Abstract—Cloud systems provide a cost-effective service hosting infrastructure for application service providers (ASPs). However, cloud systems are often shared by multiple tenants from different security domains, which makes them vulnerable to various malicious attacks. Moreover, cloud systems often host long-running applications such as massive data processing, which provides more opportunities for attackers to exploit the system vulnerability and perform strategic attacks. In this paper, we present AdapTest, a novel adaptive data-driven runtime service integrity attestation framework for multi-tenant cloud systems. AdapTest can significantly reduce attestation overhead and shorten detection delay by adaptively selecting attested nodes based on dynamically derived trust scores. Our scheme treats attested services as black-boxes and does not impose any special hardware or software requirements on the cloud system or ASPs. We have implemented AdapTest on top of the IBM System S stre...