Advertisement

A Survey of Game Theoretic Solutions for Cloud Computing Security Issues

  • Bernard Ousmane SaneEmail author
  • Cheikh Saliou Mbacke Babou
  • Doudou Fall
  • Ibrahima Niang
Conference paper
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 296)

Abstract

Cloud computing has become quintessential to information technology as it represents the foundation of all the emerging paradigms. Cloud computing uses virtualization to maximize resources utilization. Despite its benefits, organizations are still reluctant to adopt cloud computing due to its numerous security issues. Among the solutions that have been provided to solve cloud security issues, game theoretic proposals showed great potentials. In this paper, we survey the most representative game theoretic approaches to solve cloud computing security issues. We classify these approaches or methods based on their security scenarios and their respective solutions. We overview different solutions to control cloud vulnerabilities and threats using game theory. We also investigate and identify the limitations of these solutions and provide insights of the future of cloud security particularly on virtual machines, hypervisors and data security.

Keywords

Cloud computing Game theory Security Countermeasures Virtualization 

References

  1. 1.
    Alpcan, T., Basar, T.: A game theoretic analysis of intrusion detection in access control systems. In: 2004 43rd IEEE Conference on Decision and Control (CDC) (IEEECat. No.04CH37601), vol. 2, pp. 1568–1573 December 2004Google Scholar
  2. 2.
    Alpcan, T., Basar, T.: An intrusion detection game with limited observations (2005)Google Scholar
  3. 3.
    Alpcan, T., Pavel, L.: Nash equilibrium design and optimization. In: 1st International Conference on Game Theory for Networks, GAMENETS 2009, Istanbul, Turkey, 13-15 May 2009, pp. 164–170 (2009)Google Scholar
  4. 4.
    You, X.Z., Shiyong, Z.: A kind of network security behavior model based on game theory. In: Proceedings of the Fourth International Conference on Parallel and Distributed Computing, Applications and Technologies, pp. 950–954, August 2003Google Scholar
  5. 5.
    Bloem, M., Alpcan, T., Basar, T.: Intrusion response as a resource allocation problem. In: Proceedings of the 45th IEEE Conference on Decision and Control, pp. 6283–6288, December 2006Google Scholar
  6. 6.
    Carin, L., Cybenko, G., Hughes, J.: Cybersecurity strategies: the queries methodology. Computer 41(8), 20–26 (2008) CrossRefGoogle Scholar
  7. 7.
    Djebaili, B., Kiennert, C., Leneutre, J., Chen, L.: Data integrity and availability verification game in untrusted cloud storage. In: Proceedings of 5th International Conference on Decision and Game Theory for Security, GameSec 2014, Los Angeles, CA, USA, 6-7 November 2014, pp. 287–306 (2014)zbMATHGoogle Scholar
  8. 8.
    Esposito, C., Ficco, M., Palmieri, F., Castiglione, A.: Smart cloud storage service selection based on fuzzy logic, theory ofevidence and game theory. IEEE Trans. Comput. 65(8), 2348–2362 (2016)MathSciNetCrossRefGoogle Scholar
  9. 9.
    Ismail, Z., Kiennert, C., Leneutre, J., Chen, L.: Auditing a cloud providers compliance with data backup requirements: a game theoretical analysis. IEEE Trans. Inform. Forensics Secur. 11(8), 1685–1699 (2016)CrossRefGoogle Scholar
  10. 10.
    Jalaparti, V., Nguyen, G.D.: Cloud resource allocation games, March 2019Google Scholar
  11. 11.
    Jormakka, J., Mols, J.V.E.: Modelling information warfare as a game. J. Inform. Warfare 4, 12–25 (2005)Google Scholar
  12. 12.
    Kamhoua, C.A., Kwiat, L., Kwiat, K.A., Park, J.S., Zhao, M., Rodriguez, M.: Game theoretic modeling of security and interdependency in a public cloud. In: 2014 IEEE 7th International Conference on Cloud Computing, pp. 514–521, June 2014Google Scholar
  13. 13.
    Khalil, I., Khreishah, A., Azeem, M.: Cloud computing security: a survey. Computers 3, 1–35 (2014)CrossRefGoogle Scholar
  14. 14.
    Koloniari, G., Sifaleras, A.: Game-theoretic approaches in cloud and P2P networks: issues and challenges. In: Sifaleras, A., Petridis, K. (eds.) Operational Research in the Digital Era – ICT Challenges. SPBE, pp. 11–22. Springer, Cham (2019).  https://doi.org/10.1007/978-3-319-95666-4_2CrossRefGoogle Scholar
  15. 15.
    Kunreuther, H., Heal, G.: Interdependent security: the case of identical agents. Working Paper 8871, National Bureau of Economic Research, April 2002Google Scholar
  16. 16.
    Kunreuther, H., Kunreuther, H.: Interdependent security: the case of identical agents. J. Risk Uncertain. 26, 2003 (2002)Google Scholar
  17. 17.
    Kwiat, L., Kamhoua, C.A., Kwiat, K.A., Tang, J., Martin, A.P.: Security-aware virtual machine allocation in the cloud: a gametheoretic approach. In: 8th IEEE International Conference on Cloud Computing, CLOUD 2015, New York City, NY, USA, 27 June - 2 July 2015, pp. 556–563 (2015)Google Scholar
  18. 18.
    Liu, P., Zang, W., Yu, M.: Incentive-based modeling and inference of attacker intent, objectives, and strategies. ACM Trans. Inf. Syst. Secur. 8(1), 78–118 (2005)CrossRefGoogle Scholar
  19. 19.
    Liu, Y., Comaniciu, C., Man, H.: A Bayesian game approach for intrusion detection in wireless ad hoc networks. In: Proceeding from the 2006 Workshop on Game Theory for Communications and Networks, GameNets 2006. ACM, New York(2006)Google Scholar
  20. 20.
    Lye, K.-W., Wing, J.M.: Game strategies in network security. Int. J. Inf. Secur. 4(1–2), 71–86 (2005)CrossRefGoogle Scholar
  21. 21.
    Manshaei, M.H., Zhu, Q., Alpcan, T., Bacşar, T., Hubaux, J.-P.: Game theory meets network security and privacy. ACM Comput. Surv. 45(3), 25:1–25:39 (2013)CrossRefGoogle Scholar
  22. 22.
    Marston, S., Li, Z., Bandyopadhyay, S., Zhang, J., Ghalsasi, A.: Cloud computing - the business perspective. Decis. Support Syst. 51(1), 176–189 (2011)CrossRefGoogle Scholar
  23. 23.
    Narwal, P., Kumar, D., Sharma, M.: A review of game-theoretic approaches for secure virtual machine resource allocation in cloud. In: Proceedings of the Second International Conference on Information and Communication Technology for Competitive Strategies (2016)Google Scholar
  24. 24.
    Nguyen, K.C., Alpcan, T., Basar, T.: Security games with incomplete information. In: 2009 IEEE International Conference on Communications, pp. 1–6, June 2009Google Scholar
  25. 25.
    Nguyen, K.C., Alpcan, T., Basar, T.: Stochastic games for security in networks with interdependent nodes. In: 1st International Conference on Game Theory for Networks, GAMENETS 2009, Istanbul, Turkey, May 13-15, 2009, pp. 697–703 (2009)Google Scholar
  26. 26.
    Patcha, A. Park, J.: A game theoretic approach to modeling intrusion detection in mobile ad hoc networks. In: Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, pp. 280–284, June 2004Google Scholar
  27. 27.
    Pillai, P.S., Rao, S.: Resource allocation in cloud computing using the uncertaintyprinciple of game theory. IEEE Syst. J. 10(2), 637–648 (2016)CrossRefGoogle Scholar
  28. 28.
    Roy, S., Ellis, C., Shiva, S., Dasgupta, D., Shandilya, V., Wu, Q.: A survey of game theory as applied to network security. In: 2010 43rd Hawaii International Conference on System Sciences, pp. 1–10, January 2010Google Scholar
  29. 29.
    Shahzad, F.: State-of-the-art survey on cloud computing security challenges, approaches and solutions. Proc. Comput. Sci. 37, 357–362 (2014). The 5th International Conference on Emerging Ubiquitous Systems and Pervasive Networks (EUSPN-2014)/The 4th International Conference on Current and Future Trends of Information and Communication Technologies in Healthcare (ICTH 2014)/Affiliated WorkshopsCrossRefGoogle Scholar
  30. 30.
    Simmon, E., Bohn, R.B.: An overview of the NIST cloud computing program and reference architecture. In: Concurrent Engineering Approaches for Sustainable Product Development in a Multi-Disciplinary Environment - Proceedings of the 19th ISPE International Conference on Concurrent Engineering (ISPE CE 2012), Trier, Germany, 3–7 September 2012, pp. 1119–1129 (2012)Google Scholar
  31. 31.
    Takabi, H., Joshi, J., Ahn, G.-J.: Security and privacy challenges in cloud computing environments. IEEE Secur. Priv. 8, 24–31 (2011)CrossRefGoogle Scholar
  32. 32.
    Tosh, D.K., Sengupta, S., Kamhoua, C.A., Kwiat, K.A.: Establishing evolutionary game models for cyber security information exchange (CYBEX). J. Comput. Syst. Sci. 98, 27–52 (2018)MathSciNetCrossRefGoogle Scholar
  33. 33.
    Wang, Y., Wang, Y., Liu, J., Huang, Z., Xie, P.: A survey of game theoretic methods for cyber security. In: 2016 IEEE First International Conference on Data Science in Cyberspace (DSC), pp 631–636, June 2016Google Scholar
  34. 34.
    Xiaolin, C., Xiaobin, T., Yong, Z., Hongsheng, X.: A Markov game theory-based risk assessment model for network information system. In: 2008 International Conference on Computer Science and Software Engineering, vol. 3, pp. 1057–1061, December 2008Google Scholar
  35. 35.
    Xu, X., Yu, H.: A game theory approach to fair and efficient resource allocation incloud computing. Math. Probl. Eng. 1–14(04), 2014 (2014)Google Scholar

Copyright information

© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2019

Authors and Affiliations

  • Bernard Ousmane Sane
    • 1
    Email author
  • Cheikh Saliou Mbacke Babou
    • 1
  • Doudou Fall
    • 2
  • Ibrahima Niang
    • 1
  1. 1.University Cheikh Anta Diop of DakarDakarSenegal
  2. 2.Nara Institute of Science and TechnologyIkomaJapan

Personalised recommendations