• In a multi-tenant cloud, a number of Virtual Machines (VMs) are collocated on the same physical machine to optimize performance, power consumption and maximize profit. This, however, increases the risk of a malicious VM performing side-channel attacks and leaking sensitive information from neighboring VMs. To this end, this paper develops and analyzes a game-theoretic framework for the VM migration timing problem in which the cloud provider decides \emph{when} to migrate a VM to a different physical machine to reduce the risk of being compromised by a collocated malicious VM. The adversary decides the rate at which she launches new VMs to collocate with the victim VMs. Our formulation captures a data leakage model in which the cost incurred by the cloud provider depends on the duration of collocation with malicious VMs. It also captures costs incurred by the adversary in launching new VMs and by the defender in migrating VMs. We establish sufficient conditions for the existence of Nash equilibria for general cost functions, as well as for specific instantiations, and characterize the best response for both players. Furthermore, we extend our model to characterize its impact on the attacker's payoff when the cloud utilizes intrusion detection systems that detect side-channel attacks. Our theoretical findings are corroborated with extensive numerical results in various settings.
  • In this paper, we propose a new optimization-based access strategy of multipacket reception (MPR) channel for multiple secondary users (SUs) accessing the primary user (PU) spectrum opportunistically. We devise an analytical model that realizes the multipacket access strategy of SUs that maximizes the throughput of individual backlogged SUs subject to queue stability of the PU. All the network receiving nodes have MPR capability. We aim at maximizing the throughput of the individual SUs such that the PU's queue is maintained stable. Moreover, we are interested in providing an energy-efficient cognitive scheme. Therefore, we include energy constraints on the PU and SU average transmitted energy to the optimization problem. Each SU accesses the medium with certain probability that depends on the PU's activity, i.e., active or inactive. The numerical results show the advantage in terms of SU throughput of the proposed scheme over the conventional access scheme, where the SUs access the channel randomly with fixed power when the PU is sensed to be idle.
  • In this paper, we analyze the performance of a secondary link in a cognitive radio (CR) system operating under statistical quality of service (QoS) delay constraints. In particular, we quantify analytically the performance improvement for the secondary user (SU) when applying a feedback based sensing scheme under the "SINR Interference" model. We leverage the concept of effective capacity (EC) introduced earlier in the literature to quantify the wireless link performance under delay constraints, in an attempt to opportunistically support real-time applications. Towards this objective, we study a two-link network, a single secondary link and a primary network abstracted to a single primary link, with and without primary feedback exploitation. We analytically prove that exploiting primary feedback at the secondary transmitter improves the EC of the secondary user and decreases the secondary user average transmitted power. Finally, we present numerical results that support our analytical results.