Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

White list based realization method for active defense of cloud host

An implementation method and active defense technology, applied in computer security devices, instruments, electrical digital data processing, etc., can solve problems such as not being able to meet the security requirements of cloud data centers, prevent unknown malware and zero-day attacks, and have strong practicability , protection against application and code effects

Active Publication Date: 2015-12-09
SHANDONG LANGCHAO YUNTOU INFORMATION TECH CO LTD
View PDF2 Cites 42 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Passive protection measures based on blocking and killing are hard to guard against in the face of the new information security situation. Traditional network security, terminal security, and border security solutions can no longer meet the security needs of cloud data centers.
Traditional blacklist defense software can only identify known malware and attacks. For the mixed threats of current viruses, worms, intrusions and other threats, the whitelist-based cloud host intrusion prevention system will undoubtedly provide more critical resources. active defense

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • White list based realization method for active defense of cloud host

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] The present invention will be further described below in conjunction with the accompanying drawings and specific embodiments.

[0037] The present invention provides a whitelist-based cloud host active defense implementation method, as shown in the attached figure 1 As shown, it includes the centralized management platform and client of the server, and the client is installed on each cloud host that needs to be protected. The specific implementation process is as follows:

[0038] 1. First, scan all binary files on the protected cloud host through the server software;

[0039] 2. The cloud security center identifies the trust level of the above-mentioned scanned files, and adds the classified file list library to the white list library, black list library and gray list library respectively, wherein the white list contains known trusted applications; black list The list includes known malicious applications; the gray list includes all unknown applications whose trust le...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a white list based realization method for active defense of a cloud host. The method involves a centralized management platform of a server and a client, and the client is mounted on each cloud host needed to be protected. The specific realization process is as follows: all binary files in the protected cloud host are scanned through server software; a cloud security center identifies out trust ratings of the scanned files and adds a graded file list library into a white list library, a black list library and a gray list library separately; and at the client, only trusted application programs in a white list are allowed to run for preventing loading of a dynamic-link library file in a kernel. Compared with the prior art, the white list based realization method for active defense of the cloud host can completely prevent potential unwanted application programs and codes and prevent advanced threats, is free of feature code update, and can consistently enable known good software, prevent known or unknown bad software, correctly manage new software and effectively prevent unknown malicious software and zero-day attacks.

Description

technical field [0001] The invention relates to the technical field of computer security, in particular to a highly practical whitelist-based cloud host active defense implementation method. Background technique [0002] Driven by new-generation IT technologies such as cloud computing and big data, enterprises are developing more efficiently and intelligently, but information security issues are becoming more and more serious. The cloud host composed of physical server farms and virtual computing software is an important component of IaaS. It not only faces traditional attacks such as server firmware, hardware, OS, and applications, but also faces virtual VMM tampering, GuestOS image tampering, host tenant attacks, etc. New type of threat. [0003] Passive protection measures based on blocking and killing are hard to guard against in the face of the new information security situation. Traditional network security, terminal security, and border security solutions can no long...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/51G06F21/53
CPCG06F21/51G06F21/53
Inventor 梁媛
Owner SHANDONG LANGCHAO YUNTOU INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products