Cloud computing has attracted much attention recently in both industry field and academic research area. More and more Internet applications are moving to the cloud environment. However, it is difficult to construct perfectly secure mechanisms facing up with complex and various attacks in cloud computing, the efficient attack-defense strategy is highly demanded. In this paper, a stochastic game model is proposed based on combining stochastic Petri nets with game theory, which is used to describe the attack-defense behaviors in cloud computing. The physical machine, attack-defense behavior, and their attributes are also modeled by stochastic game model thus forming the attack-defense game model of cloud computing. On this basis, the Nash equilibrium of attack-defense process in physical machine is computed to get the optimal defense strategy. The related theories of Petri nets and the reachable states of attack-defense game model are used to formally verify the correctness and effectiveness of the proposed method. The enforcement algorithm is proposed to make cloud computing dynamically evaluate and select the defense strategy to against attack behavior as quickly as possible. Both case study and simulation results show that the proposed method can adapt quickly to the changes in cloud application thus improving the security of cloud computing.

• 出版日期2017-6-25
• 单位华东理工大学; 上海应用技术大学