Reinforcement Learning-Driven Adaptation Chains: A Robust Framework for Multi-Cloud Workflow Security

TL;DR

This paper introduces a reinforcement learning-based framework for creating adaptation chains to enhance security in multi-cloud workflows, improving response effectiveness and cost-efficiency against security threats.

Contribution

It presents a novel RL-driven method for forming adaptation chains that consider workflow dependencies and past responses, advancing security mitigation strategies in cloud workflows.

Findings

Adaptation chains reduce overall mitigation costs.

The approach improves resilience against security threats.

Compared to single adaptations, chains offer more comprehensive responses.

Abstract

Cloud computing has emerged as a crucial solution for managing data- and compute-intensive workflows, offering scalability to address dynamic demands. However, security concerns persist, especially for workflows involving sensitive data and tasks. One of the main gaps in the literature is the lack of robust and flexible measures for reacting to these security violations. To address this, we propose an innovative approach leveraging Reinforcement Learning (RL) to formulate adaptation chains, responding effectively to security violations within cloud-based workflows. These chains consist of sequences of adaptation actions tailored to attack characteristics, workflow dependencies, and user-defined requirements. Unlike conventional single-task adaptations, adaptation chains provide a comprehensive mitigation strategy by taking into account both control and data dependencies between tasks, thereby accommodating conflicting objectives effectively. Moreover, our RL-based approach uses insights from past responses to mitigate uncertainties associated with adaptation costs. We evaluate the method using our jBPM and Cloudsim Plus based implementation and compare the impact of selected adaptation chains on workflows with the single adaptation approach. Results demonstrate that the adaptation chain approach outperforms in terms of total adaptation cost, offering resilience and adaptability against security threats.