CN103840971A - Method and system for processing cloud cluster abnormities caused by private cloud viruses - Google Patents
Method and system for processing cloud cluster abnormities caused by private cloud viruses Download PDFInfo
- Publication number
- CN103840971A CN103840971A CN201410054591.0A CN201410054591A CN103840971A CN 103840971 A CN103840971 A CN 103840971A CN 201410054591 A CN201410054591 A CN 201410054591A CN 103840971 A CN103840971 A CN 103840971A
- Authority
- CN
- China
- Prior art keywords
- request message
- cloud
- cloud computing
- computing node
- virtual machine
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 241000700605 Viruses Species 0.000 title claims abstract description 59
- 238000000034 method Methods 0.000 title abstract description 8
- 238000012545 processing Methods 0.000 title abstract description 8
- 230000002159 abnormal effect Effects 0.000 claims abstract description 39
- 238000012544 monitoring process Methods 0.000 claims abstract description 36
- 239000000523 sample Substances 0.000 claims abstract description 36
- 238000007689 inspection Methods 0.000 claims description 23
- 238000003672 processing method Methods 0.000 claims description 17
- 239000000725 suspension Substances 0.000 claims description 10
- 238000012423 maintenance Methods 0.000 abstract description 7
- 230000007123 defense Effects 0.000 description 10
- 238000009792 diffusion process Methods 0.000 description 10
- 230000003612 virological effect Effects 0.000 description 6
- 230000002155 anti-virotic effect Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000006872 improvement Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000014599 transmission of virus Effects 0.000 description 2
- 206010033799 Paralysis Diseases 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000004438 eyesight Effects 0.000 description 1
- 239000000178 monomer Substances 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 238000004659 sterilization and disinfection Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000009385 viral infection Effects 0.000 description 1
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
Disclosed is a method and system for processing cloud cluster abnormities caused by private cloud viruses. The method comprises the steps of enabling a cloud computing node of each private cloud computing cluster to be provided with a network flow probe, monitoring flow of the corresponding cloud computing nodes through the network flow probes, judging whether the cloud computing nodes receive continuous request messages with the same characteristics or not, judging whether the number of the received continuous request messages with the same characteristics is equal to or larger than a preset value or not if the continuous request messages with the same characteristics are received, detecting the state of a virtual computer sending out the continuous request messages with the same characteristics if the number of the request messages is equal to or larger than the preset value, and closing the network of the virtual computer when it is detected that system resources of the virtual computer are abnormal. The method and system for processing the cloud cluster abnormities caused by the private cloud viruses can reduce additional use of system resources, lower purchase and maintenance cost of equipment, do not affect the bandwidth and can improve user experience.
Description
Technical field
The present invention relates to cloud computing technology field, particularly abnormal processing method and a kind of abnormal treatment system of cloud cluster that privately owned cloud virus is caused of a kind of cloud cluster that privately owned cloud virus is caused.
Background technology
The privately owned cloud network of cloud computing, the speed of service of monomer virtual machine is not high conventionally, and this is mainly because privately owned cloud is in private room, conventionally isolates with extraneous network, so can not be subject to the situations such as virus attack.Here can think that private user is all active safety user, in private network, there is no the situations such as hacker.When likely occurring that user is using USB(Universal Serial Bus, USB) when the situation such as interface hard disk, virus is surprisingly copied into private network inside, cause its Intranet to be subject to passive virus infections.If now cloud computing system cannot ACTIVE CONTROL virus, just there will be virtual unit virus spread, cause the rapid infected situation of other virtual units to occur, finally cause whole virtual cloud computing system paralysis.
To the problems referred to above, the method for current use is at each virtual cloud computing pc(Personal Computer, personal computer) independently antivirus software of safety on machine, although this kind of method can be dealt with problems, suitable expends virtual pc system resource.In the system resource of virtual pc, each resource is shared, and the resource that namely system is used is few, unnecessary resource can be distributed to other virtual pc and use.Due to this principle, on the basis of the total upper limit of system resource, can expand 20% elastic system resource space, namely can support 500 virtual pc at the next privately owned cloud computing concentrator of situation of virtual pc running at full capacity.When reality is used so, just can configure the use leeway of 600 virtual pc, all because the shared reason of virtual resource, if but every virtual pc will additionally increase an antivirus software, can greatly increase system resource burden, every virtual cloud cluster just cannot configure 600 virtual pc.
As from the foregoing, the cloud cluster abnormal problem causing for privately owned cloud virus, prior art adopts following solution:
Prior art one: each virtual pc is installed to an antivirus software.This mode can increase system resource burden, causes the virtual pc number of system bearing to greatly reduce.
Prior art two: carried out virus and clean before Virtual Cluster front end networking flow, use special viral disinfection server.This mode can increase hardware device and user cost, and because hardware virus is cleaned and can be affected network speed, can reduce bandwidth, affects user's experience.
Summary of the invention
An object of the present invention is to provide a kind of abnormal processing method of cloud cluster that privately owned cloud virus is caused, the method can provide the Initiative Defense of Virus measure to privately owned cloud cluster, reduces extra system resource and uses, and reduce equipment purchase maintenance cost.
For achieving the above object, embodiments of the invention provide a kind of abnormal processing method of cloud cluster that privately owned cloud virus is caused, and comprise the steps:
Each cloud computing node to privately owned cloud computing cluster arranges network traffics probe, monitors the flow of corresponding cloud computing node by this network traffics probe;
Judge whether described cloud computing node receives the request message that continuous feature is identical;
If described cloud computing node receives the request message that continuous feature is identical, whether the quantity of the request message that continuous feature that further judgement receives is identical is equal to or greater than preset value;
If the quantity of described request message is equal to or greater than preset value, the virtual machine that sends the request message that described continuous feature is identical is carried out to status checkout;
Occur when abnormal when being checked through the system resource of described virtual machine, close the network of described virtual machine.
According to an aspect of the present invention, the step that described network traffics probe is monitored the flow of corresponding cloud computing node comprises: described network traffics probe is monitored quantity, the feature of request message and the virtual ip address of request message of the request message that described cloud computing node receives.
According to a further aspect of the invention, describedly judge that whether described cloud computing node receives the request message that continuous feature is identical, comprises the steps:
Multiple request virtual ip address of the request message that feature that described cloud computing node is received is identical are analyzed;
If described multiple request virtual ip address is continuation address, whether the quantity of the request message that the continuous feature that further receives described in judgement is identical is equal to or greater than preset value.
According to another aspect of the present invention, described preset value is arranged according to the practical operation situation of cloud computing system by keeper.
In accordance with a further aspect of the present invention, after closing the network of described virtual machine, also comprise the steps: to send manual examination (check) notice to described keeper, and pass through after information in the inspection that receives described keeper, recover the network of described virtual machine, otherwise keep described virtual machine suspension.
The abnormal processing method of the cloud cluster that privately owned cloud virus is caused of the present invention can provide the Initiative Defense of Virus measure to privately owned cloud cluster, by network traffics probe is set at cloud computing node, monitoring judges whether to meet the feature of virus diffusion by the feature of the request message of node, if met, close the virtual machine that sends above-mentioned request message, thereby reach the object that prevents virus diffusion, realize viral Initiative Defense.The present invention can reduce extra system resource and use, and reduces equipment purchase maintenance cost, can not affect bandwidth, and can improve user and experience.
Another object of the present invention is to provide a kind of abnormal treatment system of cloud cluster that privately owned cloud virus is caused, this system can provide the Initiative Defense of Virus measure to privately owned cloud cluster, reduce extra system resource and use, and reduce equipment purchase maintenance cost.
For achieving the above object, embodiments of the invention provide a kind of abnormal treatment system of cloud cluster that privately owned cloud virus is caused, comprise: network traffics probe, is arranged on each cloud computing node of privately owned cloud computing cluster, for monitoring the flow of corresponding cloud computing node; Monitoring result judgment means, be connected to described network traffics probe, for judging according to the monitoring result of described network traffics probe whether described cloud computing node receives the request message that continuous feature is identical, whether the quantity of the request message that continuous feature that if so, further judgement receives is identical is equal to or greater than preset value; State inspection apparatus, be connected to described monitoring result judgment means and virtual machine, for in the time that described monitoring result judgment means judges that the quantity of the request message that the described feature receiving is continuously identical is equal to or greater than preset value, the virtual machine that sends the request message that described continuous feature is identical is carried out to status checkout; Network control unit, is connected to described state inspection apparatus and described virtual machine, occurs when abnormal for be checked through the system resource of described virtual machine at described state inspection apparatus, closes the network of described virtual machine.
According to an aspect of the present invention, the flow that described network traffics probe is monitored corresponding cloud computing node comprises: quantity, the feature of request message and the virtual ip address of request message of monitoring the request message that described cloud computing node receives.
According to a further aspect of the invention, described monitoring result judgment means is analyzed for multiple request virtual ip address of the identical request message of feature that described cloud computing node is received, if described multiple request virtual ip address is continuation address, whether the quantity of the request message that the continuous feature that further receives described in judgement is identical is equal to or greater than preset value.
According to another aspect of the present invention, described preset value is arranged according to the practical operation situation of cloud computing system by keeper.
According to a further aspect of the invention, described network control unit is also for sending manual examination (check) notice to described keeper, and pass through, after information, to recover the network of described virtual machine, otherwise keep described virtual machine suspension in the inspection that receives described keeper.
The abnormal treatment system of the cloud cluster that privately owned cloud virus is caused of the present invention can provide the Initiative Defense of Virus measure to privately owned cloud cluster, by network traffics probe is set at cloud computing node, monitoring judges whether to meet the feature of virus diffusion by the feature of the request message of node, if met, close the virtual machine that sends above-mentioned request message, thereby reach the object that prevents virus diffusion, realize viral Initiative Defense.The present invention can reduce extra system resource and use, and reduces equipment purchase maintenance cost, can not affect bandwidth, and can improve user and experience.
Accompanying drawing explanation
Fig. 1 is the flow chart of the processing method abnormal according to the cloud cluster that privately owned cloud virus is caused of first embodiment of the invention;
Fig. 2 is the flow chart of the processing method abnormal according to the cloud cluster that privately owned cloud virus is caused of second embodiment of the invention;
Fig. 3 schematically shows the schematic diagram of the abnormal treatment system of the cloud cluster that privately owned cloud virus is caused according to the present invention.
Embodiment
For making the object, technical solutions and advantages of the present invention more cheer and bright, below in conjunction with embodiment and with reference to accompanying drawing, the present invention is described in more detail.Should be appreciated that, these descriptions are exemplary, and do not really want to limit the scope of the invention.In addition, in the following description, omitted the description to known features and technology, to avoid unnecessarily obscuring concept of the present invention.
For the technical scheme of the abnormal processing of the clearer description cloud cluster that privately owned cloud virus is caused of the present invention.First the feature of privately owned cloud virus diffusion is described.Each privately owned cloud computing cluster can at least arrange a cloud computing node, and this node can be for the virtual machine of transfer cloud computing cluster inside (virtual pc) communication information.Hence one can see that, propagates if virtual pc virus wants to carry out viral active, first can send a request message to cloud computing node, carries out request message forwarding by cloud computing node.If receive and respond that improving eyesight marking machine can receive data, can send to target machine to infect virus.Request message is normally asked in batch, and positioning fast which target machine in the hope of the request by a large amount of can be infected, and in most cases, the virtual ip address of request is continuation address, the above-mentioned feature that is the diffusion of privately owned cloud virus.Based on above-mentioned feature, the present invention proposes abnormal processing method and the treatment system of a kind of cloud cluster that privately owned cloud virus is caused.
Fig. 1 is the flow chart of the processing method abnormal according to the cloud cluster that privately owned cloud virus is caused of first embodiment of the invention.
As shown in Figure 1, the abnormal processing method of cloud cluster that privately owned cloud virus is caused of first embodiment of the invention, comprises the steps:
Step S1, arranges network traffics probe to each cloud computing node of privately owned cloud computing cluster, monitors the flow of corresponding cloud computing node by this network traffics probe.
The flow of network traffics probe monitoring cloud computing node, when monitor a large amount of flows by time, can start follow-up exception handling.Wherein, the step that network traffics probe is monitored the flow of corresponding cloud computing node comprises: quantity, the feature of request message and the virtual ip address of request message of the request message that network traffics probe monitoring cloud computing node receives.
Specifically, the quantity of the request message that network traffics probe monitoring cloud computing node receives, the request virtual ip address of each request message, and message characteristic is scanned, in the time monitoring the identical request back message using of continuous appearance (virtual ip address is continuation address) feature, just start follow-up exception handling, check the resource request situation of the pc machine use of the virtual pc of these requests.
Step S2, judges whether cloud computing node receives the request message that continuous feature is identical, if so, performs step S3, otherwise judges that the network of this cloud computing node is normal, does not do any processing.
In an embodiment of the present invention, judge that whether cloud computing node receives the request message that continuous feature is identical, comprises the steps:
Step S21, multiple request virtual ip address of the request message that feature that cloud computing node is received is identical are analyzed.
Step S22, if multiple request virtual ip address is continuation address, performs step S3.
Step S3, whether the quantity that judgement receives the request message that continuous feature is identical is equal to or greater than preset value, if so, performs step S4, otherwise judges that the network of this cloud computing node is normal, does not do any processing.Wherein, preset value can be arranged according to the practical operation situation of cloud computing system flexibly by keeper.
Step S4, carries out status checkout to the virtual machine that sends the request message that continuous feature is identical.,, in the time having request message that a large amount of continuous features is identical by cloud computing node, check the resource request that the pc machine of the virtual pc of above-mentioned request message uses.
Step S5, occurs when abnormal when being checked through the system resource of virtual machine, closes the network of virtual machine, this virtual machine is carried out to casual network disconnection.
Conventionally, there is a large amount of identical request messages of continuous feature if be checked through certain virtual machine, or exist the transmission of virus or wooden horse to close the network of this virtual pc, it is implemented to suspension, and notify keeper to carry out just can using after manual examination (check).
Fig. 2 is the flow chart of the processing method abnormal according to the cloud cluster that privately owned cloud virus is caused of second embodiment of the invention.In Fig. 2, all use the same reference numerals to represent with step identical in Fig. 1, for do not relate to improvement of the present invention in steps, will simply introduce or not introduce, and introduce the step making improvements with respect to prior art.
At execution step S5, after closing the network of virtual machine, further perform step S6.
Step S6, sends manual examination (check) notice to keeper, and passes through, after information, to recover the network of virtual machine in the inspection that receives keeper, otherwise keeps virtual machine suspension.
In other words, in step S5, close the virtual machine of network, just can use by rear in administrator hand inspection, recovered the upstate of this virtual machine.If administrator hand inspection is not passed through, keep this virtual machine to continue suspension.
The present invention is intended to protect a kind of abnormal processing method of cloud cluster that privately owned cloud virus is caused; the method can provide the Initiative Defense of Virus measure to privately owned cloud cluster; by network traffics probe is set at cloud computing node; monitoring judges whether to meet the feature of virus diffusion by the feature of the request message of node; if met, close the virtual machine that sends above-mentioned request message; thereby reach the object that prevents virus diffusion, realize viral Initiative Defense.The present invention can reduce extra system resource and use, and reduces equipment purchase maintenance cost, can not affect bandwidth, and can improve user and experience.
Fig. 3 schematically shows the schematic diagram of the abnormal treatment system of the cloud cluster that privately owned cloud virus is caused according to the present invention.
As shown in Figure 3, the abnormal treatment system of cloud cluster that privately owned cloud virus is caused of the present invention, comprising: network traffics probe 1, monitoring result judgment means 2, state inspection apparatus 3 and network control unit 4.Wherein, network traffics probe 1 is arranged on each cloud computing node of privately owned cloud computing cluster.
Network traffics probe 1, for monitoring the flow of corresponding cloud computing node.Network traffics probe 1 can be monitored the flow that passes through of cloud computing node, when monitor a large amount of flows by time, can start follow-up exception handling.Wherein, the flow that network traffics probe 1 is monitored corresponding cloud computing node comprises: quantity, the feature of request message and the virtual ip address of request message of the request message that monitoring cloud computing node receives.
Specifically, network traffics probe 1 is for the quantity of the request message of monitoring cloud computing node and receiving, the request virtual ip address of each request message, and message characteristic is scanned.
Monitoring result judgment means 2 is connected to network traffics probe 1, for judging according to the monitoring result of network traffics probe 1 whether cloud computing node receives the request message that continuous feature is identical, if, whether the quantity of the request message that continuous feature that further judgement receives is identical is equal to or greater than preset value, otherwise the network that judges this cloud computing node is normal, do not do any processing.
In an embodiment of the present invention, monitoring result judgment means 2 is analyzed for multiple request virtual ip address of the identical request message of feature that cloud computing node is received, if multiple request virtual ip address are continuation address, whether the quantity of the request message that continuous feature that further judgement receives is identical is equal to or greater than preset value.
If monitoring result judgment means 2 judges the quantity of the request message that the continuous feature that receives is identical and is equal to or greater than preset value, be that monitoring result judgment means 2 is while monitoring the identical request back message using of continuous appearance (virtual ip address is continuation address) feature, just start follow-up exception handling, checked the resource request situation of the pc machine use of the virtual pc of these requests by state inspection apparatus 3.If monitoring result judgment means 2 judges the quantity of the request message that the continuous feature that receives is identical and is less than preset value, judge that the network of this cloud computing node is normal, do not do any processing.Wherein, preset value can be arranged according to the practical operation situation of cloud computing system flexibly by keeper.
State inspection apparatus 3 is connected to monitoring result judgment means 2 and virtual machine 5, when judging that in monitoring result judgment means 2 quantity of the request message that the continuous feature that receives is identical is equal to or greater than preset value, the virtual machine 5 that sends the request message that above-mentioned continuous feature is identical is carried out to status checkout.,, in the time having request message that a large amount of continuous features is identical by cloud computing node, state inspection apparatus 3 checks the resource request that the pc machine of the virtual pc of above-mentioned request message uses.
Network control unit 4 is connected to state inspection apparatus 3 and virtual machine 5, occur when abnormal for the system resource that is checked through virtual machine 5 at state inspection apparatus 3, close the network of virtual machine 5, this virtual machine 5 is carried out to casual network disconnection.
Conventionally, if network control unit 4 is checked through certain virtual machine at state inspection apparatus 3 and has a large amount of identical request messages of continuous feature, or exist the transmission of virus or wooden horse to close the network of this virtual pc, allow its suspension, and notify keeper to carry out just can using after manual examination (check).
In an embodiment of the present invention, network control unit 4 is also notified for send manual examination (check) to keeper, and passes through, after information, to recover the network of virtual machine 5 in the inspection that receives keeper, otherwise keeps virtual machine 5 suspensions.In other words, closed the virtual machine of network, just can use by rear in administrator hand inspection, network control unit 4 recovers the upstate of this virtual machine.If administrator hand inspection is not passed through, network control unit 4 keeps this virtual machine to continue suspension.
The present invention is intended to protect a kind of abnormal treatment system of cloud cluster that privately owned cloud virus is caused; this system can provide the Initiative Defense of Virus measure to privately owned cloud cluster; by network traffics probe is set at cloud computing node; monitoring judges whether to meet the feature of virus diffusion by the feature of the request message of node; if met, close the virtual machine that sends above-mentioned request message; thereby reach the object that prevents virus diffusion, realize viral Initiative Defense.The present invention can reduce extra system resource and use, and reduces equipment purchase maintenance cost, can not affect bandwidth, and can improve user and experience.
Should be understood that, above-mentioned embodiment of the present invention is only for exemplary illustration or explain principle of the present invention, and is not construed as limiting the invention.Therefore any modification of, making, be equal to replacement, improvement etc., within protection scope of the present invention all should be included in without departing from the spirit and scope of the present invention in the situation that.In addition, claims of the present invention are intended to contain whole variations and the modification in the equivalents that falls into claims scope and border or this scope and border.
Claims (10)
1. the abnormal processing method of cloud cluster privately owned cloud virus being caused, comprises the steps:
Each cloud computing node to privately owned cloud computing cluster arranges network traffics probe, monitors the flow of corresponding cloud computing node by this network traffics probe;
Judge whether described cloud computing node receives the request message that continuous feature is identical;
If described cloud computing node receives the request message that continuous feature is identical, whether the quantity of the request message that continuous feature that further judgement receives is identical is equal to or greater than preset value;
If the quantity of described request message is equal to or greater than preset value, the virtual machine that sends the request message that described continuous feature is identical is carried out to status checkout;
Occur when abnormal when being checked through the system resource of described virtual machine, close the network of described virtual machine.
2. the abnormal processing method of cloud cluster that privately owned cloud virus is caused according to claim 1, it is characterized in that, the step that described network traffics probe is monitored the flow of corresponding cloud computing node comprises: described network traffics probe is monitored quantity, the feature of request message and the virtual ip address of request message of the request message that described cloud computing node receives.
3. the abnormal processing method of cloud cluster that privately owned cloud virus is caused according to claim 1, is characterized in that, describedly judges that whether described cloud computing node receives the request message that continuous feature is identical, comprises the steps:
Multiple request virtual ip address of the request message that feature that described cloud computing node is received is identical are analyzed;
If described multiple request virtual ip address is continuation address, whether the quantity of the request message that the continuous feature that further receives described in judgement is identical is equal to or greater than preset value.
4. according to the abnormal processing method of cloud cluster that privately owned cloud virus is caused described in claim 1,2 or 3, it is characterized in that, described preset value is arranged according to the practical operation situation of cloud computing system by keeper.
5. the abnormal processing method of cloud cluster that privately owned cloud virus is caused according to claim 1, is characterized in that, after closing the network of described virtual machine, also comprises the steps:
Send manual examination (check) notice to described keeper, and pass through, after information, to recover the network of described virtual machine, otherwise keep described virtual machine suspension in the inspection that receives described keeper.
6. the abnormal treatment system of cloud cluster privately owned cloud virus being caused, comprising:
Network traffics probe, is arranged on each cloud computing node of privately owned cloud computing cluster, for monitoring the flow of corresponding cloud computing node;
Monitoring result judgment means, be connected to described network traffics probe, for judging according to the monitoring result of described network traffics probe whether described cloud computing node receives the request message that continuous feature is identical, whether the quantity of the request message that continuous feature that if so, further judgement receives is identical is equal to or greater than preset value;
State inspection apparatus, be connected to described monitoring result judgment means and virtual machine, for in the time that described monitoring result judgment means judges that the quantity of the request message that the described feature receiving is continuously identical is equal to or greater than preset value, the virtual machine that sends the request message that described continuous feature is identical is carried out to status checkout;
Network control unit, is connected to described state inspection apparatus and described virtual machine, occurs when abnormal for be checked through the system resource of described virtual machine at described state inspection apparatus, closes the network of described virtual machine.
7. the abnormal treatment system of cloud cluster that privately owned cloud virus is caused according to claim 6, the flow that described network traffics probe is monitored corresponding cloud computing node comprises: quantity, the feature of request message and the virtual ip address of request message of monitoring the request message that described cloud computing node receives.
8. the abnormal treatment system of cloud cluster that privately owned cloud virus is caused according to claim 6, described monitoring result judgment means is analyzed for multiple request virtual ip address of the identical request message of feature that described cloud computing node is received, if described multiple request virtual ip address is continuation address, whether the quantity of the request message that the continuous feature that further receives described in judgement is identical is equal to or greater than preset value.
9. according to the abnormal treatment system of cloud cluster that privately owned cloud virus is caused described in any one in claim 6-8, described preset value is arranged according to the practical operation situation of cloud computing system by keeper.
10. the abnormal treatment system of cloud cluster that privately owned cloud virus is caused according to claim 6, described network control unit is also for sending manual examination (check) notice to described keeper, and pass through after information in the inspection that receives described keeper, recover the network of described virtual machine, otherwise keep described virtual machine suspension.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410054591.0A CN103840971B (en) | 2014-02-18 | 2014-02-18 | Cloud cluster caused by a kind of virus to private clound abnormal processing method and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410054591.0A CN103840971B (en) | 2014-02-18 | 2014-02-18 | Cloud cluster caused by a kind of virus to private clound abnormal processing method and system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103840971A true CN103840971A (en) | 2014-06-04 |
CN103840971B CN103840971B (en) | 2018-01-02 |
Family
ID=50804135
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410054591.0A Active CN103840971B (en) | 2014-02-18 | 2014-02-18 | Cloud cluster caused by a kind of virus to private clound abnormal processing method and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103840971B (en) |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1725705A (en) * | 2005-05-09 | 2006-01-25 | 杭州华为三康技术有限公司 | Method for detecting flow attacking message characteristic of network equipment |
CN101094234A (en) * | 2007-07-20 | 2007-12-26 | 北京启明星辰信息技术有限公司 | Method and system of accurate recognition in P2P protocol based on behavior characteristics |
CN101197810A (en) * | 2006-12-08 | 2008-06-11 | 北京大学 | Method for real-time detection of worm |
CN101383694A (en) * | 2007-09-03 | 2009-03-11 | 电子科技大学 | Defense method and system rejecting service attack based on data mining technology |
CN101631026A (en) * | 2008-07-18 | 2010-01-20 | 北京启明星辰信息技术股份有限公司 | Method and device for defending against denial-of-service attacks |
-
2014
- 2014-02-18 CN CN201410054591.0A patent/CN103840971B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1725705A (en) * | 2005-05-09 | 2006-01-25 | 杭州华为三康技术有限公司 | Method for detecting flow attacking message characteristic of network equipment |
CN101197810A (en) * | 2006-12-08 | 2008-06-11 | 北京大学 | Method for real-time detection of worm |
CN101094234A (en) * | 2007-07-20 | 2007-12-26 | 北京启明星辰信息技术有限公司 | Method and system of accurate recognition in P2P protocol based on behavior characteristics |
CN101383694A (en) * | 2007-09-03 | 2009-03-11 | 电子科技大学 | Defense method and system rejecting service attack based on data mining technology |
CN101631026A (en) * | 2008-07-18 | 2010-01-20 | 北京启明星辰信息技术股份有限公司 | Method and device for defending against denial-of-service attacks |
Also Published As
Publication number | Publication date |
---|---|
CN103840971B (en) | 2018-01-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20240267402A1 (en) | Detecting kerberos ticket attacks within a domain | |
KR101836016B1 (en) | Context-aware network forensics | |
US10432650B2 (en) | System and method to protect a webserver against application exploits and attacks | |
EP3214568B1 (en) | Method, apparatus and system for processing cloud application attack behaviours in cloud computing system | |
US10785255B1 (en) | Cluster configuration within a scalable malware detection system | |
US9948667B2 (en) | Signature rule processing method, server, and intrusion prevention system | |
CN110690985A (en) | Network function virtualization architecture with device isolation | |
EP2933973A1 (en) | Data protection method, apparatus and system | |
CA3021285C (en) | Methods and systems for network security | |
Somani et al. | Service resizing for quick DDoS mitigation in cloud computing environment | |
JP2019021294A (en) | SYSTEM AND METHOD OF DETERMINING DDoS ATTACKS | |
US10931685B2 (en) | Malware analysis and recovery | |
JP6220625B2 (en) | Delay monitoring system and delay monitoring method | |
US9661016B2 (en) | Data center infrastructure management system incorporating security for managed infrastructure devices | |
CN104866407A (en) | Monitoring system and method in virtual machine environment | |
JP2016111664A (en) | Computer packaging system, and secure path selection method utilizing network evaluation | |
CN110247893B (en) | Data transmission method and SDN controller | |
US10616245B2 (en) | Real-time remediation respective of security incidents | |
JP5304689B2 (en) | Monitoring system and method for identifying affected services | |
US11736500B2 (en) | System and method for device quarantine management | |
US11196757B2 (en) | Suspending security violating-database client connections in a database protection system | |
US20180123917A1 (en) | System and method for monitoring multiple terminal devices | |
US20120110665A1 (en) | Intrusion Detection Within a Distributed Processing System | |
CN103840971A (en) | Method and system for processing cloud cluster abnormities caused by private cloud viruses | |
JP6476853B2 (en) | Network monitoring system and method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
PP01 | Preservation of patent right |
Effective date of registration: 20180528 Granted publication date: 20180102 |
|
PP01 | Preservation of patent right | ||
PD01 | Discharge of preservation of patent |
Date of cancellation: 20240528 Granted publication date: 20180102 |
|
PD01 | Discharge of preservation of patent | ||
PP01 | Preservation of patent right |
Effective date of registration: 20240528 Granted publication date: 20180102 |
|
PP01 | Preservation of patent right |