Attack detection method for cloud platform virtual equipment and electronic device

A technology for virtual device and attack detection, applied in the field of system security, can solve problems such as poor scalability, wrong model construction, lack of device specification details, etc., to achieve the effect of reducing performance overhead and improving detection rate

Pending Publication Date: 2020-10-20
INST OF INFORMATION ENG CHINESE ACAD OF SCI
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This method needs to summarize the device specification written in natural language. Due to the lack of details of the device specification, outdated or inconsistent implementation, there may be errors in the construction of the model
In addition, this method needs to build different models for different types of devices, and the scalability is poor

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack detection method for cloud platform virtual equipment and electronic device
  • Attack detection method for cloud platform virtual equipment and electronic device
  • Attack detection method for cloud platform virtual equipment and electronic device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] In order to make researchers in the technical field understand the present invention more comprehensively, the core technology in the present invention will be described in detail below in conjunction with the drawings and embodiments.

[0036] An attack detection system aimed at cloud platform virtual devices, the content of which includes:

[0037] 1) Execute information collection module

[0038] This module uses high-precision, low-overhead IntelPT hardware technology to collect data packets related to control flow during the execution of I / O instructions, and process them as execution information. Execution information in the present invention is jump information that affects control flow transfer, including conditional jump information and indirect jump information. Among them, the conditional jump has multiple target addresses, and some branches will not be reached during the normal execution of the program, but due to program logic loopholes and branch conditio...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an attack detection method for virtual equipment in a cloud platform and an electronic device. The attack detection method comprises the steps of: operating an I / O instruction on the virtual equipment, collecting information related to a control flow through employing an Intel PT technology, decoding a generated data package, and acquiring conditional jump information and indirect jump information; and detecting the legality of the I / O instruction according to the conditional jump information, the indirect jump information and a baseline model of the virtual device. Theattack detection method utilizes the hardware technology Intel PT for efficiently collecting information related to the control flow when a program is executed, so that the performance overhead causedby collection operation is reduced; the baseline model of virtual equipment is constructed by using a fuzzy test technology, so that unknown attacks can be effectively detected on the basis of avoiding heavy manual analysis; and a threshold formula is designed on the basis of influence factors related to legality of the execution process of the virtual equipment, a judgment method is further constructed, and the detection rate is effectively increased.

Description

technical field [0001] The invention belongs to the technical field of system security, and relates to an attack detection method, in particular to an attack detection method and an electronic device for virtual equipment in a cloud platform. Background technique [0002] With the accelerated development of cloud computing technology, the migration of information technology infrastructure in various industries to the cloud has become the current mainstream trend. The security of cloud computing is closely related to data security and business stability, and is a key factor that enterprises or organizations need to consider when deploying services to cloud environments. Virtualization technology is the basic core technology of cloud computing, and its security is the key to ensuring the security of the entire cloud environment. [0003] KVM is integrated in each major distribution version of Linux2.6.20 and later, and is the default virtualization mechanism of most Linux dis...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F9/455G06F11/36G06F21/57
CPCG06F9/45558G06F11/3684G06F21/577G06F2009/45587
Inventor 贾晓启黄庆佳贾紫倩张伟娟解亚敏白璐孙慧琪
Owner INST OF INFORMATION ENG CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap