Design Of Security Situation Awareness System For Cloud Computing Based On Threat Intelligence

In recent years,with the development of computer network technology,computer networks have penetrated into all corners of human society and become an indispensable part of social production.However,as network application scenarios increase,the scope of network security incidents becomes larger and larger,and different network architectures are affected by security threats.At the same time,advanced cyber attacks represented by composite attacks and Advanced Persistent Threats(APT)are extremely harmful.As a major direction of network architecture innovation,cloud computing puts forward higher requirements for its security.A network security situational awareness system that accurately assesses current network security postures and accurately predicts subsequent attacks is an important basis for ensuring cloud computing security.The flexible architecture of cloud computing and the characteristics of resource pooling have made it a lot of favor.With the promotion of cloud computing,its security issues have also received extensive attention.In order to effectively perceive the security situation of cloud computing and predict the attack behavior,this paper proposes a cloud situation security situation awareness framework based on threat intelligence.Firstly,the target virtual machine network security state is taken as the analysis node,and the virtual machine introspection mechanism is used to monitor the target virtual machine running state,so as to more accurately evaluate the impact of the attack behavior on the target virtual machine.Then,the network security situation of the cloud environment is dynamically evaluated according to the game process between the attack and the defense.In attack prediction,cyber threat intelligence is used as an important basis for potential threat analysis.Cyber threat intelligence that is applicable to the current security state is screened through the system hierarchy fuzzy optimization method,and the potential threat of the target system is analyzed using the cyber threat intelligence obtained through screening.If there is no applicable cyber threat intelligence,using the Nash equilibrium to make predictions for the attack behavior.In the end,the cloud security situation awareness system proposed in this paper is tested.The simulation results show the effectiveness and correctness of the proposed method.The cloud computing security situational awareness method can accurately reflect the dynamic changes of the network security situation based on the offensive and defensive game strategies,and effectively predict the potential attack behavior.