CN105608380B - Cloud computing security evaluation method based on life cycle of virtual machine - Google Patents

Cloud computing security evaluation method based on life cycle of virtual machine Download PDF

Info

Publication number
CN105608380B
CN105608380B CN201510952951.3A CN201510952951A CN105608380B CN 105608380 B CN105608380 B CN 105608380B CN 201510952951 A CN201510952951 A CN 201510952951A CN 105608380 B CN105608380 B CN 105608380B
Authority
CN
China
Prior art keywords
threat
virtual machine
influence
life cycle
attribute
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510952951.3A
Other languages
Chinese (zh)
Other versions
CN105608380A (en
Inventor
高静
董建敏
石瑞峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inner Mongolia Agricultural University
Original Assignee
Inner Mongolia Agricultural University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inner Mongolia Agricultural University filed Critical Inner Mongolia Agricultural University
Priority to CN201510952951.3A priority Critical patent/CN105608380B/en
Publication of CN105608380A publication Critical patent/CN105608380A/en
Application granted granted Critical
Publication of CN105608380B publication Critical patent/CN105608380B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a cloud computing security evaluation method based on a virtual machine life cycle. The method comprises the steps of firstly identifying threats and vulnerabilities at each stage in the life cycle of the virtual machine, analyzing according to the identified threats and vulnerabilities, finding out information of the threats and the vulnerabilities, estimating the occurrence probability of a threat event, analyzing the influence of risk estimation of the existing safety strategy, obtaining the relative value of main risks faced by a system, and storing the estimation result of each stage in the life cycle of the virtual machine into a database. And the comprehensive risk evaluation module in the evaluation model effectively performs reasoning according to a certain reasoning rule, evaluates the overall safety condition of the whole system object by combining knowledge in the safety knowledge base to obtain the overall risk condition of the system, and correspondingly explains the result.

Description

Cloud computing security evaluation method based on life cycle of virtual machine
Technical Field
The invention relates to the field of cloud computing safety, in particular to a cloud computing safety evaluation method based on a virtual machine life cycle.
Background
The cloud computing mode forms an effective emerging computing model by integrating a large number of computing resources in a wide area network and providing the integrated computing resources to users in a service form. The user can use the serviced computing resources and storage resources through the network at any time according to the needs without considering specific computing details and equipment maintenance. Therefore, the IT cost of enterprise users is greatly reduced, and the utilization rate of hardware resources is improved. The security of cloud computing is directly related to the improvement and promotion of the effectiveness, stability, persistence, high efficiency and the like of cloud services, and is one of the important factors for selecting cloud computing by a user. While bringing many conveniences, the cloud computing architecture also raises a series of cloud data security and credibility problems. This open mode also presents a potential safety hazard while providing easy access for the user. Because the cloud computing platform generally uses the virtual machine system as a bottom layer architecture to provide services of an infrastructure layer for users, how to establish an effective evaluation method aiming at the security of the virtual machine to solve the problem that the security problem in the actual cloud environment becomes a difficult point in the cloud security field, and the current risk evaluation tools are generally static evaluation in advance and are difficult to effectively carry out risk evaluation and management on the dynamic cloud computing system.
The invention provides a cloud computing security evaluation method based on a virtual machine life cycle, aiming at the problem of a security evaluation model. The virtual machine is one of important components of an infrastructure layer of the cloud computing system, potential threats of each stage of a life cycle of the virtual machine are found, and a corresponding protection framework and an interception technology are formulated to ensure the safety of the virtual machine. The life cycle of the virtual machine is divided into: the method comprises 9 stages of image definition, image creation, image custom-making, image transmission, image storage, VM deployment, context environment change, VM operation and VM undeployment.
Disclosure of Invention
Aiming at the problems, the invention provides a cloud computing security evaluation method based on the life cycle of a virtual machine. The method comprises the steps of firstly identifying threats and vulnerabilities at each stage in the life cycle of the virtual machine, analyzing according to the identified threats and vulnerabilities, finding out information of the threats and the vulnerabilities, estimating the occurrence probability of a threat event, analyzing the influence of risk evaluation values with safety strategies, obtaining the relative value of main risks faced by a system, dividing risk levels, and storing the evaluation result of each stage in the life cycle of the virtual machine into a database. And the comprehensive risk evaluation module in the evaluation model effectively performs reasoning according to a certain reasoning rule, evaluates the overall safety condition of the whole system object by combining knowledge in the safety knowledge base to obtain the overall risk condition of the system, and correspondingly explains the result.
The threat and the vulnerability of the life cycle of the virtual machine are mainly in the last six stages of mirror image transmission, mirror image storage, VM deployment, context environment change, VM operation, VM undeployment and the like. During the first three stages of the life cycle, local operation is mostly performed, and potential cloud threats are almost zero;
further, when the virtual machine is in the mirror image transmission stage, network sharing is required, and at this time, the virtualization technology problem may threaten the normal operation of the virtual machine, and may also cause data loss and leakage;
further, when the virtual machine is in the mirror image storage stage, internal personnel are easy to perform illegal operation, and meanwhile, an unsafe interface and an API are also one of potential cloud threats in the stage;
further, when the virtual machine is in a deployment and context environment change stage, the virtual machine monitoring system needs to be shared in addition to the shared storage and the network, and usually, a malicious tenant searches for required resources by eavesdropping on information of the virtual machine to invade the virtual machine monitoring system, erects a trojan or malicious software on a disk or a network, changes a VM mirror image and takes over the whole virtual machine;
furthermore, when the virtual machine is in the operating stage, the data center and the physical node need to be shared, and at this stage, if an attacker can acquire account information or a service mode, the attacker can eavesdrop the activity of the virtual machine, forge data and other operations;
further, when the virtual machine is in an undeployed stage, the storage and the network need to be shared, so that loss and leakage of data are the most significant threats faced by the virtual machine in this stage.
The threat is an external cause of risk, and the threat can come from various factors such as a system, a natural environment or a person. Vulnerability is an internal cause of risk. Since vulnerability is the only way to damage the system, the degree of impact of the threat is directly related to the severity of the vulnerability. One vulnerability corresponds to only one threat, and one threat may correspond to multiple vulnerabilities.
The existing security policy is that a manufacturer presets a series of security control measures to prevent potential security risks or improves the control measures against the generated security attacks when operating the cloud computing system. Existing control measures improve the outcome of system risk assessment by both reducing the likelihood of a threat occurring and reducing the destructive effects of the threat. In the risk assessment process, the actual existing safety measures are taken into consideration in risk calculation, so that the risk value which best accords with the current tense is obtained.
One or more technical solutions provided in the embodiments of the present application have at least the following technical effects or advantages: the invention solves the problem of safety evaluation under cloud computing, continuously identifies threats, discovers new threats and vulnerabilities and avoids relative risks in the whole life cycle of the virtual machine, thereby ensuring that the safety risks are controlled in a limited range.
Drawings
The present invention will be described in further detail with reference to the accompanying drawings and specific embodiments.
FIG. 1 is a schematic structural diagram of the present invention.
Detailed Description
As shown in fig. 1, the present invention provides a cloud computing security evaluation method based on a virtual machine lifecycle, including: the method comprises single-stage safety assessment 1, single-stage safety assessment result information 2, threat and vulnerability comparison information 3, actual safety configuration 4, a safety knowledge base 5, an assessment result 6, a comprehensive assessment database 7 and safety comprehensive assessment 8 in the life cycle of the virtual machine. The single-stage security assessment in the life cycle of the virtual machine is composed of threat identification, vulnerability identification, existing security strategies and single-stage security risk calculation. The safety comprehensive evaluation comprises comprehensive reasoning, knowledge management, comprehensive safety evaluation and result interpretation.
Wherein the time threat occurrence probability is influenced by the following 3 factors: the technical size of the threat and the vulnerability are easy to be threatened and utilized. Wherein, the probability of the threat T is defined as P (T), and the two factors are independent from each other and are respectively defined as P (C) and P (V) in turn. The probability of occurrence of the threat time p (t) ═ p (c) × p (v).
The estimation of the influence degree of the threat adopts a concept of multi-attribute threat influence degree, namely, the influence of a certain threat on different layers of the system is called as the consequence attribute of the certain threat, each different threat consequence attribute is endowed with a corresponding weight value, and the weight value depends on the attention degree of the cloud computing system to the threat influence and the bearing capacity of the system.
The evaluation of the threat impact level takes into account the weighting of the different outcome attributes to obtain a risk level that is consistent with reality.
Wherein the threat TiThe consequence attribute that can be caused is defined as X: { Xt1, 2, …, s, and the corresponding set of consequence attribute values D: { dit1, 2, …, n; t ═ 1, 2, …, s }, where Xt、ditAre respectively provided withRepresentative threat TiThe t-th consequence attribute and a possible influence value on the consequence attribute, and s is the number of types of the consequence attribute; the weight set corresponding to the threat outcome attribute is defined as W: { wt|t=1,2,…,s},wtRepresenting the weight of the t-th outcome attribute.
The existing security strategy influences preset a series of security control measures for the system, and the result of system risk evaluation is improved by reducing the possibility of threat occurrence and reducing the destructiveness of threat influence.
In which a certain security measure S ═ S is defined1,S2,…,SiReduce threat TiThe influence of the possibility of occurrence is Saik(k is 0, 0.1, 0.2, …, 1) and Sb reduces the destructive effect of the threatik(k=0,0.1,0.2,…,1)。
Wherein Saik、SbikThe value of (a) is in the range of 0-1, 0 representing complete influence and 1 representing no influence.
The comprehensive security evaluation needs to obtain the comprehensive security evaluation of the whole cloud computing system according to the security evaluation of each stage in the life cycle of the virtual machine and the importance weight of the security evaluation on the system.
The above-described embodiments are only specific examples for further explaining the object, technical solution and advantageous effects of the present invention in detail, and the present invention is not limited thereto. Any modification, equivalent replacement, improvement and the like made within the scope of the disclosure of the present invention are included in the protection scope of the present invention.

Claims (1)

1. A cloud computing security assessment method based on a virtual machine life cycle is characterized by comprising the following steps:
firstly, identifying threats and vulnerabilities at each stage in the life cycle of a virtual machine; the life cycle of the virtual machine is divided into: defining a mirror image, creating the mirror image, customizing a mirror image customer, transmitting the mirror image, storing the mirror image, deploying a VM (virtual machine), changing a context environment, operating the VM and not deploying the VM in 9 stages;
analyzing according to the identified threats and vulnerabilities to find out information of the threats and the vulnerabilities;
estimating the occurrence probability of the threat event; wherein the probability of occurrence of a threat event is influenced by the following 2 factors: the technical size of the threat and whether the vulnerability is easy to be threatened and utilized; wherein, the probability of threat T occurrence is defined as P (T), and the two factors are mutually independent and are respectively defined as P (C) and P (V) in turn, and the probability of threat event occurrence P (T) ═ P (C) ((V));
the estimation of the influence degree of the threat adopts a concept of multi-attribute threat influence degree, namely, the influence of a certain threat on different layers of the system is called as the consequence attribute of the certain threat, each different threat consequence attribute is endowed with a corresponding weight value, and the weight value depends on the attention degree of the cloud computing system to the threat influence and the bearing capacity of the system;
the influence degree of the threat is evaluated by fully considering the weights of different consequence attributes so as to obtain the risk level which is consistent with the actual situation;
wherein the threat TiThe consequence attribute that can be caused is defined as X: { Xt1, 2, …, s, and the corresponding set of consequence attribute values D: { dit1, 2, …, n; t ═ 1, 2, …, s }, where Xt、ditRespectively represent a threat TiThe t-th consequence attribute and a possible influence value on the consequence attribute, and s is the number of types of the consequence attribute; the weight set corresponding to the threat outcome attribute is defined as W: { wt|t=1,2,…,s},wtWeights representing the t-th outcome attributes;
analyzing the influence of the risk evaluation value with the safety strategy to obtain the relative value of the main risk faced by the system;
the existing security strategy influences preset a series of security control measures for the system, and the result of system risk evaluation is improved by reducing the possibility of threat occurrence and reducing the destructiveness of threat influence; in which a certain security measure S ═ S is defined1,S2,…,SiReduce threat TiThe influence of the possibility of occurrence is Saik(k=0,0.1,0.2,…, 1), Sb is the destructive influence of the threatik(k ═ 0, 0.1, 0.2, …, 1); wherein Saik、SbikThe value of (a) is in the range of 0-1, 0 represents complete influence, and 1 represents no influence;
evaluating the overall safety condition of the whole system according to the evaluation value of the virtual machine in a single life cycle stage; the comprehensive safety evaluation is to obtain the comprehensive safety evaluation of the whole cloud computing system according to the safety evaluation of each stage in the life cycle of the virtual machine and the importance weight of the safety evaluation on the system.
CN201510952951.3A 2015-12-21 2015-12-21 Cloud computing security evaluation method based on life cycle of virtual machine Active CN105608380B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510952951.3A CN105608380B (en) 2015-12-21 2015-12-21 Cloud computing security evaluation method based on life cycle of virtual machine

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510952951.3A CN105608380B (en) 2015-12-21 2015-12-21 Cloud computing security evaluation method based on life cycle of virtual machine

Publications (2)

Publication Number Publication Date
CN105608380A CN105608380A (en) 2016-05-25
CN105608380B true CN105608380B (en) 2021-01-26

Family

ID=55988308

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510952951.3A Active CN105608380B (en) 2015-12-21 2015-12-21 Cloud computing security evaluation method based on life cycle of virtual machine

Country Status (1)

Country Link
CN (1) CN105608380B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106203815A (en) * 2016-07-05 2016-12-07 国家电网公司 A kind of Information Security Risk lifecycle management control method and system
CN108200095B (en) * 2018-02-09 2021-02-23 华北电力科学研究院有限责任公司 Method and device for determining vulnerability of Internet boundary security policy
CN110188541B (en) * 2019-04-18 2021-06-04 招银云创信息技术有限公司 Risk assessment method and device of business system, assessment terminal and storage medium
CN113742735A (en) * 2021-09-18 2021-12-03 合肥力拓云计算科技有限公司 Big data-based energy balance analysis platform safety system and use method thereof

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103699844B (en) * 2012-09-28 2016-10-26 腾讯科技(深圳)有限公司 Safety protection system and method

Also Published As

Publication number Publication date
CN105608380A (en) 2016-05-25

Similar Documents

Publication Publication Date Title
US11252175B2 (en) Criticality analysis of attack graphs
US11822702B2 (en) Generating attack graphs in agile security platforms
US11652852B2 (en) Intrusion detection and mitigation in data processing
US10936717B1 (en) Monitoring containers running on container host devices for detection of anomalies in current container behavior
Wahab et al. Resource-aware detection and defense system against multi-type attacks in the cloud: Repeated bayesian stackelberg game
JP6621940B2 (en) Method and apparatus for reducing security risks in a networked computer system architecture
US11838117B2 (en) Systems and methods for detecting and mitigating cyber security threats
US10862918B2 (en) Multi-dimensional heuristic search as part of an integrated decision engine for evolving defenses
US11438385B2 (en) User interface supporting an integrated decision engine for evolving defenses
KR101534192B1 (en) System for providing cybersecurity realtime training against attacks and method thereof
US20180189697A1 (en) Methods and apparatus for processing threat metrics to determine a risk of loss due to the compromise of an organization asset
CN105608380B (en) Cloud computing security evaluation method based on life cycle of virtual machine
US9444829B1 (en) Systems and methods for protecting computing resources based on logical data models
CN111581643B (en) Penetration attack evaluation method and device, electronic device and readable storage medium
US20230050771A1 (en) Method for determining risk level of instance on cloud server, and electronic device
US20080148404A1 (en) Method, system, and program product for characterizing computer attackers
JP2023550974A (en) Image-based malicious code detection method and device and artificial intelligence-based endpoint threat detection and response system using the same
CN105683943B (en) Use the distributed network security of the Policy model of logic-based multidimensional label
US11438354B2 (en) Systems and methods for utilizing machine learning models to detect cloud-based network access anomalies
KR102530083B1 (en) Virtualization apparatus, system for detecting malicious based on cloud and management method thereof
Hecht et al. Critical services in the cloud: Understanding security and resilience risks
Zhang Quantitative risk assessment under multi-context environments
Sadamatsu et al. Practice within fujitsu of security operations center: Operation and security dashboard
KR20050093196A (en) Method and system for calculating an risk index in real-time of information assets
Dali et al. A heuristic attack detection approach using the “least weighted” attributes for cyber security data

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant