Home > Research > Publications & Outputs > Flashlight


Text available via DOI:

View graph of relations

Flashlight: A novel monitoring path identification schema for securing cloud services

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Publication date27/08/2018
Host publicationARES 2018 Proceedings of the 13th International Conference on Availability, Reliability and Security
Number of pages10
ISBN (print)9781450364485
<mark>Original language</mark>English


Cloud monitoring is an essential mechanism for helping secure cloud services. Thus, a plethora of monitoring schemas have been proposed in recent years. Particularly, a newly proposed indirect monitoring mechanism outperforms others with the unique merit of addressing scenarios where the information of the monitoring target is not directly accessible. To conduct indirect cloud security monitoring, a key prerequisite is to obtain a special set of monitoring data termed “monitoring path”. However, how to ascertain the monitoring path is still an open issue. In this paper, we propose Flashlight as a novel monitoring path identification mechanism to address the gap where the information of monitoring targets is inaccessible. For this purpose, Flashlight first introduces a novel data reduction technique to filter unnecessary monitoring information. Second, Flashlight develops a data association approach to identify the monitoring path by utilizing data relations and data attributes. Third, Flashlight devises a monitoring property graph to support fine-grain monitoring path identification as well as represent identified monitoring paths. In addition, the efficacy of our proposed approach is demonstrated by the case studies where Flashlight successfully identifies the monitoring paths for underpinning indirect cloud monitoring. © 2018 Association for Computing Machinery.