| With progress and researches in private cloud technology, the cloud platform has been widely used. Though it has some advantages and users can gain a lot benefit, the cloud platform brings a lot distress and concerns in security. Current security for cloud platform is still based on firewall which is in the boundary of the entire platform system.As the disadvantage of isolation mechanism for the virtual machine monitor VMM(virtual machine monitor) provided the semantic gap problem and on the monitored outside the system, detection system can only capture register value, data memory, disk data block or the current instruction flow low-level information, a dynamic detection dynamic model is proposed based on a comprehensive analysis of these three security risks. For the communication between the internal virtual machines, there are no necessary security checks. Therefore, if one virtual machine is affected virus, it is easy to transfer to virtual machine. After analysis of basic characteristics of the virus attack, the theses focuses on the running virtual machine processes of private cloud, and network data traffic, and platform critical area request information. A virus signature database is established, and when data packets in the external network transfer into the internal platform, it will be grabbed and compared with the virus signature. A granularity division method is used in order to solve the problem of big object processing.Some technologies such as XEN, hook and Libnids coding are used to achieve dynamic monitoring platform for Eucalyptus cloud platform, and some experiments are executed to verify the validity of the dynamic monitoring and analysis model. |
PDF Full Text Request