The paper presents the Stackelberg Game (SG) based model for automating security decisions in Cloud Computing systems (CC). The presented model enables to describe the attack-defense scenarios. The game incorporates two types of players competing against each other: defender and attacker. The Cloud provider is the leader. He is allowed to play his strategy first. The attackers, hackers or other malicious individuals, were aggregated into the second player. Second player’s decisions are made based on the leader actions and based on their own aims. The paper presents the black-box method for calculating the strategy of the attacker. In the paper, the utility function was obtained by applying several pipelines of Artificial Neural Networks (ANNs). Additionally, the model assumes information leakages about the attacker strategy and corruption against standard SG models. The solution has been verified by the experimental simulation of Cloud security attacks based on logs from open data set provided by Los Alamos National Security Lab. The best strategy for security controls applying is calculated based on security threats occurrence. It enables finding the relevant defense strategy by the cloud provider.

本文提出了基于Stackelberg Game（SG）的模型，用于在云计算系统（CC）中自动执行安全决策。提出的模型能够描述攻击防御场景。该游戏包含两种类型的玩家彼此竞争：防御者和攻击者。云提供商是领导者。他被允许先发挥自己的策略。攻击者，黑客或其他恶意个人被聚集到第二个人中。次要玩家的决定是根据领导者的行为和自己的目标做出的。提出了一种计算攻击者策略的黑盒方法。在本文中，效用函数是通过应用多个人工神经网络（ANN）管道获得的。另外，该模型假定有关攻击者策略的信息泄漏和针对标准SG模型的破坏。该解决方案已通过基于来自Los Alamos国家安全实验室提供的开放数据集中的日志的云安全攻击的实验仿真得到了验证。应用安全控制的最佳策略是根据安全威胁的发生来计算的。它使云提供商可以找到相关的防御策略。