Hybrid Stochastic Petri Nets for Cloud Co-Residency Detection and Mitigation

The rise of digitalization and cloud computing has increased organizational dependence on information systems, enhancing efficiency but also exposing new vulnerabilities. In multi-tenant cloud environments, virtual machine co-residency creates critical risks such as side-channel attacks and hypervisor exploitation, requiring robust, adaptive security models beyond conventional measures. To tackle these issues, we propose the Hybrid Stochastic Petri Nets for Cloud Co-Residency (CCoR-HSPN), a formal modeling framework that integrates Stochastic Petri Nets (SPNs)} with the paradigm of mobile agents. The model employs multiple probability distributions (Exponential, Normal, Log-normal, and Poisson) to represent both the firing times of stochastic transitions and the residence times of tokens. It also distinguishes between discrete and continuous places, thereby qualifying as a true hybrid Petri Net. Moreover, a mobile agent acts as an active token that continuously supervises all system events, while a token coloring mechanism enables the clear identification of virtual machines (victims or attackers) and allocated resources. Finally, the model is mapped onto a Markov state graph, offering both macroscopic and microscopic perspectives for simulation and security analysis. The effectiveness of CCoR-HSPN is demonstrated through a case study inspired by existing research. The results highlight its potential for accurate detection and mitigation of co-residency threats, providing a comprehensive, flexible, and coherent tool for cloud security analysis. This work thus contributes to the growing body of research that combines formal modeling with intelligent monitoring to strengthen the trust, resilience, and competitiveness of cloud environments