Virtual machine dispatch algorithm security verification method based on dynamic migration

Abstract

The invention discloses a virtual machine dispatch algorithm security verification method based on dynamic migration. The method includes the steps that step1, a data message of a control plane network of a target cloud platform is monitored; step2, the data message is converted into a main machine information file, a dispatch request information file and a dispatch result information file; step3, a virtual machine dispatch algorithm to be verified screens out a filter set according to the main machine information file, the dispatch request information file and the dispatch result information file; step4, according to the filter set, a filtered main machine list per dispatch request in the dispatch request information file is obtained; step5, for each main machine list, main machine selective replacement is used for obtaining the weights of all weighing machines; step6, according to the obtained filter set and the weights of the weighing machines, whether a dispatch result main machine obtained through the dispatch requests is safe or not is predicted and judged. The method is high in detection accuracy which can reach above 99.5%.

Description

technical field [0001] The invention relates to a method for verifying the security of a virtual machine scheduling algorithm, in particular to a method for verifying the security of a virtual machine scheduling algorithm based on dynamic migration in a cloud environment, and belongs to the technical field of virtual machines and network security. Background technique [0002] At present, cloud computing technology is widely used. In cloud computing infrastructure, virtual machine dynamic migration has become an essential function of public cloud and private cloud. Virtual machine live migration refers to a technology that migrates a virtual machine from one physical machine to another, and the virtual machine continues to execute the original instructions without interruption during the migration process. Cloud service providers use virtual machine dynamic migration technology for load balancing, centralized management, fault tolerance and other technologies. Live migratio...

AI Technical Summary

Problems solved by technology

[0016] 2. Active modification: Internal attackers may tamper with memory data during network migration of virtual machines, thus posing a huge threat

Integer overflow vulnerabilities have been exposed many times on the Xen platform. These vulnerabilities may lead to the complete control of the entire VMM by attackers, thus causing security threats.

[0022] Disadvantages and limitations of several existing methods

[0023] 1) The security verification method of the data plane in the dynamic migration and the security verification method of the migration module in the dynamic migration are only for the penetration demonstration of the data plane and the migration module, but the data migration of the general cloud platform is encrypted, so the data Plane attacks will not work, and the penetration of the migration module depends on the security holes of the migration module. With the continuous provision of cloud platform software versions, the existing security holes will be continuously repaired, resulting in no security holes available. The security verification method of the migration module cannot be realized

[0024] 2) The existing methods for verifying the security of the control plane in dynamic migration only propose general concepts and lack specific implementation methods, so they have little guiding effect on the security hardening of the cloud platform control plane in practice

Images