Towards Models for Availability and Security Evaluation of Cloud Computing with Moving Target Defense

Abstract

Security is one of the most relevant concerns in cloud computing. With the evolution of cyber-security threats, developing innovative techniques to thwart attacks is of utmost importance. One recent method to improve cloud computing security is Moving Target Defense (MTD). MTD makes use of dynamic reconfiguration in virtualized environments to "confuse" attackers or to nullify their knowledge about the system state. However, there is still no consolidated mechanism to evaluate the trade-offs between availability and security when using MTD on cloud computing. The evaluation through measurements is complex as one needs to deal with unexpected events as failures and attacks. To overcome this challenge, we intend to propose a set of models to evaluate the availability and security of MTD in cloud computing environments. The expected results include the quantification of availability and security levels under different conditions (e.g., different software aging rates, varying workloads, different attack intensities).