Behavior tracing detecting method facing internal threats in IaaS cloud environment

A detection method and cloud environment technology, applied in the field of cloud computing security, can solve problems such as difficult to judge legitimate data access requests, unable to identify unknown threats, and unable to trace data access behaviors

Active Publication Date: 2018-10-30
BEIJING UNIV OF TECH
View PDF4 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the current security detection methods to deal with internal threats mostly use machine learning and nested virtualization underlying information monitoring technology. Among them, the machine learning method can only collect and classify the characteristics of malicious behaviors that have occurred, and cannot identify unknown threats. The nested virtualization monitoring technology only detects the interface behavior of a single node of the cloud service, and cannot trace the data access behavior of cloud service users across multiple nodes, making it difficult to judge whether the current data access is a legal request issued by the user.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Behavior tracing detecting method facing internal threats in IaaS cloud environment
  • Behavior tracing detecting method facing internal threats in IaaS cloud environment
  • Behavior tracing detecting method facing internal threats in IaaS cloud environment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0016] The present invention provides an internal threat-oriented behavior traceability detection method under the IaaS cloud environment, which is based on the calling process of user access data behavior in the IaaS cloud environment, such as figure 2 From the user's request to the implementation to the user's virtual machine image file, there are cloud user interface, computing service interface, remote call interface, management implementation interface, virtualization management interface, virtualization process and other interface layers. The method is realized by three modules: a user behavior tree construction module, a behavior information collection module, and a behavior traceability detection module, as well as data interaction among the modules.

[0017] The present invention is implemented on the OpenStack open source cloud platform. Embed the behavior tree creation module, behavior collection module, and behavior detection module into the OpenStack cloud enviro...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a behavior tracing detecting method facing internal threats in an IaaS cloud environment. The method solves the problems in the prior art that in the IaaS cloud environment, cloud service is called maliciously, the source of the internal threats cannot be judged, and unknown threats cannot be handled. The method adopts a detecting idea of behavior tracing to conduct multi-node correlation analysis on the data accessing flow of users in the cloud environment, a normal behavior tree of various legal operations of the users is obtained, behavior tracing matching is conducted on the collected behavior information, and malicious threats are detected by analyzing the integrity of the behavior tree.

Description

technical field [0001] The invention belongs to the technical field of cloud computing security, and in particular relates to a behavior traceability detection method for internal threats under an IaaS cloud environment. This method adopts the detection idea of ​​behavior traceability. In the cloud environment, multi-node correlation analysis is performed on the process of user access to data to obtain the normal behavior tree of various legal operations of the user, and then the behavior traceability is matched with the collected behavior information. Through Integrity analysis of behavior trees detects malicious threats. Background technique [0002] A cloud environment is a resource pool that contains a large number of available virtual computing resources such as hardware, development platforms, and I / O services. It can dynamically create highly virtual resources and provide them to tenants for on-demand billing in the form of services. Existing cloud computing platform...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1425
Inventor 林莉李爽毛新雅潘雨婷张建标
Owner BEIJING UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap