Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Inferring the Stealthy Bridges between Enterprise Network Islands in Cloud Using Cross-Layer Bayesian Networks

Published

Author(s)

Anoop Singhal, Xiaoyan Sun, Jun Dai, Peng Liu

Abstract

Enterprise networks are migrating to the public cloud to acquire computing resources for a number of promising benefits in terms of efficiency, expense, and flexibility. Except some public services, the enterpise network islands in cloud are expected to be absolutely isolated from each other. However, some stealthy bridges" may be created to break such isolation due to two features of public cloud: virtual machine image sharing and virtual machine co-residency. This paper proposes to use cross-layer Bayesian networks to infer the stealthy bridges existing between enterprise network islands. Prior to constructing cross-layer Bayesian networks, cloud-level attack graphs are built to capture the potential attacks enabled by stealthy bridges and reveal hidden possible attack paths. The experiment result justifies the cross-layer Bayesian network's capability of inferring the existence of stealthy bridges given supporting evidences from other intrusion steps.
Volume
215
Conference Dates
September 24-26, 2014
Conference Location
Beijing, CN
Conference Title
10th International Conference on Security and Privacy in Communication Networks

Keywords

Cloud Computing, Stealthy Bridge, Bayesian Networks, Attack Graphs

Citation

Singhal, A. , Sun, X. , Dai, J. and Liu, P. (2015), Inferring the Stealthy Bridges between Enterprise Network Islands in Cloud Using Cross-Layer Bayesian Networks, 10th International Conference on Security and Privacy in Communication Networks , Beijing, CN, [online], https://doi.org/10.1007/978-3-319-23829-6_1, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=916236 (Accessed April 23, 2024)
Created October 29, 2015, Updated April 5, 2022