A signaling game approach to mitigate co-resident attacks in an IaaS cloud environment

Cloud service providers (CSPs) offer a variety of services that are opening the door to the infinite possibilities of cloud computing. Despite numerous benefits offered by the CSPs, there are, however, some security issues that may dissuade users. In cloud computing, different virtual machines (VMs) often share the same physical resources, which are known as co-resident VMs. The shared physical resources pose a significant threat to the users as resources may belong to competing organizations as well as unknown attackers. From the perspective of a cloud user, there is no guarantee whether the co-resident VMs are trustworthy. The shared resources make privacy and perfect isolation implausible, which paves the way for co-resident attacks in which a VM attacks another co-resident VM through a covert side channel that can be used to extract another user's secret information or launch denial of service attacks. The attack campaign becomes more damaging when multiple co-resident VMs collaborate. In this paper, we analyze the co-resident attacks and corresponding defense strategies, with respect to benign and malicious VMs and the defender, i.e., the VM monitor (VMM), using a signaling game model. The solutions to the game provide optimal defense strategies for the VMM with respect to the expected number of malicious VMs in collaboration. We evaluate the game results through simulations on various synthetic attack scenarios. The results show that the defender can effectively resist co-resident attacks by distinguishing the benign and malicious VMs.