Visible to the public Scalability of Cloud Based SCIT-MTD

TitleScalability of Cloud Based SCIT-MTD
Publication TypeConference Paper
Year of Publication2017
AuthorsNguyen, Q. L., Sood, A.
Conference Name2017 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C)
ISBN Number978-1-5386-2072-4
Keywordsattack surface, cloud, cloud based SCIT-MTD scalability, cloud computing, cloud infrastructure services, composability, Computer architecture, continuous rotation, cybersecurity protection, data protection, Internet, intrusion tolerance, load demand modeling, malicious intrusions, moving target defense, multinode system, multiple instance system, pubcrawl, quality attributes, Resiliency, Scalability, SCIT, security, security of data, self cleansing intrusion tolerance, Servers, share-nothing architecture pattern, Virtual machining, Web application

In order to support large volume of transactions and number of users, as estimated by the load demand modeling, a system needs to scale in order to continue to satisfy required quality attributes. In particular, for systems exposed to the Internet, scaling up may increase the attack surface susceptible to malicious intrusions. The new proactive approach based on the concept of Moving Target Defense (MTD) should be considered as a complement to current cybersecurity protection. In this paper, we analyze the scalability of the Self Cleansing Intrusion Tolerance (SCIT) MTD approach using Cloud infrastructure services. By applying the model of MTD with continuous rotation and diversity to a multi-node or multi-instance system, we argue that the effectiveness of the approach is dependent on the share-nothing architecture pattern of the large system. Furthermore, adding more resources to the MTD mechanism can compensate to achieve the desired level of secure availability.

Citation Keynguyen_scalability_2017