@inproceedings{6055702dea1644deb13a2c45695a9901,
title = "Cyber defenses for physical attacks and insider threats in cloud computing",
abstract = "In cloud computing, most of the computations and data in the data center do not belong to the cloud provider. This leaves owners of applications and data concerned about cyber and physical attacks which may compromise the confidentiality, integrity or availability of their applications or data. While much work has looked at protection from software (cyber) threats, very few have looked at physical attacks and physical security in data centers. In this work, we present a novel set of cyber defense strategies for physical attacks in data centers. We capitalize on the fact that physical attackers are constrained by the physical layout and other features of a data center which provide a time delay before an attacker can reach a server to launch a physical attack, even by an insider. We describe how a number of cyber defense strategies can be activated when an attack is detected, some of which can even take effect before the actual attack occurs. The defense strategies provide improved security and are more cost-effective than always-on protections in the light of the fact that on average physical attacks will not happen often - but can be very damaging when they do occur.",
keywords = "Cloning, Cloud computing, Data center security, Insider threats, Migration, Physical attacks, Virtual machines",
author = "Jakub Szefer and Pramod Jamkhedkar and Diego Perez-Botero and Lee, {Ruby B.}",
note = "Publisher Copyright: Copyright 2014 ACM.; 9th ACM Symposium on Information, Computer and Communications Security, ASIA CCS 2014 ; Conference date: 04-06-2014 Through 06-06-2014",
year = "2014",
month = jun,
day = "4",
doi = "10.1145/2590296.2590310",
language = "English (US)",
series = "ASIA CCS 2014 - Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security",
publisher = "Association for Computing Machinery, Inc",
pages = "519--524",
booktitle = "ASIA CCS 2014 - Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security",
}