@article{TorkuraSukmanaChengetal.2020,
  author    = {Torkura, Kennedy A. and Sukmana, Muhammad Ihsan Haikal and Cheng, Feng and Meinel, Christoph},
  title     = {CloudStrike},
  series = {IEEE access : practical research, open solutions},
  volume    = {8},
  journal   = {IEEE access : practical research, open solutions},
  publisher = {Institute of Electrical and Electronics Engineers },
  address   = {Piscataway},
  issn      = {2169-3536},
  doi       = {10.1109/ACCESS.2020.3007338},
  pages     = {123044 -- 123060},
  year      = {2020},
  abstract  = {Most cyber-attacks and data breaches in cloud infrastructure are due to human errors and misconfiguration vulnerabilities. Cloud customer-centric tools are imperative for mitigating these issues, however existing cloud security models are largely unable to tackle these security challenges. Therefore, novel security mechanisms are imperative, we propose Risk-driven Fault Injection (RDFI) techniques to address these challenges. RDFI applies the principles of chaos engineering to cloud security and leverages feedback loops to execute, monitor, analyze and plan security fault injection campaigns, based on a knowledge-base. The knowledge-base consists of fault models designed from secure baselines, cloud security best practices and observations derived during iterative fault injection campaigns. These observations are helpful for identifying vulnerabilities while verifying the correctness of security attributes (integrity, confidentiality and availability). Furthermore, RDFI proactively supports risk analysis and security hardening efforts by sharing security information with security mechanisms. We have designed and implemented the RDFI strategies including various chaos engineering algorithms as a software tool: CloudStrike. Several evaluations have been conducted with CloudStrike against infrastructure deployed on two major public cloud infrastructure: Amazon Web Services and Google Cloud Platform. The time performance linearly increases, proportional to increasing attack rates. Also, the analysis of vulnerabilities detected via security fault injection has been used to harden the security of cloud resources to demonstrate the effectiveness of the security information provided by CloudStrike. Therefore, we opine that our approaches are suitable for overcoming contemporary cloud security issues.},
  language  = {en}
}
@inproceedings{KurbelNowakAzodietal.2015,
  author    = {Kurbel, Karl and Nowak, Dawid and Azodi, Amir and Jaeger, David and Meinel, Christoph and Cheng, Feng and Sapegin, Andrey and Gawron, Marian and Morelli, Frank and Stahl, Lukas and Kerl, Stefan and Janz, Mariska and Hadaya, Abdulmasih and Ivanov, Ivaylo and Wiese, Lena and Neves, Mariana and Schapranow, Matthieu-Patrick and F{\"a}hnrich, Cindy and Feinbube, Frank and Eberhardt, Felix and Hagen, Wieland and Plauth, Max and Herscheid, Lena and Polze, Andreas and Barkowsky, Matthias and Dinger, Henriette and Faber, Lukas and Montenegro, Felix and Czach{\´o}rski, Tadeusz and Nycz, Monika and Nycz, Tomasz and Baader, Galina and Besner, Veronika and Hecht, Sonja and Schermann, Michael and Krcmar, Helmut and Wiradarma, Timur Pratama and Hentschel, Christian and Sack, Harald and Abramowicz, Witold and Sokolowska, Wioletta and Hossa, Tymoteusz and Opalka, Jakub and Fabisz, Karol and Kubaczyk, Mateusz and Cmil, Milena and Meng, Tianhui and Dadashnia, Sharam and Niesen, Tim and Fettke, Peter and Loos, Peter and Perscheid, Cindy and Schwarz, Christian and Schmidt, Christopher and Scholz, Matthias and Bock, Nikolai and Piller, Gunther and B{\"o}hm, Klaus and Norkus, Oliver and Clark, Brian and Friedrich, Bj{\"o}rn and Izadpanah, Babak and Merkel, Florian and Schweer, Ilias and Zimak, Alexander and Sauer, J{\"u}rgen and Fabian, Benjamin and Tilch, Georg and M{\"u}ller, David and Pl{\"o}ger, Sabrina and Friedrich, Christoph M. and Engels, Christoph and Amirkhanyan, Aragats and van der Walt, Est{\´e}e and Eloff, J. H. P. and Scheuermann, Bernd and Weinknecht, Elisa},
  title     = {HPI Future SOC Lab},
  editor    = {Meinel, Christoph and Polze, Andreas and Oswald, Gerhard and Strotmann, Rolf and Seibold, Ulrich and Schulzki, Bernhard},
  url       = {http://nbn-resolving.de/urn:nbn:de:kobv:517-opus4-102516},
  pages     = {iii, 154},
  year      = {2015},
  abstract  = {Das Future SOC Lab am HPI ist eine Kooperation des Hasso-Plattner-Instituts mit verschiedenen Industriepartnern. Seine Aufgabe ist die Erm{\"o}glichung und F{\"o}rderung des Austausches zwischen Forschungsgemeinschaft und Industrie. Am Lab wird interessierten Wissenschaftlern eine Infrastruktur von neuester Hard- und Software kostenfrei f{\"u}r Forschungszwecke zur Verf{\"u}gung gestellt. Dazu z{\"a}hlen teilweise noch nicht am Markt verf{\"u}gbare Technologien, die im normalen Hochschulbereich in der Regel nicht zu finanzieren w{\"a}ren, bspw. Server mit bis zu 64 Cores und 2 TB Hauptspeicher. Diese Angebote richten sich insbesondere an Wissenschaftler in den Gebieten Informatik und Wirtschaftsinformatik. Einige der Schwerpunkte sind Cloud Computing, Parallelisierung und In-Memory Technologien. In diesem Technischen Bericht werden die Ergebnisse der Forschungsprojekte des Jahres 2015 vorgestellt. Ausgew{\"a}hlte Projekte stellten ihre Ergebnisse am 15. April 2015 und 4. November 2015 im Rahmen der Future SOC Lab Tag Veranstaltungen vor.},
  language  = {en}
}
@article{PengLiuWangetal.2018,
  author    = {Peng, Junjie and Liu, Danxu and Wang, Yingtao and Zeng, Ying and Cheng, Feng and Zhang, Wenqiang},
  title     = {Weight-based strategy for an I/O-intensive application at a cloud data center},
  series = {Concurrency and computation : practice \& experience},
  volume    = {30},
  journal   = {Concurrency and computation : practice \& experience},
  number    = {19},
  publisher = {Wiley},
  address   = {Hoboken},
  issn      = {1532-0626},
  doi       = {10.1002/cpe.4648},
  pages     = {14},
  year      = {2018},
  abstract  = {Applications with different characteristics in the cloud may have different resources preferences. However, traditional resource allocation and scheduling strategies rarely take into account the characteristics of applications. Considering that an I/O-intensive application is a typical type of application and that frequent I/O accesses, especially small files randomly accessing the disk, may lead to an inefficient use of resources and reduce the quality of service (QoS) of applications, a weight allocation strategy is proposed based on the available resources that a physical server can provide as well as the characteristics of the applications. Using the weight obtained, a resource allocation and scheduling strategy is presented based on the specific application characteristics in the data center. Extensive experiments show that the strategy is correct and can guarantee a high concurrency of I/O per second (IOPS) in a cloud data center with high QoS. Additionally, the strategy can efficiently improve the utilization of the disk and resources of the data center without affecting the service quality of applications.},
  language  = {en}
}