云平台安全主动防护技术研究

发布时间：2018-02-15 06:41

本文关键词： 云平台主动防护技术数据优化异常检测异常恢复　出处：《北京交通大学》2017年硕士论文　论文类型：学位论文

【摘要】：近年来,云平台技术的广泛应用和快速发展,并采用专业的服务器集中管理,普遍具有良好的可用性和安全性。网络环境中的恶意攻击,云平台自身的复杂性以及大规模性使得云平台系统经常发生异常,引起部分甚至所有服务失效。因此,云平台安全主动防护技术已成为领域的研究热点。本文面向云平台安全,从网络安全和主机安全两个层次开展主动防护技术研究,针对云平台安全异常,进行实时异常分析、系统检测和系统恢复,重在增强云平台可用性。本文的工作主要有以下三点。首先,为了获取云平台网络和主机运行信息,设计云平台安全主动防护异常监控系统,对云平台网络攻击信息和服务器运行数据进行概率统计分析,使用基于概率统计的特征优化算法和基于数据类型的特征优化算法对数据集进行优化。针对云平台网络和主机等异常检测问题,提出基于信息密度贝叶斯算法的异常检测方法,构造数据特征概率集合,通过引入信息熵来表示信息的不确定度,定义信息密度以描述信息不确定度分布状态,对算法进行了详细描述,并分析了其时间复杂度。通过实验对攻击数据进行分析,表明方法可有效减少数据信息损失,提高检测准确率,并缩短检测时间。其次,在分析异常恢复技术及其优缺点的基础上,设计了一种基于状态度量值的异常恢复方法,计算出集群的状态度量值,通过设置备份恢复节点,记录异常前系统正确的运行状态。根据异常恢复的策略,系统进行检查点设置,提供安全状态恢复机制和恢复协议,并保持状态节点记录一致性,将云平台系统正确运行状态存储到系统备份存储器。实验表明,当云平台运行发生异常,可有效进行安全状态恢复。最后,设计并实现了云平台安全防护系统,搭建实验平台并收集各项性能数据,对系统各模块的性能进行验证。实验结果表明,该系统可以有效减少数据处理时间的损耗,降低了信息的损失,可以有效较低误检率,提高检测准确率,具备良好的检测和安全恢复性能。
[Abstract]:In recent years, with the wide application and rapid development of cloud platform technology, and the use of professional server centralized management, generally have good availability and security. Malicious attacks in the network environment, The complexity and large scale of cloud platform make cloud platform system often abnormal, causing some or even all service failure. Therefore, cloud platform security active protection technology has become a research hotspot in the field of cloud platform security. From the network security and host security two levels of active protection technology research, aimed at cloud platform security anomalies, real-time anomaly analysis, system detection and system recovery, The main work of this paper is to enhance the usability of cloud platform. Firstly, in order to obtain cloud platform network and host operation information, the cloud platform security active protection anomaly monitoring system is designed. On the cloud platform network attack information and server running data for the probability and statistical analysis, The feature optimization algorithm based on probability and statistics and the feature optimization algorithm based on data type are used to optimize the data set. An anomaly detection method based on information density Bayesian algorithm is proposed to solve the anomaly detection problems such as cloud platform network and host computer. The information entropy is introduced to represent the uncertainty of information, the information density is defined to describe the distribution of information uncertainty, and the algorithm is described in detail. The analysis of the attack data shows that the method can effectively reduce the loss of data information, improve the detection accuracy, and shorten the detection time. Based on the analysis of abnormal recovery technology and its advantages and disadvantages, an anomaly recovery method based on state measure is designed, and the state measure of cluster is calculated, and the backup recovery node is set up. According to the strategy of abnormal recovery, the system sets up checkpoint, provides security state recovery mechanism and recovery protocol, and keeps the record consistency of state node. The cloud platform system running state is stored in the system backup memory. The experiment shows that when the cloud platform operation is abnormal, the security state can be recovered effectively. Finally, the cloud platform security protection system is designed and implemented. The experimental results show that the system can effectively reduce the loss of data processing time, reduce the loss of information, and effectively reduce the false detection rate. Improve detection accuracy, with good detection and safety recovery performance.
【学位授予单位】：北京交通大学
【学位级别】：硕士
【学位授予年份】：2017
【分类号】：TP393.08

【参考文献】