Main Image

PoS(CENet2017)008

RELOCATE: A Container Based Moving Target Defense Approach

R. Huang, H. Zhang, Y. Liu, S. Zhou

in The 7th International Conference on Computer Engineering and Networks

Contribution: pdf

Abstract

In order to cope with border information leakage problem in cloud services, we presented RELOCATE,a moving target defense approach. RELOCATE chose a lightweight operating system virtualization technology named Docker to manage the containers in physical hosts. Docker performs well for tenants’ services because of fast initialization and small footprint. Thus, we used Docker clusters to orchestrate the tenants' services. Additionally, we proposed a novel dynamic relocation strategy to mitigate attacks from malicious neighbors by using themoving target defense thought. Lastly, we conducted a simulation experiment in our testbed. Result shows that RELOCATE is efficient and effective to defense border information leakage attacks