Scalable risk assessment method for cloud computing using game theory (CCRAM)

Computer Standards and Interfaces

Volumn 38, Issue , 2015, Pages 44-50

  Furuncu, Evrim ^a   Sogukpinar, Ibrahim ^a  

^a GEBZE TECHNICAL UNIVERSITY   (Turkey)

Author keywords

Cloud computing security; Game theory security modeling; Scalable security using cloud service models

Indexed keywords

CLOUD COMPUTING; COMPUTATION THEORY; COMPUTER GAMES; RISK ASSESSMENT;

CLOUD COMPUTING SECURITIES; CLOUD PROVIDERS; CLOUD SERVICE MODELS; RISK ASSESSMENT METHODS; SCALABLE SECURITIES; SECURITY MODEL; SECURITY RISK ASSESSMENTS; SERVICE MODEL;

GAME THEORY;

EID: 84913580411     PISSN: 09205489     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.csi.2014.08.007     Document Type: Article

References (20)

1. P. Mell, T. Grance, The NIST definition of cloud computing, National Institute of Standards and Technology Special Publication 800-145, 2011.
2. B. Wang, J. Cai, S. Zhang, J. Li, A network security assessmentmodel based on attack-defense game theory, International Conference on Computer Application and System Modeling (ICCASM), 2010, (Taiyuan Shanxi, China).
3. J. Pita, M. Jain, J. Marecki, Deployed ARMOR protection: the application of a game theoretic model for security at the Los Angeles International Airport, 2008. (Estoril, Portugal).
4. S. Shiva, S. Roy, D. Dasgupta, Game theory for cyber security, Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research (CSIIRW '10), ACM, 2010, (New York, NY, USA).
5. R.J. Lipton, V.V. Vazirani, M. Mihail, C. Tovey, E. Vigoda, Algorithmic game theory, 2007.
6. J.A. Kupsch, B.P. Miller, E. Heyman, E. César, First principles vulnerability assessment, Proceedings of the 2010 ACM workshop on Cloud computing security workshop CCSW '10, 2010, (New York, NY, USA).
7. L. Peiyu, L. Dong, The new risk assessment model for information system in cloud computing environment, Procedia Eng. 15 (2011) 3200-3204.
8. J.O. Fitó, J. Guitart, Business-driven management of infrastructure-level risks in Cloud providers, Futur. Gener. Comput. Syst. 32 (2014) 41-53.
9. M. Kiran, M. Jiang, D.J. Armstrong, K. Djemame, Towards a service lifecycle based methodology for risk assessment in cloud computing, Dependable, Autonomic and Secure Computing (DASC), Dec 2011, pp. 449-456.
10. CVSS v2 vector definitions, http://nvd.nist.gov/cvss.cfm?vectorinfo&version=2.
11. National vulnerability database version 2.2, http://nvd.nist.gov/.
12. M.J. Osborne, An introduction to game theory, Oxford University Press, USA, 2003.
13. Cloud Security Alliance, Security guidance for critical areas of focus in cloud computing 3.0, https://cloudsecurityalliance.org/guidance/csaguide.v3.0.pdf.
14. T. Alpcan, T. Başar, Network security: a decision and game theoretic approach, Cambridge University Press, Jan. 2011.
15. M. Tambe, Security and game theory: algorithms, deployed systems, lessons learned, Cambridge University Press, Dec. 2011.
16. T. Spyridopoulos, G. Karanikas, T. Tryfonas, G. Oikonomou, A game theoretic defense framework against DoS/DDoS cyber attacks, Comput. Secur. 38 (2013) 39-50.
17. M.H. Manshaei, Q. Zhu, T. Alpcan, T. Başar, J.-P. Hubaux, Game theorymeets network security and privacy, ACM Comput. Surv. 45 (3) (2013) 25:1-25:39.
18. D. Zissis, D. Lekkas, Addressing cloud computing security issues, Futur. Gener. Comput. Syst. 28 (2012) 583-592.
19. C.Y.T. Ma, N.S.V. Rao, D.K.Y. Yau, A game theoretic study of attack and defense in cyber-physical systems, Infocom Workshops, 2011.
20. G. Fan, H. Yu, L. Chen, D. Liu, A game theoretic method to model and evaluate attack-defense strategy in cloud computing, IEEE 10. Int. Conference on Services Computing (SCC), 2013, pp. 659-666.