閱讀全文 | |
篇名 |
Design Issues of the Side-Channel Attacks Protecting Scheme in Cloud Computing Environment
|
---|---|
並列篇名 | Design Issues of the Side-Channel Attacks Protecting Scheme in Cloud Computing Environment |
作者 | Shin-Jer Yang、Chia-Chi Yen |
英文摘要 | The computing resources can be utilized and shared with other VMs on the same physical machine, thus there exists information security in cloud computing. Cloud services such as IaaS, PaaS and SaaS can employ the multi-tenancy control to accomplish the applications independence and data isolation for different tenants. The SCA attacker can break into the shared computing resources and steal stored data of other users on the physical machine, which results in data leakage and theft. Therefore, we examine and fix the security issues of current CP-SCA to propose new CRDPS scheme for enhancing defense capability of SCA. The CRDPS can monitor the ICMP and TCP SYN packets to determine whether the sender is a SCA attacker. Then, we perform some simulations using UNB CIC Dataset to analyze and compare the CRDPS and CPSCA schemes in terms of four KPIs. Finally, the simulation results indicate that the CRDPS has a better detection rate, higher accuracy ratio, and system throughput than the CP-SCA about 8.51%, 41.36%, and 251 packets respectively, but there is a 4.28% overhead in average processing time. Consequently, the proposed CRDPS can accurately identify the attackers to harden the security and enhance the total quality in cloud services, especially in SaaS. |
起訖頁 | 713-721 |
關鍵詞 | Cloud Computing、Side-Channel Attacks、ICMP、TCP SYN、Co-Residency Detection |
刊名 | 網際網路技術學刊 |
期數 | 202005 (21:3期) |
出版單位 | 台灣學術網路管理委員會 |
DOI |
|
QR Code | |
該期刊 上一篇
| An Application of Differential Evolution Algorithm-based Restricted Boltzmann Machine to Recommendation Systems |
該期刊 下一篇
| Certificateless Ring Signature Scheme from Elliptic Curve Group |