Design Issues of the Side-Channel Attacks Protecting Scheme in Cloud Computing Environment

Shin-Jer Yang,
Chia-Chi Yen,

Abstract


The computing resources can be utilized and shared with other VMs on the same physical machine, thus there exists information security in cloud computing. Cloud services such as IaaS, PaaS and SaaS can employ the multi-tenancy control to accomplish the applications independence and data isolation for different tenants. The SCA attacker can break into the shared computing resources and steal stored data of other users on the physical machine, which results in data leakage and theft. Therefore, we examine and fix the security issues of current CP-SCA to propose new CRDPS scheme for enhancing defense capability of SCA.
The CRDPS can monitor the ICMP and TCP SYN packets to determine whether the sender is a SCA attacker. Then, we perform some simulations using UNB CIC Dataset to analyze and compare the CRDPS and CP-SCA schemes in terms of four KPIs. Finally, the simulation results indicate that the CRDPS has a better detection rate, higher accuracy ratio, and system throughput than the CP-SCA about 8.51%, 41.36%, and 251 packets respectively, but there is a 4.28% overhead in average processing time. Consequently, the proposed CRDPS can accurately identify the attackers to harden the security and enhance the total quality in cloud services, especially in SaaS.


Citation Format:
Shin-Jer Yang, Chia-Chi Yen, "Design Issues of the Side-Channel Attacks Protecting Scheme in Cloud Computing Environment," Journal of Internet Technology, vol. 21, no. 3 , pp. 713-721, May. 2020.

Full Text:

PDF

Refbacks

  • There are currently no refbacks.





Published by Executive Committee, Taiwan Academic Network, Ministry of Education, Taipei, Taiwan, R.O.C
JIT Editorial Office, Office of Library and Information Services, National Dong Hwa University
No. 1, Sec. 2, Da Hsueh Rd., Shoufeng, Hualien 974301, Taiwan, R.O.C.
Tel: +886-3-931-7314  E-mail: jit.editorial@gmail.com