Abstract
•Vulnerability of N-version programming-based service operating in cloud system is analyzed.•Co-residence cyber-attacks aiming at corrupt the service are considered.•Probabilistic model for evaluating the service and attack success probabilities is suggested.•A minmax game between the service provider and attacker is formulated and solved.
This paper models a software service component implementing the N-version programming (NVP) redundancy on the cloud computing platform to enhance the service reliability. Specifically, multiple versions of the same service component are activated in parallel on different servers of the cloud to perform the requested service. At required service response time, the output is determined based on a threshold first-past-the-post voting rule (output with the most votes and the number of these votes exceeds a predetermined threshold). However, effectiveness of the NVP approach can be greatly compromised by co-residence attacks, a common type of cyber-attacks launched to corrupt user's service through co-residing user's and attacker's virtual machines on the same cloud server. This paper formulates and solves an optimization problem, particularly, a minmax game problem that finds the number of service component versions (SCVs) and the threshold to maximize the user's utility while considering a strategic attack behavior aiming to maximize the attacker's utility. The solution methodology encompasses a probabilistic model of evaluating the service success probability (SSP) and corruption attack success probability (CAP), two performance metrics used in the computation of the user's and attacker's utilities. Examples are analyzed to demonstrate influences of different model parameters on SSP, CAP, and solutions to the considered optimization problem.