research-article

Flashlight: A Novel Monitoring Path Identification Schema for Securing Cloud Services

Authors:

Ruben TraperoAuthors Info & Claims

ARES '18: Proceedings of the 13th International Conference on Availability, Reliability and Security

Article No.: 5, Pages 1 - 10

https://doi.org/10.1145/3230833.3230860

Published: 27 August 2018 Publication History

Abstract

Cloud monitoring is an essential mechanism for helping secure cloud services. Thus, a plethora of monitoring schemas have been proposed in recent years. Particularly, a newly proposed indirect monitoring mechanism outperforms others with the unique merit of addressing scenarios where the information of the monitoring target is not directly accessible. To conduct indirect cloud security monitoring, a key prerequisite is to obtain a special set of monitoring data termed "monitoring path". However, how to ascertain the monitoring path is still an open issue.

In this paper, we propose Flashlight as a novel monitoring path identification mechanism to address the gap where the information of monitoring targets is inaccessible. For this purpose, Flashlight first introduces a novel data reduction technique to filter unnecessary monitoring information. Second, Flashlight develops a data association approach to identify the monitoring path by utilizing data relations and data attributes. Third, Flashlight devises a monitoring property graph to support fine-grain monitoring path identification as well as represent identified monitoring paths. In addition, the efficacy of our proposed approach is demonstrated by the case studies where Flashlight successfully identifies the monitoring paths for underpinning indirect cloud monitoring.

References

[1]

Agrawal R., et al. 1994. Fast algorithms for mining association rules. In VLDB, Vol. 1215. 487--499.

Digital Library

[2]

Agrawal S., et al. 2007. Efficient detection of distributed constraint violations. In ICDE. IEEE, 1320--1324.

[3]

Amazon. 2017. List the Available CloudWatch Metrics for Your Instances. http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/viewing_metrics_with_cloudwatch.html. (2017). {Online}.

[4]

Bowers K., et al. 2011. How to tell if your cloud files are vulnerable to drive crashes. In CCS. ACM, 501--514.

Digital Library

[5]

Deng H., et al. 2014. Who is touching my cloud. In ESORICS. Springer, 362--379.

[6]

Di Pietro R., et al. 2014. CloRExPa: Cloud resilience via execution path analysis. Future Generation Computer Systems 32 (2014), 168--179.

Digital Library

[7]

di Vimercati S., et al. 2014. Fragmentation in presence of data dependencies. TDSC 11, 6 (2014), 510--523.

[8]

Dierks T and Allen C. 1999. The TLS Protocol, Version 1.0. https://www.ietf.org/rfc/rfc2246.txt. (1999). {Online}.

[9]

Du J., et al. 2010. On verifying stateful dataflow processing services in large-scale cloud systems. In CCS. ACM, 672--674.

Digital Library

[10]

Giuseppe B., et al. 2010. Measurement data reduction through variation rate metering. In INFOCOM. IEEE, 1--9.

[11]

Gullasch D., et al. 2011. Cache games--bringing access-based cache attacks on AES to practice. In Security and Privacy. IEEE, 490--505.

Digital Library

[12]

Du H. and Yang S. 2014. Probabilistic inference for obfuscated network attack sequences. In DSN. IEEE, 57--67.

Digital Library

[13]

Han X., et al. 2016. Phisheye: Live monitoring of sandboxed phishing kits. In CCS. ACM, 1402--1413.

Digital Library

[14]

Hiller M., et al. 2001. An approach for analysing the propagation of data errors in software. In DSN. IEEE, 161--170.

Digital Library

[15]

Liu C., et al. 2014. Path knowledge discovery: Association mining based on multi-category lexicons. In BigData. IEEE, 1049--1059.

[16]

Meng S and Liu L. 2013. Enhanced monitoring-as-a-service for effective cloud management. IEEE Trans. Comput. 62, 9 (2013), 1705--1720.

Digital Library

[17]

Naderi-Afooshteh A., et al. 2015. Joza: Hybrid taint inference for defeating web application sql injection attacks. In DSN. IEEE, 172--183.

Digital Library

[18]

Ning J., et al. 2015. Accountable authority ciphertext-policy attribute-based encryption with white-box traceability and public auditing in the cloud. In ESORICS. Springer, 270--289.

[19]

Ning P., et al. 2002. Constructing attack scenarios through correlation of intrusion alerts. In CCS. ACM, 245--254.

Digital Library

[20]

NIST. 2001. Announcing the advanced encryption standard (AES). Federal Information Processing Standards Publication 197 (2001), 1--51.

[21]

NVD. 2014. CVE-2014-0160. https://nvd.nist.gov/vuln/detail/CVE-2014-0160. (2014). {Online}.

[22]

NVD. 2017. CVE-2017-7494. https://nvd.nist.gov/vuln/detail/CVE-2017-7494. (2017). {Online}.

[23]

Olivo O., et al. 2015. Detecting and exploiting second order denial-of-service vulnerabilities in web applications. In CCS. ACM, 616--628.

Digital Library

[24]

Papenbrock T., et al. 2015. Functional dependency discovery: An experimental evaluation of seven algorithms. VLDB 8, 10 (2015), 1082--1093.

Digital Library

[25]

Ravindranath L., et al. 2012. AppInsight: Mobile App Performance Monitoring in the Wild. In OSDI, Vol. 12. 107--120.

Digital Library

[26]

Ristenpart T., et al. 2009. Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In CCS '09. ACM, 199--212.

Digital Library

[27]

Rivest R., et al. 1978. A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21, 2 (1978), 120--126.

Digital Library

[28]

Rodriguez M. and Neubauer P. 2010. The graph traversal pattern. arXiv preprint arXiv:1004.1001 (2010).

[29]

Saemundsson T., et al. 2014. Dynamic performance profiling of cloud caches. In SoCC. ACM, 1--14.

Digital Library

[30]

Shao J., et al. 2010. A runtime model based monitoring approach for cloud. In CLOUD. IEEE, 313--320.

Digital Library

[31]

Tan P., et al. 2000. Indirect association: Mining higher order dependencies in data. Principles of Data Mining and Knowledge Discovery (2000), 212--237.

Digital Library

[32]

Varadarajan V., et al. 2012. Resource-freeing attacks: improve your cloud performance (at your neighbor's expense). In CCS. ACM, 281--292.

Digital Library

[33]

Wang J., et al. 2015. Discover and Tame Long-running Idling Processes in Enterprise Systems. In ASIACCS. ACM, 543--554.

Digital Library

[34]

Wu Y., et al. 2013. EagleEye: Towards mandatory security monitoring in virtualized datacenter environment. In DSN. IEEE, 1--12.

Digital Library

[35]

Wu Z., et al. 2012. Whispers in the Hyper-space: High-speed Covert Channel Attacks in the Cloud. In USENIX Security symposium. 159--173.

Digital Library

[36]

Xu Z., et al. 2016. High fidelity data reduction for big data security dependency analyses. In CCS. ACM, 504--516.

Digital Library

[37]

Yadwadkar N., et al. 2014. Wrangler: Predictable and faster jobs using fewer resources. In SoCC. ACM, 1--14.

Digital Library

[38]

Yamaguchi F., et al. 2015. Automatic inference of search patterns for taint-style vulnerabilities. In Security and Privacy. IEEE, 797--812.

Digital Library

[39]

Zhang H., et al. 2014. Detection of stealthy malware activities with traffic causality and scalable triggering relation discovery. In ASIACCS. ACM, 39--50.

Digital Library

[40]

Zhang H., et al. 2017. deQAM: A Dependency Based Indirect Monitoring Approach for Cloud Services. In SCC. IEEE, 27--34.

[41]

Zhang Y., et al. 2014. Cross-tenant side-channel attacks in PaaS clouds. In CCS. ACM, 990--1003.

Digital Library

Cited By

Carvalho PRito Lima SBispo K(2019)Stratifying Measuring Requirements and Tools for Cloud Services MonitoringNew Knowledge in Information Systems and Technologies10.1007/978-3-030-16184-2_38(396-406)Online publication date: 30-Mar-2019
https://doi.org/10.1007/978-3-030-16184-2_38

Index Terms

Flashlight: A Novel Monitoring Path Identification Schema for Securing Cloud Services
1. Security and privacy
  1. Security services
  2. Software and application security

Recommendations

Monitoring Resources Allocation for Service Composition Under Different Monitoring Mechanisms
CISIS '11: Proceedings of the 2011 International Conference on Complex, Intelligent, and Software Intensive Systems

As availability of web service has become a great concern in SOA, monitoring mechanism is often deployed to detect and recover failures for service composition. While monitoring mechanism could improve the availability to an extent, it may cost more ...
Measures and mechanisms for process monitoring in evolving business networks

The literature on monitoring of cross-organizational processes, executed within business networks, considers monitoring only in the network formation phase, since network establishment determines what can be monitored during process execution. In ...
Research on Service Monitoring Methods of Manufacturing Grid Based on Monitoring Command Word
FITME '08: Proceedings of the 2008 International Seminar on Future Information Technology and Management Engineering

Service monitoring is a very important part of Manufacturing Grid (MG). Our research work is aiming at MG service monitoring process. MG service monitoring modules and other four modules: User interface, detect, status messages index and status messages ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

ARES '18: Proceedings of the 13th International Conference on Availability, Reliability and Security

August 2018

603 pages

ISBN:9781450364485

DOI:10.1145/3230833

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

Universität Hamburg: Universität Hamburg

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 27 August 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

ARES 2018

ARES 2018: International Conference on Availability, Reliability and Security

August 27 - 30, 2018

Hamburg, Germany

Acceptance Rates

ARES '18 Paper Acceptance Rate 128 of 260 submissions, 49%;

Overall Acceptance Rate 228 of 451 submissions, 51%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
85
Total Downloads

Downloads (Last 12 months)4
Downloads (Last 6 weeks)0

Reflects downloads up to 15 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Carvalho PRito Lima SBispo K(2019)Stratifying Measuring Requirements and Tools for Cloud Services MonitoringNew Knowledge in Information Systems and Technologies10.1007/978-3-030-16184-2_38(396-406)Online publication date: 30-Mar-2019
https://doi.org/10.1007/978-3-030-16184-2_38

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents