. DOI=10.1016/j.istr.2010.11.003 http://dx.doi.org/10.1016/j.istr.2010.11.003 (2010). Moussa Ouedraogo, Djamel Khadraoui, Haralambos Mouratidis, Eric Dubois: Appraisal and reporting of security assurance at operational systems level, J. Syst. Softw. 85, 1, 193-208. DOI=10.1016/j.jss.2011.08.013 http://dx.doi.org/10.1016/j.jss. 2011.08.013 (2012).