本文選題：虛擬化安全 + 云監(jiān)控　； 參考：《北京郵電大學》2017年碩士論文

【摘要】：近年來,云計算技術(shù)得到了快速發(fā)展,各種各樣的云服務逐漸走到了社會生活中,云計算得到了越來越廣泛的應用,虛擬化技術(shù)作為云計算的基礎技術(shù),其自身的安全性收到了越來越多的關(guān)注,虛擬化安全直接影響著云平臺的可靠性。越來越多的專家學者投入到虛擬化安全的研究中。云監(jiān)控便是云安全領域的重要技術(shù)之一。虛擬化技術(shù)的出現(xiàn),改變了以往的計算機系統(tǒng)的體系結(jié)構(gòu),由于其具有便捷性、高效性和隔離性等特點,現(xiàn)在越來越多的計算系統(tǒng)逐漸向虛擬計算環(huán)境靠攏。以往的安全監(jiān)控系統(tǒng)運行在穩(wěn)定的計算環(huán)境和網(wǎng)絡環(huán)境,而虛擬化技術(shù)改變了傳統(tǒng)的計算環(huán)境,操作系統(tǒng)不再是直接位于硬件層之上,同一個硬件平臺上可以運行多個操作系統(tǒng),每個系統(tǒng)上運行不同的服務。虛擬化技術(shù)的出現(xiàn)給安全監(jiān)控帶來了挑戰(zhàn)。面的復雜多變的虛擬計算環(huán)境,本文提出了一種透明的虛擬機網(wǎng)絡監(jiān)控系統(tǒng)。針對虛擬機的中運行的不同服務,可以對虛擬機域配置檢測規(guī)則,將虛擬機與服務類型綁定。主要原理是根據(jù)流入和流出虛擬機的所有數(shù)據(jù)包都會經(jīng)過虛擬化層的網(wǎng)橋,可以通過檢測軟件嗅探到所有的網(wǎng)絡數(shù)據(jù)包,監(jiān)控系統(tǒng)部署在管理域便可以進行特定數(shù)據(jù)包的過濾和檢測。網(wǎng)絡防火墻模塊是對傳統(tǒng)網(wǎng)絡防火墻的改進,增加了域自適應檢測的功能,根據(jù)每個虛擬機域運行的服務進行數(shù)據(jù)包的過濾。通過虛擬機防火墻的網(wǎng)絡數(shù)據(jù)有兩個流向,一是到達目標虛擬機域,二是到達位于管理域的入侵檢測模塊,入侵檢測模塊基于Snort改進而來,Snort是基于規(guī)則文件的入侵檢測系統(tǒng),能夠識別出已經(jīng)存在的網(wǎng)絡攻擊行為。入侵檢測模塊與虛擬機網(wǎng)絡防火墻形成聯(lián)動的系統(tǒng),入侵檢測模塊發(fā)現(xiàn)攻擊行為并能夠影響防火墻過濾規(guī)則。防火墻域自適應過濾過程能夠影響入侵檢測的效率。通過實驗對系統(tǒng)進行了測試,包括監(jiān)控系統(tǒng)功能測試和性能測試,經(jīng)過試驗,證明的監(jiān)控系統(tǒng)的有效性,在不給系統(tǒng)成太大的性能損失的條件下,監(jiān)控系統(tǒng)增強了云平臺的安全性。
[Abstract]:In recent years, cloud computing technology has been rapid development, a variety of cloud services have gradually come to social life, cloud computing has been more and more widely used, virtualization technology as the basic technology of cloud computing, Its own security has received more and more attention. Virtualization security directly affects the reliability of cloud platform. More and more experts and scholars put into the research of virtualization security. Cloud monitoring is one of the most important technologies in the field of cloud security. With the appearance of virtualization technology, the architecture of computer system has been changed. Because of its convenience, efficiency and isolation, more and more computing systems are becoming more and more close to the virtual computing environment. The security monitoring system used to run in the stable computing environment and network environment, but virtualization technology has changed the traditional computing environment, the operating system is no longer directly located on the hardware layer. Multiple operating systems can be run on the same hardware platform, with different services running on each system. The emergence of virtualization technology brings challenges to security monitoring. In this paper, a transparent virtual machine network monitoring system is proposed. For the different services running in the virtual machine, we can configure the detection rules for the virtual machine domain and bind the virtual machine to the service type. The main principle is that all packets flowing into and out of the virtual machine will pass through the bridge of the virtualization layer, and all network packets can be sniffed by the detection software. Monitoring system deployed in the administrative domain can be used to filter and detect specific packets. The network firewall module is an improvement to the traditional network firewall. It adds the function of domain adaptive detection and filters packets according to the service running in each virtual machine domain. There are two flows of network data through virtual machine firewall, one is to reach the target virtual machine domain, the other is to arrive at the intrusion detection module located in the management domain. The intrusion detection module is an intrusion detection system based on rule file, which is improved by Snort. Ability to identify existing network attacks. Intrusion detection module and virtual machine network firewall form a linkage system. Intrusion detection module detects attack behavior and can affect firewall filtering rules. Firewall domain adaptive filtering process can affect the efficiency of intrusion detection. The system is tested through experiments, including the function test and performance test of the monitoring system. The effectiveness of the monitoring system is proved by the experiment, and the performance loss is not too great for the system. Monitoring system enhances the security of cloud platform.
【學位授予單位】：北京郵電大學
【學位級別】：碩士
【學位授予年份】：2017
【分類號】：TP393.0

【參考文獻】

相關(guān)期刊論文 前4條

1 陳康;鄭緯民;;云計算:系統(tǒng)實例與研究現(xiàn)狀[J];軟件學報;2009年05期

2 張興東,胡華平,況曉輝,陳輝忠;防火墻與入侵檢測系統(tǒng)聯(lián)動的研究與實現(xiàn)[J];計算機工程與科學;2004年04期

3 李承,王偉釗,程立,汪為農(nóng),李家濱;基于防火墻日志的網(wǎng)絡安全審計系統(tǒng)研究與實現(xiàn)[J];計算機工程;2002年06期

4 張慧敏,何軍,黃厚寬;入侵檢測系統(tǒng)[J];計算機應用研究;2001年09期

，

本文編號：1949609