SlideShare a Scribd company logo

H1803025360

β€’
β€’
IOSR Journals
IOSR Journals

1. The document proposes a threat modeling approach called "randomized seeding attack Model" to prevent attacks that could affect virtual machines in the cloud. 2. The model uses Fibonacci and Lucas number series to represent how attacks could randomly spread from one virtual machine to others in the cloud environment. 3. Key aspects of the model include using random Fibonacci sequences to represent the spreading of attacks, where each new virtual machine affected is represented by the next number in the sequence.

Related slideshows

Network Threat Characterization in Multiple Intrusion Perspectives using Data...
Network Threat Characterization in Multiple Intrusion Perspectives using Data...Network Threat Characterization in Multiple Intrusion Perspectives using Data...
Network Threat Characterization in Multiple Intrusion Perspectives using Data...
 
M43057580
M43057580M43057580
M43057580
 
An Optimal Risk- Aware Mechanism for Countering Routing Attacks in MANETs
An Optimal Risk- Aware Mechanism for Countering Routing Attacks in MANETsAn Optimal Risk- Aware Mechanism for Countering Routing Attacks in MANETs
An Optimal Risk- Aware Mechanism for Countering Routing Attacks in MANETs
 
1 of 8
Download to read offline
IOSR Journal of Computer Engineering (IOSR-JCE) e-ISSN: 2278-0661,p-ISSN: 2278-8727, Volume 18, Issue 3, Ver. II (May-Jun. 2016), PP 53-60 www.iosrjournals.org DOI:10.9790/0661-1803025360 www.iosrjournals.org 53 | Page Threat Modeling Based on Randomized Seeding Attacks In Cloud Virtual Machines Alexander Ngenzi1 ,Dr. Selvarani R2 ,Dr. Suchithra R3 1 Phd Student , Department Of Computer Science Engineering, Jain University, Bangalore-India 2 Professor ,Computer Science Engineering, Alliance University, Bangalore, India 3 Hod, Department Of Master Of Science In Information Technology, Jain University, Bangalore . India. Abstract: Threats in virtual machines have been a major challenge in most cloud data centers. The attack/ threat begins from physical machines (hosts) and spreads to all virtual machines(guests). As a result, the virtual machines get infected rapidly by recursive growth of the seeds/ nodes generated in a random manner. This paper proposes threat modeling based on randomized growth of these seeds or nodes. The simulated attacks are free from a deterministic pattern and hence all threats can be detected and prevented. The aim of this work is to de- velop a mathematical model to prevent seeding attack on virtual machines on the cloud. It presents both Lucas and Fibonacci series and draw relationship between them where by each VM affected is identified and the VMs can be prevented from these attacks. Keywords: Cloud computing, STRIDE, VMs, APIs, ASF, DREAD, Randomized seeding attack. I. Introduction In this paper, we propose threat modeling " randomized seeding attack Model " that prevents threats/attacks which may affect the virtual machines(VMs) on the cloud. The phrase ―cloudβ€– originates from the cloud symbol used by flow charts and diagrams to symbolize the Internet. The term cloud computing refers to both the applications delivered as services over the Internet and the servers and system software in the datacen- ters that provide those services. The virtual machines(VMs) on the cloud may be affected due to the sharing of resources among themselves. In the proposed model only one virtual machine can be spread all over the other virtual machines and there is a need to analyze the attacks invading the VMs so that we prevent spread of these attacks in the entire cloud. The proposed model is achieved by using both Lucas and Fibonacci series. Both Fi- bonacci and Lucas numbers are generated by adding the last two numbers in the series. The rest of this paper is organized as follows; it gives literature review/related work of how seeding attack can invade the virtual ma- chines on the cloud , proposes threat modeling system based on random seeding attacks and discusses the expe- rimental setup and results as well as references from different authors on security or threat modeling. II. Related Work The customer divides his data among several service providers(𝑆𝑃s) available in the market, based on his available budget. Also it provides a decision for the customer, to which 𝑆𝑃s must choose to access data, with respect to data access quality of service offered by the 𝑆𝑃s at the location of data retrieval. This does not only rules out the possibility of a 𝑆𝑃 misusing the customers’ data, breaching the privacy of data, but also can easily ensure the data availability with a better quality of service[1] . In viral marketing, a key problem is to se- lect an initial β€–seedβ€– set from the network such that the entire network adopts any behavior given to the seed. Here authors introduced a method for quickly finding seed sets that scales to very large networks. The approach
Threat Modeling Based On Randomized Seeding Attacks In Cloud Virtual Machines DOI:10.9790/0661-1803025360 www.iosrjournals.org 54 | Page found a set of nodes that guarantees spreading to the entire network under the tipping model[2]. Infrastructure as a Service (IaaS) serves as the foundation layer for the other delivery models, and a lack of security in this layer will certainly affect the other delivery models, i.e., platform as as a service (PaaS), and software as a service (SaaS) that are built upon IaaS layer[7]. From this point of view, the number one service or feature that is miss- ing is security of data. There are two levels of concern here. One is focused on preventing others (such as anoth- er customer) from reading private data. This is a clear and obvious concern and prominent in scenarios such as theft, or other direct malicious attack. The other one is concerned with the service provider reading private data. Besides simple lack of trust of the provider themselves, it should be obvious that the service provider is not 100% immune to attacks or other malicious activity, targeted or otherwise. These two levels of concerns apply to other security issues as well, and of course are commensurate with the level of confidentiality de- sired[8].Authors considered intruder model and requirements that need to be satisfied to provide required level of privacy. Since previous research show that crypto- graphic means cannot always provide protection (espe- cially in long term) authors proposed a trust-based privacy protection. The approach was based on subjective logic that applied to measure/monitor level of trustworthiness of cloud service providers. Authors explained how users have to handle their data to minimize privacy treats in the cloud[9]. In their paper, authors proposed a se- curity metric that enables service providers and service subscribers to quantify the risks that they incur as a re- sult of prevailing security threats and system vulnerabilities[15]. The security metric proposed in this paper was quantified in economic terms, thereby enabling providers and subscribers to weight these risks against re- wards, and to assess the cost effectiveness of security countermeasures. Critical to the identification of threats is using a threat categorization methodology. A threat categorization such as spoofing user identity, tempering with data, repudiations, information disclosure, denial of service and elevations of privileges(STRIDE) can be used, or the Application Security Frame (ASF) that defines threat categories such as Auditing & Logging, Authentica- tion, Authorization, Configuration Management, Data Protection in Storage and Transit, Data Validation, Excep- tion Management. The goal of the threat categorization is to help identify threats both from the attacker (STRIDE) and the defensive perspective (ASF). DFDs help to identify the potential threat targets from the attacker's perspective, such as data sources, processes, data flows, and interactions with users. These threats can be identified further as the roots for threat trees; there is one tree for each threat goal. From the defensive pers- pective, ASF categorization helps to identify the threats as weaknesses of security controls for such threats. Common threat-lists with examples can help in the identification of such threats. Use and abuse cases can illu- strate how existing protective measures could be bypassed, or where a lack of such protection exists. The deter- mination of the security risk for each threat can be determined using a value-based risk model such as DREAD or a less subjective qualitative risk model based upon general risk factors (e.g. likelihood and impact)[17]. In this paper, authors used Damage potential, Reproducibility, Exploitability, Affected users and Discoverability (DREAD) modeling. III. Spreading of randomized seeding Attacks on Cloud Here we assume that virtual machine VM1 is the source of attack and carries viruses. Due to the sharing of resources, it affects all other virtual machines and physical machines on the cloud. Once the physical ma- chine is affected, there is a possibility that VM2, VM3.........VMn be affected and process continues until the entire cloud is affected. The orange colored VM is the attack that affects the rest of VMs in the cloud. The green colored VMs are the VMs which have no problem. The affected VM enters in the cloud environment where it causes other VMs to be affected. The outgoing arrows show that the infection is spread all over the VMs on the cloud. This scenario is shown in the figure below taking into account of all VMs:
Threat Modeling Based On Randomized Seeding Attacks In Cloud Virtual Machines DOI:10.9790/0661-18211XXXXX www.iosrjournals.org 55 | Page Figure1: Attacks originating from VM 1 are spread over the Cloud IV. Problem Statement Threat modeling based on seeding attacks is achieved by using both Lucas and Fibonacci series. Both Fibonacci and Lucas numbers are generated by added the last two numbers in the series. With Fibonacci the series starts with 0,1 where as with Lucas the series starts with 2,1 and so here is part of the Lucas number se- ries: 1. Adding up alternate Fibonacci numbers produces the Lucas numbers. Mathematically L(n) = F(n-1) + F(n+1). where L is the Lucas series with L(n) is the nth Lucas number. Similarly F for Fibonacci 2. Adding alternative Lucas numbers produces multiples of the Fibonacci series, where the multiple is 5. i.e., 5 F(n) = L(n-1) + L(n+1) Based on the scenario in the above equations it proves that any individual attack follows Fibonacci series. V. Proposed threat modeling system Assume that at least one VM is affected, the attack is seeded onto other VMs. The dynamic sharing of resources among VMs allow each VM to be affected by attacks and eventually affects the entire cloud. In this model, we use Random Fibonacci sequences. This can be demonstrated below: Given that: 𝐿 𝑛 = 1 𝛾 (π‘Ž π‘›βˆ’1 + π‘Ž 𝑛+1) (i) 𝐿0 =2, 𝐿1 =1 Initially no nodes are affected .π‘Ž0 = 0 Next " node 1" may be affected. π‘Ž0 = 0 , π‘Ž1 = 1 are the first pair of seeds. 𝐿 𝑛 is the possible number of nodes to be affected in the nth VM. The number of nodes affected at the nth machine is following the difference equations given below: π‘Ž 𝑛+1 = π‘Ž π‘›βˆ’1 + π‘Ž 𝑛 , 𝑛 β‰₯ 2 (ii) π‘Ž0 = 0 , π‘Ž1 = 1 from (i) above, we assume that All VMs talk to each other and Ξ³ is the Random Fibonacci sequence. Equa- tion (ii) is nothing but the Fibonacci sequence. By using relation between Lucas and Random Fibonacci sequences , we can have the following equations: Cloud V M 1 V M 5 V M 3 V M 4 V M 2 V M n V M 6
Threat Modeling Based On Randomized Seeding Attacks In Cloud Virtual Machines DOI:10.9790/0661-1803025360 www.iosrjournals.org 56 | Page 1. 2 1 n i i F ο€½ ο€½οƒ₯ 𝐹𝑛 +𝐹𝑛+1 ............ (1) 2. 𝐹𝑛 = 1 5 1+ 5 2 𝑛 + 1βˆ’ 5 2 𝑛 ........... (2) 3. 𝐿 𝑛 = 𝐿 π‘›βˆ’1 + 𝐿 π‘›βˆ’2, 𝑛 β‰₯ 2 .......... (3) 𝐿0 =2, 𝐿1 =1 from the equation (3) above we can get : 𝐿 𝑛 =πΉπ‘›βˆ’1 + 𝐹𝑛+1 and therefore, 𝐿 𝑛 = 1+ 5 2 𝑛 + 1βˆ’ 5 2 𝑛 ..................... (4) j n L L is the probability that VM "j" may be affected given that all previous VMs are affected. It is the trans- mission probability that node j will be affected. Here node and VM are used interchangeably. Given that: π‘Ž 𝑛 = 1 5 ⦋ 1 + 5 2 𝑛 + 1 βˆ’ 5 2 𝑛 ] We need to show how it solves the assumption π‘Ž 𝑛+1 = π‘Ž π‘›βˆ’1 + π‘Ž 𝑛 . π‘Ž0 = 0 , π‘Ž1 = 1 Proof: 𝑛 = 0, 𝑛 = 1 true (simple substitution by inspection) Hypothesis: if 𝑛 = π‘˜ is true, then π‘Ž π‘˜+1 = π‘Ž π‘˜βˆ’1 +π‘Ž π‘˜ Induction step: if non deterministic sequence(NTS) is true for 𝑛 = π‘˜ + 1 , then π‘Ž 𝑛+2 =π‘Ž π‘˜ +π‘Ž π‘˜+1 𝑅𝐻𝑆 = 1 5 ⦋ 1+ 5 2 π‘˜ βˆ’ 1βˆ’ 5 2 π‘˜ + 1 5 ⦋ 1+ 5 2 π‘˜+1 βˆ’ 1βˆ’ 5 2 π‘˜+1 ] = 1 5 { 1+ 5 2 π‘˜ 1 + 1+ 5 2 βˆ’ 1βˆ’ 5 2 π‘˜ 1 + 1βˆ’ 5 2 } = 1 5 { 1+ 5 2 π‘˜ 2+1+ 5 2 βˆ’ 1βˆ’ 5 2 π‘˜ 2+1βˆ’ 5 2 } = 1 5 { 1+ 5 2 π‘˜ . 1 22 6 + 2 5 βˆ’ 1βˆ’ 5 2 π‘˜ . 1 22 6 βˆ’ 2 5 } = 1 5 { 1+ 5 2 π‘˜ . 1+ 5 2 2 βˆ’ 1βˆ’ 5 2 π‘˜ . 1βˆ’ 5 2 2 } This gives the following equation: ak+2 = 1 5 { 1+ 5 2 π‘˜+2 βˆ’ 1βˆ’ 5 2 π‘˜+2 } for an = 𝛾 5 { 1+ 5 2 𝑛 βˆ’ 1βˆ’ 5 2 𝑛 } π‘Ž0 = 0, π‘Ž1 =Ξ³
Threat Modeling Based On Randomized Seeding Attacks In Cloud Virtual Machines DOI:10.9790/0661-18211XXXXX www.iosrjournals.org 57 | Page Rπ‘Ž π‘˜ +π‘Ž π‘˜+1 = 𝛾 5 { 1+ 5 2 π‘˜ βˆ’ 1βˆ’ 5 2 π‘˜ } + 𝛾 5 { 1+ 5 2 π‘˜+1 βˆ’ 1βˆ’ 5 2 π‘˜+1 } continue in the same fashion and we obtain Ξ³an+2 = an = 𝛾 5 { 1+ 5 2 𝑛 βˆ’ 1βˆ’ 5 2 𝑛 } π‘Ž0 = 0, π‘Ž1 =Ξ³ The above equation gives rise to new seeding mechanism π‘Ž 𝑛+1 =π‘Ž π‘›βˆ’1 + π‘Ž 𝑛 π‘Ž0 = 0, π‘Ž1 =γ𝛾 € π‘Ÿπ‘Žπ‘›π‘‘π‘œπ‘š (0,1) limit Li/Ln = 𝐿0 βˆ’ 2 𝑒π‘₯𝑝𝑑 𝑠𝑒𝑑 𝑒𝑝 i.e. experimental setup 𝐿 𝑛+1 = 1 𝛾 𝐿 𝑛 + 𝐿 π‘›βˆ’1 𝑛 β‰₯ 2 𝐿 𝑛 =Ξ³{ 1+ 5 2 𝑛 βˆ’ 1βˆ’ 5 2 𝑛 } By comparing with an = 𝛾 5 { 1+ 5 2 𝑛 βˆ’ 1βˆ’ 5 2 𝑛 } , there is relationship between them. 𝐿 𝑛 is a solution to the difference equation 𝐿 𝑛+1 = 1 𝛾 (𝐿 𝑛 + 𝐿 π‘›βˆ’1), 𝑛 β‰₯ 2; 𝐿0 =2, 𝐿1 =1 and an = 𝛾 5 { 1+ 5 2 𝑛 βˆ’ 1βˆ’ 5 2 𝑛 } is a solution to π‘Ž 𝑛 +1 = 1 𝛾 π‘Ž π‘›βˆ’1 + π‘Ž 𝑛+1 ; π‘Ž0 = 0, π‘Ž1=1 𝛾 € π‘Ÿπ‘Žπ‘›π‘‘π‘œπ‘š π‘›π‘’π‘šπ‘π‘’π‘Ÿπ‘ (0,1) Assumptions 1. Initially (at 0th instance) no VMs are affected. 2. 𝐿 𝑛 ≑ Possible number of VMs to be affected. 3. 𝐿 𝑖 𝐿 𝑛 =Transmission probability. 4. Assume "Ξ³" is the random number between 0 & 1 that a VM request the same resource be attacked Interpretation: 𝐿0 ,𝐿1 are the first pair of seeding attack and the consequent attack are modeled by the equation 𝐿 𝑛 = 1 𝛾 (π‘Ž π‘›βˆ’1 + π‘Ž 𝑛+1) 𝐿0 =2, 𝐿1 =1 Limit= 𝐿0 βˆ’ 2 (𝑒π‘₯𝑝𝑑 𝑠𝑒𝑑 𝑒𝑝) i.e experimental setup As it shown in the figures below, when the value is odd (Figure1),The malicious seeds grow exponentially. The rest of the figures use even number of series attack as it is shown in the figure 1&2. VI. Experimental setup and discussion of the results The simulation, set up in Java and GNU Plot is expected to achieve the following goals.
Threat Modeling Based On Randomized Seeding Attacks In Cloud Virtual Machines DOI:10.9790/0661-1803025360 www.iosrjournals.org 58 | Page i) The growth of malicious seeds on VMs ( versus n)- numerical validation of the theory using rando- mization. ii) Vs. n- Observe the transmission/attack probability growth in a dynamic and scalable environment and to ob-serve how ―Tail-boostingβ€– helps adjust the sagging probabilities and ensure that the VM’s are con- sistently attacked. iii) Versus. Time (milliseconds)β€”to observe how quickly the seeds grow and transmit. iv) ―Tail-boostingβ€– to control the infection and damage caused by the malicious seeds. v) The growth of the seeds, defined by the Lucas sequence are recursive in nature, hence self-replicating. vi) The growth of the Lucas seeds is exponential. vii) In case the Cloud is scaled up which is a very common scenario, the transmission probabilities may go down since the denominator increases while the numerator doesn’t. Tail boosting by using an altered transmis- sion. VII. Result Discussion The simulation results show the seeding attacks grow exponentially. We present either odd or even number of Lucas sequences which is distinguished by colors in the following graphs. Figure 1 is one of the odd sequences as shown below: Figure 2: The growth of malicious seeds on VMs ( versus 𝒏) for one seed-set value Figure 2 below is an example of the even number of the Lucas sequences which is presented by different colors with the respect to the simulated experiment. For example orange, blue, green and gray colors. Figure 3: The growth of malicious seeds on VMs ( versus n) for n=4, 8, 10, 12
Threat Modeling Based On Randomized Seeding Attacks In Cloud Virtual Machines DOI:10.9790/0661-18211XXXXX www.iosrjournals.org 59 | Page Figure 3 indicates multiple values at n of number of seeds for j number of VMs control of the malicious seeds in a given intervals for example in at j=8 for n= 4.6.8 and 12 Figure 4: The transition probability on VMs (versus n) for n=4, 8, 10, 12, j=8 and effects of tail-boosting j = Number of dummy VM’s for control of malicious seeds. VIII. Conclusion The proposed threat modeling system show that the threats/attacks can be prevented from attacking the systems including those of cloud. The simulation and experiments show that the model works perfectly as far as threat modeling is concerned. In this paper, both Lucas and Fibonacci series are used to determine the next threat patterns in the VMs. VM diagram and malicious seed attach graphs are drawn. we discussed how seed- ing attack can invade the virtual machines on the cloud , propose threat modeling based on random seeding at- tacks and discussed the experimental setup and results. The future work can be extended to finding how the si- mulated attacks can be identified in multiple systems on the cloud. References [1]. Yu Zhang,Bharat Bhargava (2008) Fibonacci Modeling of Malware Propagation [2]. Yashaswi Singh, Farah Kandah, Weiyi Zhang (2011); A Secured Cost-effective Multi-Cloud Storage in Cloud Computing. Com- puter Communications Workshops (INFOCOM WKSHPS), 2011 IEEE Conence DOI: 10.1109/INFCOMW.2011.5928887 ,Page(s): 619 - 624 [3]. Wesam Dawoud , Ibrahim Takouna , Christoph Meinel , Infrastructure as a Service Security: Challenges and Solu- tions @2010 in 7 th International Conference on Informatics and System, 2010 page 1-8 [4]. Joel Weis and Jim Alves-Foss: Securing Database-as-a-Service: Issues and Compromises, IEEE Security & Privacy,@2011 Volume 9 No-6 page 49-55 [5]. Brent Lagesse,β€– Challenges in Securing the Interface Between the Cloud and Pervasive Systemsβ€– IEEE conference, PERCOM @2011 page 106-110. [6]. Christian Delettre* – Karima Boudaoud – Michel Riveill, Cloud Computing, Security and Data Concealment, Computers and Communication ISCC @2011 IEEE Symposium, page 424-431 [7]. KreΕ‘imir PopoviΔ‡, Ε½eljko Hocenski (2010), Cloud computing security issues and challenges, @2010, MIPRO 2010 33 rd Interna- tional Covention. Page 344-349 [8]. VladimirA. Oleshchuk and Geir M. KΓΈien, Security and Privacy in the CloudALong-Term View @2011 IEEE. [9]. Yu Zhang,Bharat Bhargava ,β€–Fibonacci Modeling of Malware Propagationβ€– IEEE Transaction @2008 , Perdue e-Pubs 08-017. [10]. Paulo Shakarian Β· Sean Eyre Β· Damon Paulo, ― A Scalable Heuristic for Viral Marketing Under the Tipping Modelβ€– @2013 , arXiv:1309.296
Threat Modeling Based On Randomized Seeding Attacks In Cloud Virtual Machines DOI:10.9790/0661-1803025360 www.iosrjournals.org 60 | Page [11]. Z. Chen, L. Gao, and K. Kwiat, Modeling the Spread of Active Worms,Proceedings of the IEEE INFOCOM, 2003 [12]. S. Friedl, Analysis of the new Code Red II Variant, http:// www.unixwiz.net/ techtips/CodeRedII.html, Last ac- cessed Apr 15, 2008 [13]. S. Staniford, V. Paxson and N. Weaver, How to Own the Internet in Your Spare Time, In Proceedings of the 11th USENIX Security Symposium, Aug. 2002 [14]. J. Twycross and M. Williamson: Implementing and Testing a Virus Throttle. In Proceedings of the 12th USENIX Security Sympo- sium, Washington, 2003 [15]. J. Jung, V. Paxson, A.W. Berger, and J. Balakrishnan, Fast Portscan Detection Using Sequential Hypothesis Test- ing, In Proc. of the IEEE Symposium on Security and Privacy, May 2004

More Related Content

H1803025360

  • 1. IOSR Journal of Computer Engineering (IOSR-JCE) e-ISSN: 2278-0661,p-ISSN: 2278-8727, Volume 18, Issue 3, Ver. II (May-Jun. 2016), PP 53-60 www.iosrjournals.org DOI:10.9790/0661-1803025360 www.iosrjournals.org 53 | Page Threat Modeling Based on Randomized Seeding Attacks In Cloud Virtual Machines Alexander Ngenzi1 ,Dr. Selvarani R2 ,Dr. Suchithra R3 1 Phd Student , Department Of Computer Science Engineering, Jain University, Bangalore-India 2 Professor ,Computer Science Engineering, Alliance University, Bangalore, India 3 Hod, Department Of Master Of Science In Information Technology, Jain University, Bangalore . India. Abstract: Threats in virtual machines have been a major challenge in most cloud data centers. The attack/ threat begins from physical machines (hosts) and spreads to all virtual machines(guests). As a result, the virtual machines get infected rapidly by recursive growth of the seeds/ nodes generated in a random manner. This paper proposes threat modeling based on randomized growth of these seeds or nodes. The simulated attacks are free from a deterministic pattern and hence all threats can be detected and prevented. The aim of this work is to de- velop a mathematical model to prevent seeding attack on virtual machines on the cloud. It presents both Lucas and Fibonacci series and draw relationship between them where by each VM affected is identified and the VMs can be prevented from these attacks. Keywords: Cloud computing, STRIDE, VMs, APIs, ASF, DREAD, Randomized seeding attack. I. Introduction In this paper, we propose threat modeling " randomized seeding attack Model " that prevents threats/attacks which may affect the virtual machines(VMs) on the cloud. The phrase ―cloudβ€– originates from the cloud symbol used by flow charts and diagrams to symbolize the Internet. The term cloud computing refers to both the applications delivered as services over the Internet and the servers and system software in the datacen- ters that provide those services. The virtual machines(VMs) on the cloud may be affected due to the sharing of resources among themselves. In the proposed model only one virtual machine can be spread all over the other virtual machines and there is a need to analyze the attacks invading the VMs so that we prevent spread of these attacks in the entire cloud. The proposed model is achieved by using both Lucas and Fibonacci series. Both Fi- bonacci and Lucas numbers are generated by adding the last two numbers in the series. The rest of this paper is organized as follows; it gives literature review/related work of how seeding attack can invade the virtual ma- chines on the cloud , proposes threat modeling system based on random seeding attacks and discusses the expe- rimental setup and results as well as references from different authors on security or threat modeling. II. Related Work The customer divides his data among several service providers(𝑆𝑃s) available in the market, based on his available budget. Also it provides a decision for the customer, to which 𝑆𝑃s must choose to access data, with respect to data access quality of service offered by the 𝑆𝑃s at the location of data retrieval. This does not only rules out the possibility of a 𝑆𝑃 misusing the customers’ data, breaching the privacy of data, but also can easily ensure the data availability with a better quality of service[1] . In viral marketing, a key problem is to se- lect an initial β€–seedβ€– set from the network such that the entire network adopts any behavior given to the seed. Here authors introduced a method for quickly finding seed sets that scales to very large networks. The approach
  • 2. Threat Modeling Based On Randomized Seeding Attacks In Cloud Virtual Machines DOI:10.9790/0661-1803025360 www.iosrjournals.org 54 | Page found a set of nodes that guarantees spreading to the entire network under the tipping model[2]. Infrastructure as a Service (IaaS) serves as the foundation layer for the other delivery models, and a lack of security in this layer will certainly affect the other delivery models, i.e., platform as as a service (PaaS), and software as a service (SaaS) that are built upon IaaS layer[7]. From this point of view, the number one service or feature that is miss- ing is security of data. There are two levels of concern here. One is focused on preventing others (such as anoth- er customer) from reading private data. This is a clear and obvious concern and prominent in scenarios such as theft, or other direct malicious attack. The other one is concerned with the service provider reading private data. Besides simple lack of trust of the provider themselves, it should be obvious that the service provider is not 100% immune to attacks or other malicious activity, targeted or otherwise. These two levels of concerns apply to other security issues as well, and of course are commensurate with the level of confidentiality de- sired[8].Authors considered intruder model and requirements that need to be satisfied to provide required level of privacy. Since previous research show that crypto- graphic means cannot always provide protection (espe- cially in long term) authors proposed a trust-based privacy protection. The approach was based on subjective logic that applied to measure/monitor level of trustworthiness of cloud service providers. Authors explained how users have to handle their data to minimize privacy treats in the cloud[9]. In their paper, authors proposed a se- curity metric that enables service providers and service subscribers to quantify the risks that they incur as a re- sult of prevailing security threats and system vulnerabilities[15]. The security metric proposed in this paper was quantified in economic terms, thereby enabling providers and subscribers to weight these risks against re- wards, and to assess the cost effectiveness of security countermeasures. Critical to the identification of threats is using a threat categorization methodology. A threat categorization such as spoofing user identity, tempering with data, repudiations, information disclosure, denial of service and elevations of privileges(STRIDE) can be used, or the Application Security Frame (ASF) that defines threat categories such as Auditing & Logging, Authentica- tion, Authorization, Configuration Management, Data Protection in Storage and Transit, Data Validation, Excep- tion Management. The goal of the threat categorization is to help identify threats both from the attacker (STRIDE) and the defensive perspective (ASF). DFDs help to identify the potential threat targets from the attacker's perspective, such as data sources, processes, data flows, and interactions with users. These threats can be identified further as the roots for threat trees; there is one tree for each threat goal. From the defensive pers- pective, ASF categorization helps to identify the threats as weaknesses of security controls for such threats. Common threat-lists with examples can help in the identification of such threats. Use and abuse cases can illu- strate how existing protective measures could be bypassed, or where a lack of such protection exists. The deter- mination of the security risk for each threat can be determined using a value-based risk model such as DREAD or a less subjective qualitative risk model based upon general risk factors (e.g. likelihood and impact)[17]. In this paper, authors used Damage potential, Reproducibility, Exploitability, Affected users and Discoverability (DREAD) modeling. III. Spreading of randomized seeding Attacks on Cloud Here we assume that virtual machine VM1 is the source of attack and carries viruses. Due to the sharing of resources, it affects all other virtual machines and physical machines on the cloud. Once the physical ma- chine is affected, there is a possibility that VM2, VM3.........VMn be affected and process continues until the entire cloud is affected. The orange colored VM is the attack that affects the rest of VMs in the cloud. The green colored VMs are the VMs which have no problem. The affected VM enters in the cloud environment where it causes other VMs to be affected. The outgoing arrows show that the infection is spread all over the VMs on the cloud. This scenario is shown in the figure below taking into account of all VMs:
  • 3. Threat Modeling Based On Randomized Seeding Attacks In Cloud Virtual Machines DOI:10.9790/0661-18211XXXXX www.iosrjournals.org 55 | Page Figure1: Attacks originating from VM 1 are spread over the Cloud IV. Problem Statement Threat modeling based on seeding attacks is achieved by using both Lucas and Fibonacci series. Both Fibonacci and Lucas numbers are generated by added the last two numbers in the series. With Fibonacci the series starts with 0,1 where as with Lucas the series starts with 2,1 and so here is part of the Lucas number se- ries: 1. Adding up alternate Fibonacci numbers produces the Lucas numbers. Mathematically L(n) = F(n-1) + F(n+1). where L is the Lucas series with L(n) is the nth Lucas number. Similarly F for Fibonacci 2. Adding alternative Lucas numbers produces multiples of the Fibonacci series, where the multiple is 5. i.e., 5 F(n) = L(n-1) + L(n+1) Based on the scenario in the above equations it proves that any individual attack follows Fibonacci series. V. Proposed threat modeling system Assume that at least one VM is affected, the attack is seeded onto other VMs. The dynamic sharing of resources among VMs allow each VM to be affected by attacks and eventually affects the entire cloud. In this model, we use Random Fibonacci sequences. This can be demonstrated below: Given that: 𝐿 𝑛 = 1 𝛾 (π‘Ž π‘›βˆ’1 + π‘Ž 𝑛+1) (i) 𝐿0 =2, 𝐿1 =1 Initially no nodes are affected .π‘Ž0 = 0 Next " node 1" may be affected. π‘Ž0 = 0 , π‘Ž1 = 1 are the first pair of seeds. 𝐿 𝑛 is the possible number of nodes to be affected in the nth VM. The number of nodes affected at the nth machine is following the difference equations given below: π‘Ž 𝑛+1 = π‘Ž π‘›βˆ’1 + π‘Ž 𝑛 , 𝑛 β‰₯ 2 (ii) π‘Ž0 = 0 , π‘Ž1 = 1 from (i) above, we assume that All VMs talk to each other and Ξ³ is the Random Fibonacci sequence. Equa- tion (ii) is nothing but the Fibonacci sequence. By using relation between Lucas and Random Fibonacci sequences , we can have the following equations: Cloud V M 1 V M 5 V M 3 V M 4 V M 2 V M n V M 6
  • 4. Threat Modeling Based On Randomized Seeding Attacks In Cloud Virtual Machines DOI:10.9790/0661-1803025360 www.iosrjournals.org 56 | Page 1. 2 1 n i i F ο€½ ο€½οƒ₯ 𝐹𝑛 +𝐹𝑛+1 ............ (1) 2. 𝐹𝑛 = 1 5 1+ 5 2 𝑛 + 1βˆ’ 5 2 𝑛 ........... (2) 3. 𝐿 𝑛 = 𝐿 π‘›βˆ’1 + 𝐿 π‘›βˆ’2, 𝑛 β‰₯ 2 .......... (3) 𝐿0 =2, 𝐿1 =1 from the equation (3) above we can get : 𝐿 𝑛 =πΉπ‘›βˆ’1 + 𝐹𝑛+1 and therefore, 𝐿 𝑛 = 1+ 5 2 𝑛 + 1βˆ’ 5 2 𝑛 ..................... (4) j n L L is the probability that VM "j" may be affected given that all previous VMs are affected. It is the trans- mission probability that node j will be affected. Here node and VM are used interchangeably. Given that: π‘Ž 𝑛 = 1 5 ⦋ 1 + 5 2 𝑛 + 1 βˆ’ 5 2 𝑛 ] We need to show how it solves the assumption π‘Ž 𝑛+1 = π‘Ž π‘›βˆ’1 + π‘Ž 𝑛 . π‘Ž0 = 0 , π‘Ž1 = 1 Proof: 𝑛 = 0, 𝑛 = 1 true (simple substitution by inspection) Hypothesis: if 𝑛 = π‘˜ is true, then π‘Ž π‘˜+1 = π‘Ž π‘˜βˆ’1 +π‘Ž π‘˜ Induction step: if non deterministic sequence(NTS) is true for 𝑛 = π‘˜ + 1 , then π‘Ž 𝑛+2 =π‘Ž π‘˜ +π‘Ž π‘˜+1 𝑅𝐻𝑆 = 1 5 ⦋ 1+ 5 2 π‘˜ βˆ’ 1βˆ’ 5 2 π‘˜ + 1 5 ⦋ 1+ 5 2 π‘˜+1 βˆ’ 1βˆ’ 5 2 π‘˜+1 ] = 1 5 { 1+ 5 2 π‘˜ 1 + 1+ 5 2 βˆ’ 1βˆ’ 5 2 π‘˜ 1 + 1βˆ’ 5 2 } = 1 5 { 1+ 5 2 π‘˜ 2+1+ 5 2 βˆ’ 1βˆ’ 5 2 π‘˜ 2+1βˆ’ 5 2 } = 1 5 { 1+ 5 2 π‘˜ . 1 22 6 + 2 5 βˆ’ 1βˆ’ 5 2 π‘˜ . 1 22 6 βˆ’ 2 5 } = 1 5 { 1+ 5 2 π‘˜ . 1+ 5 2 2 βˆ’ 1βˆ’ 5 2 π‘˜ . 1βˆ’ 5 2 2 } This gives the following equation: ak+2 = 1 5 { 1+ 5 2 π‘˜+2 βˆ’ 1βˆ’ 5 2 π‘˜+2 } for an = 𝛾 5 { 1+ 5 2 𝑛 βˆ’ 1βˆ’ 5 2 𝑛 } π‘Ž0 = 0, π‘Ž1 =Ξ³
  • 5. Threat Modeling Based On Randomized Seeding Attacks In Cloud Virtual Machines DOI:10.9790/0661-18211XXXXX www.iosrjournals.org 57 | Page Rπ‘Ž π‘˜ +π‘Ž π‘˜+1 = 𝛾 5 { 1+ 5 2 π‘˜ βˆ’ 1βˆ’ 5 2 π‘˜ } + 𝛾 5 { 1+ 5 2 π‘˜+1 βˆ’ 1βˆ’ 5 2 π‘˜+1 } continue in the same fashion and we obtain Ξ³an+2 = an = 𝛾 5 { 1+ 5 2 𝑛 βˆ’ 1βˆ’ 5 2 𝑛 } π‘Ž0 = 0, π‘Ž1 =Ξ³ The above equation gives rise to new seeding mechanism π‘Ž 𝑛+1 =π‘Ž π‘›βˆ’1 + π‘Ž 𝑛 π‘Ž0 = 0, π‘Ž1 =γ𝛾 € π‘Ÿπ‘Žπ‘›π‘‘π‘œπ‘š (0,1) limit Li/Ln = 𝐿0 βˆ’ 2 𝑒π‘₯𝑝𝑑 𝑠𝑒𝑑 𝑒𝑝 i.e. experimental setup 𝐿 𝑛+1 = 1 𝛾 𝐿 𝑛 + 𝐿 π‘›βˆ’1 𝑛 β‰₯ 2 𝐿 𝑛 =Ξ³{ 1+ 5 2 𝑛 βˆ’ 1βˆ’ 5 2 𝑛 } By comparing with an = 𝛾 5 { 1+ 5 2 𝑛 βˆ’ 1βˆ’ 5 2 𝑛 } , there is relationship between them. 𝐿 𝑛 is a solution to the difference equation 𝐿 𝑛+1 = 1 𝛾 (𝐿 𝑛 + 𝐿 π‘›βˆ’1), 𝑛 β‰₯ 2; 𝐿0 =2, 𝐿1 =1 and an = 𝛾 5 { 1+ 5 2 𝑛 βˆ’ 1βˆ’ 5 2 𝑛 } is a solution to π‘Ž 𝑛 +1 = 1 𝛾 π‘Ž π‘›βˆ’1 + π‘Ž 𝑛+1 ; π‘Ž0 = 0, π‘Ž1=1 𝛾 € π‘Ÿπ‘Žπ‘›π‘‘π‘œπ‘š π‘›π‘’π‘šπ‘π‘’π‘Ÿπ‘ (0,1) Assumptions 1. Initially (at 0th instance) no VMs are affected. 2. 𝐿 𝑛 ≑ Possible number of VMs to be affected. 3. 𝐿 𝑖 𝐿 𝑛 =Transmission probability. 4. Assume "Ξ³" is the random number between 0 & 1 that a VM request the same resource be attacked Interpretation: 𝐿0 ,𝐿1 are the first pair of seeding attack and the consequent attack are modeled by the equation 𝐿 𝑛 = 1 𝛾 (π‘Ž π‘›βˆ’1 + π‘Ž 𝑛+1) 𝐿0 =2, 𝐿1 =1 Limit= 𝐿0 βˆ’ 2 (𝑒π‘₯𝑝𝑑 𝑠𝑒𝑑 𝑒𝑝) i.e experimental setup As it shown in the figures below, when the value is odd (Figure1),The malicious seeds grow exponentially. The rest of the figures use even number of series attack as it is shown in the figure 1&2. VI. Experimental setup and discussion of the results The simulation, set up in Java and GNU Plot is expected to achieve the following goals.
  • 6. Threat Modeling Based On Randomized Seeding Attacks In Cloud Virtual Machines DOI:10.9790/0661-1803025360 www.iosrjournals.org 58 | Page i) The growth of malicious seeds on VMs ( versus n)- numerical validation of the theory using rando- mization. ii) Vs. n- Observe the transmission/attack probability growth in a dynamic and scalable environment and to ob-serve how ―Tail-boostingβ€– helps adjust the sagging probabilities and ensure that the VM’s are con- sistently attacked. iii) Versus. Time (milliseconds)β€”to observe how quickly the seeds grow and transmit. iv) ―Tail-boostingβ€– to control the infection and damage caused by the malicious seeds. v) The growth of the seeds, defined by the Lucas sequence are recursive in nature, hence self-replicating. vi) The growth of the Lucas seeds is exponential. vii) In case the Cloud is scaled up which is a very common scenario, the transmission probabilities may go down since the denominator increases while the numerator doesn’t. Tail boosting by using an altered transmis- sion. VII. Result Discussion The simulation results show the seeding attacks grow exponentially. We present either odd or even number of Lucas sequences which is distinguished by colors in the following graphs. Figure 1 is one of the odd sequences as shown below: Figure 2: The growth of malicious seeds on VMs ( versus 𝒏) for one seed-set value Figure 2 below is an example of the even number of the Lucas sequences which is presented by different colors with the respect to the simulated experiment. For example orange, blue, green and gray colors. Figure 3: The growth of malicious seeds on VMs ( versus n) for n=4, 8, 10, 12
  • 7. Threat Modeling Based On Randomized Seeding Attacks In Cloud Virtual Machines DOI:10.9790/0661-18211XXXXX www.iosrjournals.org 59 | Page Figure 3 indicates multiple values at n of number of seeds for j number of VMs control of the malicious seeds in a given intervals for example in at j=8 for n= 4.6.8 and 12 Figure 4: The transition probability on VMs (versus n) for n=4, 8, 10, 12, j=8 and effects of tail-boosting j = Number of dummy VM’s for control of malicious seeds. VIII. Conclusion The proposed threat modeling system show that the threats/attacks can be prevented from attacking the systems including those of cloud. The simulation and experiments show that the model works perfectly as far as threat modeling is concerned. In this paper, both Lucas and Fibonacci series are used to determine the next threat patterns in the VMs. VM diagram and malicious seed attach graphs are drawn. we discussed how seed- ing attack can invade the virtual machines on the cloud , propose threat modeling based on random seeding at- tacks and discussed the experimental setup and results. The future work can be extended to finding how the si- mulated attacks can be identified in multiple systems on the cloud. References [1]. Yu Zhang,Bharat Bhargava (2008) Fibonacci Modeling of Malware Propagation [2]. Yashaswi Singh, Farah Kandah, Weiyi Zhang (2011); A Secured Cost-effective Multi-Cloud Storage in Cloud Computing. Com- puter Communications Workshops (INFOCOM WKSHPS), 2011 IEEE Conence DOI: 10.1109/INFCOMW.2011.5928887 ,Page(s): 619 - 624 [3]. Wesam Dawoud , Ibrahim Takouna , Christoph Meinel , Infrastructure as a Service Security: Challenges and Solu- tions @2010 in 7 th International Conference on Informatics and System, 2010 page 1-8 [4]. Joel Weis and Jim Alves-Foss: Securing Database-as-a-Service: Issues and Compromises, IEEE Security & Privacy,@2011 Volume 9 No-6 page 49-55 [5]. Brent Lagesse,β€– Challenges in Securing the Interface Between the Cloud and Pervasive Systemsβ€– IEEE conference, PERCOM @2011 page 106-110. [6]. Christian Delettre* – Karima Boudaoud – Michel Riveill, Cloud Computing, Security and Data Concealment, Computers and Communication ISCC @2011 IEEE Symposium, page 424-431 [7]. KreΕ‘imir PopoviΔ‡, Ε½eljko Hocenski (2010), Cloud computing security issues and challenges, @2010, MIPRO 2010 33 rd Interna- tional Covention. Page 344-349 [8]. VladimirA. Oleshchuk and Geir M. KΓΈien, Security and Privacy in the CloudALong-Term View @2011 IEEE. [9]. Yu Zhang,Bharat Bhargava ,β€–Fibonacci Modeling of Malware Propagationβ€– IEEE Transaction @2008 , Perdue e-Pubs 08-017. [10]. Paulo Shakarian Β· Sean Eyre Β· Damon Paulo, ― A Scalable Heuristic for Viral Marketing Under the Tipping Modelβ€– @2013 , arXiv:1309.296
  • 8. Threat Modeling Based On Randomized Seeding Attacks In Cloud Virtual Machines DOI:10.9790/0661-1803025360 www.iosrjournals.org 60 | Page [11]. Z. Chen, L. Gao, and K. Kwiat, Modeling the Spread of Active Worms,Proceedings of the IEEE INFOCOM, 2003 [12]. S. Friedl, Analysis of the new Code Red II Variant, http:// www.unixwiz.net/ techtips/CodeRedII.html, Last ac- cessed Apr 15, 2008 [13]. S. Staniford, V. Paxson and N. Weaver, How to Own the Internet in Your Spare Time, In Proceedings of the 11th USENIX Security Symposium, Aug. 2002 [14]. J. Twycross and M. Williamson: Implementing and Testing a Virus Throttle. In Proceedings of the 12th USENIX Security Sympo- sium, Washington, 2003 [15]. J. Jung, V. Paxson, A.W. Berger, and J. Balakrishnan, Fast Portscan Detection Using Sequential Hypothesis Test- ing, In Proc. of the IEEE Symposium on Security and Privacy, May 2004