By ARL Public AffairsOctober 15, 2018
ADELPHI, Md. -- Through a collaborative research effort, an Army researcher has made a novel contribution to cloud security and the management of cyberspace risks.
According to U.S. Army Research Laboratory electronics engineer Dr. Charles Kamhoua, technology has been the cause of many changes. Among the changes made are to our language.
"No longer does the word "cloud" merely stand for a type of atmospheric phenomena," Kamhoua said. "Today, the word "cloud" denotes the computational cloud as well."
Like the atmospheric clouds, noted Kamhoua, computational clouds are found to be abundant and ubiquitous, and this has allowed them to change people's view of computing.
"It has made computing a utility -- much like water and power," Kamhoua said.
The National Institute of Standards and Technology defines cloud computing as "a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction."
According to the researchers, among the multiple benefits that have emerged from a computational cloud meeting these NIST-defined properties are: lower costs, a pay-as-you-go structure, quick deployment, ease of access, dynamic scalability of resources on demand, low overhead and no long-term commitments.
"These benefits are consistent with people's expectation of a general utility -- benefits derived from a community's sharing of resources in a well-governed manner," Kamhoua said. "However, there are significant risks associated with using the computational cloud."
Kamhoua said one of the biggest cyber security concerns is the inherent and unknown danger arising from a shared platform, namely the hypervisor.
According to Kamhoua, one can think of the hypervisor as the infrastructure that is the basis for the cloud's utility -- it is a shared resource where all users interface and connect.
Users of the cloud have virtual machines, a simulation of a physical computer, to carry out their computations, and each VM runs on a central shared resource -- the hypervisor.
"Herein lies the unseen danger: an attacker can target an unsecured VM, and once that VM is compromised, the attack can move on to compromise the hypervisor," Kamhoua said. "At that point, the utility of a shared resource of the hypervisor has tipped toward the attacker because once the hypervisor is compromised, all other virtual machines on that hypervisor are easy prey for the attacker."
A shared platform emphasizes a problem referred to as negative externalities.
"In this case, the negative externality manifests as the (in)security of one virtual machine affecting the security of all other co-located virtual machines," Kamhoua said.
This security challenge attracted a research team including Kamhoua and researchers from the University of Florida, Haloed Sun TEK of the CAESAR Group and Syracuse University.
"Due to the unique structuring of the competing interests in the cloud, our research team evaluated the problem in question using game theory, which, according to Myerson, in his landmark book "Game Theory: Analysis of Conflict," is the study of mathematical models of conflict and cooperation between intelligent rational decision-makers," Kamhoua said.
Their research arrived at a non-intuitive conclusion that improves upon current cloud security approaches.
They created an algorithm that, by assigning VMs to hypervisors according to game-theoretically-derived guidelines, makes the attacker indifferent as to which hypervisor to attack.
"The importance of attaining this outcome is this: in cybersecurity, attacker indifference makes a big difference," Kamhoua said. "By compelling the attacker to be inattentive to any single target, the research team made a novel contribution to cloud security."
According to Kamhoua, this research reinforces the widely-held understanding that risk in cyberspace can never be eliminated, so it must therefore be rigorously managed. It is advantageous for VMs having the same level of security and risk to be clustered together on the same hypervisor.
Their result's underpinnings in game theory lend credence to the notion that effective information assurance requires mathematics and not merely software tools.
"This research reveals a novel virtual machine allocation scheme that can provide the necessary incentive for a large organization with sensitive information such as the Department of Defense to join the cloud," Kamhoua said. "A quantitative approach to cloud computing security using game theory captures the strategic view of attackers and gains a precise characterization of the cyber threats facing the cloud".
"This research arms cloud service providers that contract with the DOD with a proven mathematical framework to minimize the impact of cyberattacks in the cloud," Kamhoua said. "This allow Soldiers with lightweight mobile devices on tactical networks to securely perform fast computation leveraging the cloud."
Details of this research are presented in the book chapter "Risk and Benefit: Game-Theoretical Analysis and Algorithm for Virtual Machine Security Management in the Cloud" by Luke Kwiat, Charles A. Kamhoua, Kevin A. Kwiat, Jian Tang, in the book "Assured Cloud Computing," Edited by Roy H. Campbell, Charles A. Kamhoua, and Kevin A. Kwiat, Published by Wiley-IEEE press, October 2018.
The results of the research were also put on the path towards technology transfer to the commercial sector by being submitted to the U.S. Patent and Trademark Office, where US Patent number 9832220 was awarded to Luke Kwiat, Charles Kamhoua and Kevin Kwiat, for the invention "Security method for allocation of virtual machines in a cloud computing network".
The U.S. Army Research Laboratory is part of the U.S. Army Research, Development and Engineering Command, which has the mission to ensure decisive overmatch for unified land operations to empower the Army, the joint warfighter and our nation. RDECOM is a major subordinate command of the U.S. Army Materiel Command.