A Security Verification Method for Virtual Machine Scheduling Algorithm Based on Dynamic Migration

Abstract

The invention discloses a virtual machine scheduling algorithm safety verification method based on dynamic migration. The method is: 1) monitoring the data message of the control plane network of the target cloud platform; 2) converting the data message into a host information file, a scheduling request information file and a scheduling result information file; 3) the virtual machine scheduling algorithm to be verified according to The host information file, scheduling request information file and scheduling result information file filter out a filter set; 4) obtain the filtered host list of each scheduling request in the scheduling request information file according to the filter set; 5) for each host list The weights of all weighing devices are obtained by using the host selection and replacement calculation; 6) According to the obtained filter set and the weights of the weighing devices, the host predicts the scheduling result of the scheduling request to determine whether it is safe. The detection accuracy of the method is high, and the accuracy rate can reach more than 99.5%.

Description

technical field [0001] The invention relates to a method for verifying the security of a virtual machine scheduling algorithm, in particular to a method for verifying the security of a virtual machine scheduling algorithm based on dynamic migration in a cloud environment, and belongs to the technical field of virtual machines and network security. Background technique [0002] At present, cloud computing technology is widely used. In cloud computing infrastructure, virtual machine dynamic migration has become an essential function of public cloud and private cloud. Virtual machine live migration refers to a technology that migrates a virtual machine from one physical machine to another, and the virtual machine continues to execute the original instructions without interruption during the migration process. Cloud service providers use virtual machine dynamic migration technology for load balancing, centralized management, fault tolerance and other technologies. Live migratio...

AI Technical Summary

Problems solved by technology

[0016] 2. Active modification: Internal attackers may tamper with memory data during network migration of virtual machines, thus posing a huge threat

Integer overflow vulnerabilities have been exposed many times on the Xen platform. These vulnerabilities may lead to the complete control of the entire VMM by attackers, thus causing security threats.

[0022] Disadvantages and limitations of several existing methods

[0023] 1) The security verification method of the data plane in the dynamic migration and the security verification method of the migration module in the dynamic migration are only for the penetration demonstration of the data plane and the migration module, but the data migration of the general cloud platform is encrypted, so the data Plane attacks will not work, and the penetration of the migration module depends on the security holes of the migration module. With the continuous provision of cloud platform software versions, the existing security holes will be continuously repaired, resulting in no security holes available. The security verification method of the migration module cannot be realized

[0024] 2) The existing methods for verifying the security of the control plane in dynamic migration only propose general concepts and lack specific implementation methods, so they have little guiding effect on the security hardening of the cloud platform control plane in practice

Images