广东工业大学学报 ›› 2014, Vol. 31 ›› Issue (3): 55-61.doi: 10.3969/j.issn.10077162.2014.03.010

• 综合研究 • 上一篇    下一篇

云环境下基于信任的入侵防御研究

汪双兔,韩坚华,罗军   

  1. 广东工业大学 计算机学院,广东  广州  510006
  • 收稿日期:2014-04-28 出版日期:2014-09-30 发布日期:2014-09-30
  • 作者简介:汪双兔(1987-),男,硕士研究生,主要研究方向为服务计算及其应用.
  • 基金资助:

    国家自然科学基金资助项目(61142012)

Research on Intrusion Prevention Based on Trust in Cloud Environments

Wang Shuang-tu,  Han Jian-hua, Luo Jun   

  1. School of Computers,  Guangdong University of Technology, Guangzhou 510006,China
  • Received:2014-04-28 Online:2014-09-30 Published:2014-09-30

HTML

PDF (PC)

3048

摘要: 云计算从提出以来就具备着动态性、虚拟化和开放性,频频出现的各种大型的云安全事故使得云环境中的安全性受到质疑.为了能够确保云环境的安全,将入侵防御技术与可信计算的信任理论相结合,提出了一个云环境下基于可信计算的入侵防御框架模型.该模型从入侵防御的原理出发,首先实时监控采集、获取行为特征,然后将这些特征进行规范化,并逐步确定各个特征的权重后得出用户节点的可信度.利用多种云端的集群服务器引擎进行检测防御以及综合分析决策和聚类分析,使云端能够及时快速、高效地抵御恶意行为的攻击,改变传统入侵防御各自为营,检测防御滞后的状况,为云用户提供最大安全限度的入侵防御服务,同时也能够确保云端抵御攻击,做到云端和云用户双向安全的效果.

关键词: 入侵防御, 云计算, 信任理论

Abstract: Cloud computing has the nature of  being dynamic, virtual and open since it was used, and all kinds of largescale cloud security incidents make the safety of cloud environments frequently questioned. To ensure the security of cloud environments, it proposed an intrusion prevention framework model, based on trusted computing in cloud environments, by combining intrusion prevention technologies and trusted computing ideas. The model began with the principle of intrusion prevention with access to behavioral characteristics. Then, these features were gradually normalized, and the weight of each feature was determined to obtain user nodes' credibility. Next, it used a variety of cloud cluster server engines to detect defense and make integrated decision analysis and cluster analysis, enabling the cloud to make timely fast intrusion prevention, which avoids the drawbacks of the traditional intrusion prevention, such as minding only their own business, lagging behind in detecting and preventing attacks. The model provides cloud users with the maximum intrusion prevention services, and ensures that the cloud can withstand attacks, making the cloud and cloud users secure.

Key words: intrusion prevention, cloud computing, trust theory

[1] 王勇, 金雯婷, 王瑛. 云环境中工作流的数据分配方法[J]. 广东工业大学学报, 2016, 33(04): 23-29.
[2] 刘竹松, 陈洁, 田龙. 基于改进布谷鸟搜索算法的云计算任务调度[J]. 广东工业大学学报, 2016, 33(03): 32-36.
[3] 赵广强, 凌捷. 基于双线性对和随机数的云计算环境匿名认证协议[J]. 广东工业大学学报, 2014, 31(3): 67-71.
[4] 林欣达, 林穗. 融合云计算和超级计算的CAE软件集成系统的设计[J]. 广东工业大学学报, 2014, 31(3): 72-76.
[5] 张浩荣, 陈平华, 熊建斌. 基于蚁群模拟退火算法的云环境任务调度[J]. 广东工业大学学报, 2014, 31(3): 77-82.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
版权所有 © 2017 《广东工业大学学报》编辑部
地址:广州市东风东路729号广东工业大学 邮编:510090
电话:020-37626653,020-37626139,020-37626396
邮箱:xbzrb@gdut.edu.cn
本系统由北京玛格泰克科技发展有限公司设计开发