東華大學圖書館 |

Language: English

Help

回圖書館首頁

手機版館藏查詢

Back

Switch To: Labeled | MARC Mode | ISBD

Detection and Mitigation of Security...

Zhang, Tianwei.

Linked to FindBook

Google Book

Amazon

博客來

Detection and Mitigation of Security Threats in Cloud Computing.

Record Type:	Electronic resources : Monograph/item
Title/Author:	Detection and Mitigation of Security Threats in Cloud Computing./
Author:	Zhang, Tianwei.
Published:	Ann Arbor : ProQuest Dissertations & Theses, : 2017,
Description:	273 p.
Notes:	Source: Dissertation Abstracts International, Volume: 79-04(E), Section: B.
Contained By:	Dissertation Abstracts International79-04B(E).
Subject:	Computer engineering. -
Online resource:	http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=10622170
ISBN:	9780355323498

Detection and Mitigation of Security Threats in Cloud Computing.
Zhang, Tianwei.

Detection and Mitigation of Security Threats in Cloud Computing. - Ann Arbor : ProQuest Dissertations & Theses, 2017 - 273 p.

Source: Dissertation Abstracts International, Volume: 79-04(E), Section: B.

Thesis (Ph.D.)--Princeton University, 2017.

Infrastructure-as-a-Service (IaaS) clouds provide computation and storage services to enterprises and individuals with increased elasticity and low cost. Cloud customers rent resources in the form of virtual machines (VMs). However, these VMs may face various security threats.

ISBN: 9780355323498Subjects--Topical Terms:

621879
Computer engineering.

Detection and Mitigation of Security Threats in Cloud Computing.
LDR:03418nmm a2200349 4500 001 2162540
005 20181005115847.5
008 190424s2017 ||||||||||||||||| ||eng d
020 $a 9780355323498
035 $a (MiAaPQ)AAI10622170
035 $a (MiAaPQ)princeton:12300
035 $a AAI10622170
040 $a MiAaPQ $c MiAaPQ
100 1 $a Zhang, Tianwei. $3 3350530
245 1 0 $a Detection and Mitigation of Security Threats in Cloud Computing.
260 1 $a Ann Arbor : $b ProQuest Dissertations & Theses, $c 2017
300 $a 273 p.
500 $a Source: Dissertation Abstracts International, Volume: 79-04(E), Section: B.
500 $a Adviser: Ruby B. Lee.
502 $a Thesis (Ph.D.)--Princeton University, 2017.
520 $a Infrastructure-as-a-Service (IaaS) clouds provide computation and storage services to enterprises and individuals with increased elasticity and low cost. Cloud customers rent resources in the form of virtual machines (VMs). However, these VMs may face various security threats.
520 $a This dissertation proposes a new architectural framework, CloudMonatt , to detect and mitigate potential security threats targeting customers' VMs in cloud computing. CloudMonatt monitors the security health of VMs and attests to customers if they are getting their desired security. It takes actions to mitigate the potential threats that can compromise the security properties requested. We design cloud management and security services, and define new hardware-software modules in cloud servers to provide the underlying measurements. We define secure communications protocols to guarantee that the monitoring service takes place in an unforgeable way.
520 $a To demonstrate how CloudMonatt can enhance the VMs' security, we consider a variety of threats and their defenses that can be integrated in CloudMonatt. We first consider threats on resource availability. We design a set of memory Denial-of-Service (DoS) attacks: an attacker VM can abuse the shared memory resources to significantly degrade a victim VM's performance. Then we statistically monitor VMs' resource consumption behaviors to detect these attacks, and use resource throttling to mitigate the availability threats.
520 $a Next, we consider subtle attacks on confidentiality, specifically cache side-channel attacks. An attacker VM can exploit a shared CPU cache to steal information from the victim VM. We collect VMs' micro-architectural behaviors and use a combination of signature and anomaly detection techniques to identify the existence of various side-channel attacks. We use targeted VM migration to eliminate these confidentiality threats.
520 $a Then, we consider attacks on system integrity within a VM. We show how to protect a VM's system integrity from malware, using Virtual Machine Introspection (VMI) to passively collect information for malware detection and also actively change the VM's execution paths to defeat the potential malware.
520 $a In summary, CloudMonatt is a general-purpose architecture for providing VM security monitoring and protection to cloud customers. We hope CloudMonatt can be a foundation for future work on protecting VMs' security health in cloud computing.
590 $a School code: 0181.
650 4 $a Computer engineering. $3 621879
690 $a 0464
710 2 $a Princeton University. $b Electrical Engineering. $3 2095953
773 0 $t Dissertation Abstracts International $g 79-04B(E).
790 $a 0181
791 $a Ph.D.
792 $a 2017
793 $a English
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=10622170