Solution for cloud Web application to cope with virtual host layer attacks

A virtual host and solution technology, applied in software simulation/interpretation/simulation, program control design, instruments, etc., can solve problems such as defense methods that cannot meet the security requirements of web servers on the cloud, business interruption, and servers that cannot be repaired immediately. Achieve the effect of increasing attack difficulty and cost and realizing business

Inactive Publication Date: 2020-08-25
ZHEJIANG UNIV
View PDF9 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

There are three defects in such defense measures: firstly, the attacker can use the loopholes in the existing defense measures to attack; secondly, the attacker can also exploit the loopholes in the server itself or even the loopholes in the virtual machine operating system to attack; thirdly, the attacked The server may not be repaired immediately in a short period of time, resulting in long-term business interruption
[0004] Therefore, the existing defense methods cannot meet the security requirements of web servers on the cloud, and a more secure and efficient defense method is urgently needed to increase the attacker's attack cost and enable the server to quickly self-heal after being attacked

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Solution for cloud Web application to cope with virtual host layer attacks
  • Solution for cloud Web application to cope with virtual host layer attacks
  • Solution for cloud Web application to cope with virtual host layer attacks

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] The present invention will be described in further detail below with reference to the accompanying drawings and examples.

[0023] The present invention is realized through the following steps:

[0024] Step 1. Realize the heterogeneity of the operating system of the Web server and the virtual machine.

[0025] Build multiple virtual machines, and install a web server and operating system on each virtual machine, and the combination of web server and operating system is not exactly the same, and each heterogeneous virtual machine is an execution body. The web server can choose Apache, Nginx and IIS; the operating system can choose Ubuntu, Windows and Centos operating system. like figure 1 As shown, a total of 8 executives A have been created 1 ~A 8 (Apache+Centos, Apache+Ubuntu, Apache+Windows, Nginx+Ubuntu, Nginx+Windows, Nginx+Centos, IIS+Centos, IIS+Windows).

[0026] Step 2, ensuring redundancy among executive bodies.

[0027] The web application data on all e...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a solution for a cloud Web application to cope with virtual host layer attacks. The method comprises the steps: creating heterogeneous servers on the cloud, and achieving the data consistency of all the servers through shared storage; achieving the dynamic change of the server through a certain flow forwarding strategy, so as to present a dynamic change target which is difficult to observe and predict for an attacker, thereby increasing the attack difficulty and cost for unknown vulnerabilities and backdoors; and finally, through offline and self-healing of the attackedserver, achieving a purpose that the service is not interrupted. According to the invention, dynamic heterogeneous redundant server deployment is realized, and known and unknown attacks in the network can be solved.

Description

technical field [0001] The invention belongs to the technical field of network security, in particular to the technical field of endogenous defense of network security, and in particular to a solution method for web applications on the cloud to deal with virtual host layer attacks. Background technique [0002] With the continuous evolution of the Internet and the continuous evolution of attack technologies, network attacks present the characteristics of "concealment, coordination, and precision", and network security is in a situation of "easy to attack but difficult to defend". In order to completely change the traditional protection mode of passive response such as "blocking and killing", and form an active defense capability, endogenous security defense technology has emerged as the times require. Endogenous security defense technology refers to an active defense technology proposed based on the internal dynamics, heterogeneity, redundancy, and self-healing structure of ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F9/455
CPCG06F9/45558G06F2009/45587H04L63/1441H04L63/20
Inventor 陈双喜吴春明张晟
Owner ZHEJIANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap