基于OpenStack的新型混合蜜罐系统

发布时间：2018-06-16 03:25

  本文选题：云计算 + 安全　； 参考：《西安电子科技大学》2014年硕士论文

【摘要】：在云计算日渐成熟的今天，公有云已被广泛的应用，而这些应用也成就了很多新兴企业。然而私有云的应用却受技术与成本的限制而发展缓慢，开源云解决方案OpenStack的出现为解决这一问题提供了契机，但是OpenStack并没有为私有云提供完善的安全保障，所以也只能被安全技术背景较强的公司应用。蜜罐系统受安全性、性能和保真度这三个因素的相互制约而无法被有效的广泛应用，目前只能供科研人员研究未知攻击。基于OpenStack的混合蜜罐方案就是在这种背景下设计的，它不仅为私有云提供了更高的安全性，而且解决了蜜罐系统搭建的安全性、保真度与性能这三个相互制约因素带来的难题，让蜜罐系统具有了更高的实用价值。 本文所做的工作如下： 1．提出一种新的混合蜜罐方案，并结合OpenStack把其部署在私有云上。新型混合蜜罐方案是通过低交互蜜罐与高交互蜜罐结合的方法实现，如果把这种方案部署在传统IT（Information Technology）设施上，我们只能保证其安全性与保真度，性能问题却无法有效解决。在把其部署在基于OpenStack的私有云上后，保证了私有云用户对计算与存储资源的按需使用，使性能得到了保障。同时，也为私有云提供了一种安全解决方案。 2．对新系统进行了模拟，，通过对新系统的参数配置，有效的实现了对各种攻击的抓取，并对抓取结果进行了统计分析。分析表明，新的混合系统能够收集到网络上的一些新型攻击。
[Abstract]:Nowadays, the public cloud has been widely used in cloud computing, and these applications have made a lot of new enterprises. However, the application of private cloud is slow to develop due to the limitation of technology and cost. OpenStack, an open source cloud solution, provides an opportunity to solve this problem, but OpenStack does not provide perfect security for private cloud. Therefore, it can only be used by companies with strong background in security technology. Honeypot system is restricted by security, performance and fidelity, so it can not be used widely. At present, honeypot system can only be used by researchers to study unknown attacks. The hybrid honeypot scheme based on OpenStack is designed under this background. It not only provides higher security for private cloud, but also solves the problems caused by the three mutual constraints of honeypot system security, fidelity and performance. The honeypot system has higher practical value. The work of this paper is as follows: 1. A new mixed honeypot scheme is proposed and deployed on private cloud with OpenStack. The new mixed honeypot scheme is realized by the combination of low interactive honeypot and high interactive honeypot. If we deploy this scheme in the traditional ITT Information Technology, we can only guarantee its security and fidelity, but the performance problem can not be solved effectively. After it is deployed on the private cloud based on OpenStack, it ensures that the private cloud users can use the computing and storage resources on demand, so that the performance is guaranteed. At the same time, it also provides a security solution for private cloud. 2. The new system is simulated. Through the parameter configuration of the new system, the grab of all kinds of attacks is realized effectively, and the result of grab is analyzed statistically. The analysis shows that the new hybrid system can collect some new attacks on the network.
【学位授予单位】：西安电子科技大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP393.08


本文编号：2025054