Probabilistic Inference of the Stealthy Bridges between Enterprise Networks in Cloud

Authors

  • Xiaoyan Sun California State University
  • Jun Dai California State University, Sacramento image/svg+xml
  • Anoop Singhal National Institute of Standards and Technology image/svg+xml
  • Peng Liu Pennsylvania State University image/svg+xml

DOI:

https://doi.org/10.4108/eai.4-1-2018.153526

Keywords:

cloud, stealthy bridge, Bayesian network, attack graph

Abstract

Cloud computing, with the paradigm of computing as a utility, has the potential to significantly tranform the IT industry. Attracted by the high efficiency, low cost, and great flexibility of cloud, enterprises began to migrate large parts of their networks into cloud. The cloud becomes a public space where multiple “tenants” reside. Except for some public services, the enterprise networks in cloud should be absolutely isolated from each other. However, some “stealthy bridges” could be established to break such isolation due to two features of the public cloud: virtual machine image sharing and virtual machine co-residency. This paper proposes to use cross-layer Bayesian networks to infer the stealthy bridges existing between enterprise network islands. Cloud-level attack graphs are firstly built to capture the potential attacks enabled by stealthy bridges and reveal hidden possible attack paths. Cross-layer Bayesian networks are then constructed to infer the probability of stealthy bridge existence. The experiment results show that the cross-layer Bayesian networks are capable of inferring the existence of stealthy bridges given supporting evidence from other intrusion steps in a multi-step attack.

Downloads

Published

04-01-2018

How to Cite

Sun, X. ., Dai, J. ., Singhal, A. ., & Liu, P. . (2018). Probabilistic Inference of the Stealthy Bridges between Enterprise Networks in Cloud. EAI Endorsed Transactions on Security and Safety, 4(13), e3. https://doi.org/10.4108/eai.4-1-2018.153526