Malware Containment in Cloud
Title | Malware Containment in Cloud |
Publication Type | Conference Paper |
Year of Publication | 2019 |
Authors | Malvankar, A., Payne, J., Budhraja, K. K., Kundu, A., Chari, S., Mohania, M. |
Conference Name | 2019 First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA) |
Date Published | Dec. 2019 |
Publisher | IEEE |
ISBN Number | 978-1-7281-6741-1 |
Keywords | blockchain, business processes, cloud computing, cloud computing environments, Computing Theory, Containment, containment process, contracts, cryptography, decentralized malware containment, Distributed databases, Dominance Frontier, graph analytics, graph neural networks, graph theory, high risk trust assumptions, Human Behavior, human factors, hyperledger, invasive software, Malware, Privacy-invasive software, protection mechanisms, pubcrawl, smart contracts, Trust, Trusted Computing |
Abstract | Malware is pervasive and poses serious threats to normal operation of business processes in cloud. Cloud computing environments typically have hundreds of hosts that are connected to each other, often with high risk trust assumptions and/or protection mechanisms that are not difficult to break. Malware often exploits such weaknesses, as its immediate goal is often to spread itself to as many hosts as possible. Detecting this propagation is often difficult to address because the malware may reside in multiple components across the software or hardware stack. In this scenario, it is usually best to contain the malware to the smallest possible number of hosts, and it's also critical for system administration to resolve the issue in a timely manner. Furthermore, resolution often requires that several participants across different organizational teams scramble together to address the intrusion. In this vision paper, we define this problem in detail. We then present our vision of decentralized malware containment and the challenges and issues associated with this vision. The approach of containment involves detection and response using graph analytics coupled with a blockchain framework. We propose the use of a dominance frontier for profile nodes which must be involved in the containment process. Smart contracts are used to obtain consensus amongst the involved parties. The paper presents a basic implementation of this proposal. We have further discussed some open problems related to our vision. |
URL | https://ieeexplore.ieee.org/document/9014345 |
DOI | 10.1109/TPS-ISA48467.2019.00036 |
Citation Key | malvankar_malware_2019 |
- graph neural networks
- Trusted Computing
- trust
- smart contracts
- pubcrawl
- protection mechanisms
- Privacy-invasive software
- malware
- invasive software
- hyperledger
- Human Factors
- Human behavior
- high risk trust assumptions
- graph theory
- blockchain
- graph analytics
- Dominance Frontier
- Distributed databases
- decentralized malware containment
- Cryptography
- contracts
- containment process
- Containment
- Computing Theory
- cloud computing environments
- Cloud Computing
- business processes