An Introduction: Developing a Secure Cloud Storage

Hi all! My name is Vasco Xu and I am currently a senior pursuing a B.Phil in Computer Science. For the past year, I have been pursuing a research project with Dr. Sherif Khattab, building MAZE: A Secure Cloud Storage Service Using Moving Target Defense. Cloud storages are services that allow people to store documents on the internet such as: Dropbox, OneDrive, Google Drive and Box.

Moving target defense (MTD) is a novel technique for protecting against cyber-attacks. A popular cyber-attack is denial-of-service (DoS) attack, which is commonly seen in movies. A DoS attack is meant to shut down or slow down a service by sending it a lot of fake requests. For example, let us say you have a website you like to visit. But an attacker wants to prevent anyone from visiting that website. The attacker can send a lot of requests (i.e. visits) to the website using either one computer or many computers. Since the website is busy dealing with these fake requests, it will not be able to serve you the website, making people unable to visit it.

Attackers typically try to compromise a system by finding and exploiting vulnerabilities within the system. Meanwhile, defenders have to discover all possible vulnerabilities and either fix them or create a defense mechanism against them. MTD attempts to balance the unfair advantage attackers have due to their unpredictability. MTD aims to increase the difficulty and cost of executing attacks by changing the static nature of systems. In order to make software systems more dynamic, defenders can change the properties of the system over time, change the properties of the networks in order to prevent network-based attacks, or diversify the internals of the software application

The proposed MAZE system attempts to secure cloud storage services by emulating the structure and difficulty of a physical maze. A physical maze is a complex configuration of paths with at least one entry and one exit point. MAZE is analogous to a continuously changing physical maze, that is a maze with many configurations that are generated unpredictably on-the-fly. In essence, MAZE turns a cloud storage service into a moving target. Because, you cannot hit what you cannot see, the cost and difficulty of an attack increases.

My professional goals are to pursue a PhD in Computer Science and to become a university professor. I was inspired to become a professor by my professors here at Pitt. I hope to one day treat my students with the same amount of kindness that my professors have given me! 

Major: Computer Science.
Something unique about myself: I was born and raised in Lisbon, Portugal.

Leave a Reply