CN108377263A - Adaptive private clound sandbox setting method, equipment and medium - Google Patents

Adaptive private clound sandbox setting method, equipment and medium Download PDF

Info

Publication number
CN108377263A
CN108377263A CN201810106489.9A CN201810106489A CN108377263A CN 108377263 A CN108377263 A CN 108377263A CN 201810106489 A CN201810106489 A CN 201810106489A CN 108377263 A CN108377263 A CN 108377263A
Authority
CN
China
Prior art keywords
sandbox
resource
private clound
task
adaptive
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810106489.9A
Other languages
Chinese (zh)
Inventor
黄越
程波
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Jess Safety Technology Co Ltd
Original Assignee
Beijing Jess Safety Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Jess Safety Technology Co Ltd filed Critical Beijing Jess Safety Technology Co Ltd
Priority to CN201810106489.9A priority Critical patent/CN108377263A/en
Publication of CN108377263A publication Critical patent/CN108377263A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • H04L67/1004Server selection for load balancing
    • H04L67/1008Server selection for load balancing based on parameters of servers, e.g. available memory or workload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • H04L67/1029Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers using data related to the state of servers by a load balancer

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Catching Or Destruction (AREA)

Abstract

Adaptive private clound sandbox setting method provided by the invention, equipment and medium, method include:By cloud resource monitoring programme monitor private clound resource service condition, detect private clound on whether available free resource;When the available free resource of private clound, start the right quantity sandbox in multiple sandboxs, the sandbox after startup obtains task requests from sandbox adaptive platform;When private clound does not have idling-resource, continue waiting for until available free resource;When the load of Cloud Server is more than predetermined threshold value, sandbox is hung up, and records the metadata of sandbox, the Cloud Server of available free resource is found, sandbox is transferred on available free Cloud Server and is continued to run with;When the load of Cloud Server is less than predetermined threshold value, sandbox continues to run with.The present invention perceives the resource situation of Cloud Server, allows sandbox example number that can be adapted to private clound, possess adaptive characteristic, achieve the purpose that save cost by being communicated with private clound administrative center.

Description

Adaptive private clound sandbox setting method, equipment and medium
Technical field
The present invention relates to computer software fields more particularly to adaptive private clound sandbox setting method, equipment and Jie Matter field.
Background technology
Sandbox is a kind of operating system of barrier properties, is loaded with target software running environment and analysis software above, analysis Software is used for analyzing the behavioural characteristic of target software.Security study personnel usually when carrying out malicious code analysis, in order to It avoids excessively repeating complicated manual analysis, sandbox can be used to carry out automated analysis first, check its behavioural characteristic.In sandbox In interactive operation Malware, after starting analysis software, it can when you run Malware collection system Global Information. When being interacted with Malware in sandbox, the collection of malice index, such as the reading to sensitive document can be used it for, it is quick Feel the detection of instruction.
The realization of major part sandbox is the installation operation simply on one or more physical machine or virtual machine at present System and analysis software form.Its purpose is exactly to construct a required environment of running software, and guarantee has software to be analyzed Energy normal operation forms report to which analysis software can track and collect the various actions feature of the software, to Security Officer point Analysis.One basic procedure is exactly to open sandbox virtual machine, is put into running software to be analyzed, collects various resources, such as registration table, Internet resources, file access.
With private clound technology maturation, private clound is more and more in the application of enterprises, but traditional sandbox disposes skill Art lacks flexibility and elasticity, is unable to fully the powerful calculating ability and storage capacity that are provided using private clound.
Invention content
In view of the above technical problems, the present invention provides a kind of adaptive private clound sandbox setting method, equipment and medium, By with private clound administrative center communicate, the resource situation of Cloud Server can be perceived, allow sandbox example number that can be adapted to private clound, Possess adaptive characteristic, and bottom good compatibility, special sandbox equipment need not be bought, achievees the purpose that save cost.
In order to solve the above technical problems, technical solution provided by the invention is:
In a first aspect, the present invention provides a kind of adaptive private clound sandbox setting method, including:
Step S1 monitors the resource service condition of private clound by cloud resource monitoring programme, and detecting in the private clound is No available free resource, the cloud resource monitoring programme are established in the private clound, and multiple sandboxs are carried by Cloud Server;
Step S2 sends out the right quantity sandbox in the multiple sandbox of task start when the available free resource of the private clound, Sandbox after startup obtains task requests from sandbox adaptive platform, wherein sandbox adaptive platform setting is exclusive virtual In machine;
Step S3, according to the load capacity of cloud resource monitoring programme detection Cloud Server, when the private clound does not have Available free resource continues waiting for until available free resource;
Step S4, when the Cloud Server load be more than predetermined threshold value, hang up the sandbox, and record the sandbox Metadata finds the Cloud Server of available free resource, the sandbox is transferred on available free Cloud Server and is continued to run with;When The load of the Cloud Server is less than the predetermined threshold value, and the sandbox continues to run with.
Adaptive private clound sandbox setting method provided by the invention can be felt by being communicated with private clound administrative center The resource situation for knowing Cloud Server allows sandbox example number that can be adapted to private clound, possesses adaptive characteristic, and bottom compatibility It is good, special sandbox equipment need not be bought, achievees the purpose that save cost.
Further, further include:In the Cloud Server, finger daemon daemon is monitored to more by server resource A private clound platform management center authentication registration;
After obtaining certification, finger daemon is monitored by the server resource and reports server to provide to cloud resource monitoring center Source service condition.
Further, further include:According to the resource of the private clound, an appropriate number of sandbox is pre-established.
Further, further include:According to the resource service condition of the private clound, to it is described pre-establish it is an appropriate number of Sandbox is allocated processing:
When the resource of the private clound is nervous, certain inoperative shapes in an appropriate number of sandbox are pre-established described in closing The sandbox example of state, playback resource give the private clound;And/or
Certain sandbox examples in working condition in an appropriate number of sandbox are pre-established described in pause, and cloud resource is waited for fill Foot again continues to the work of the pause sandbox.
Further, the sandbox adaptive platform receives the task requests by restful API.
Further, the step S2 detects cloud service according to the task requests by the cloud resource monitoring programme The load capacity of device;It specifically includes:
According to the task requests, the sandbox adaptive platform updates task status, while updating the task and corresponding to The IP and Hostname of unique virtual machine;
After obtaining task requests, the sandbox starts dynamic operation, and scans the behavioural information for collecting sample to be detected;
After the completion of scanning, report is generated, is sent to the sandbox adaptive platform, the report reflects the test sample to be checked This behavioural information.
Further, in the sandbox adaptive platform, including 2 vector tables and 4 threads, wherein described 2 to Scale is respectively task dimension and sandbox virtual machine dimension, and 4 threads are worked in coordination work.
Further, 4 threads specifically include timer thread, and Web task interface threads distribute thread and harvesting Thread;
The timer thread is used for one global priority queue of Dynamic Maintenance, is stored according to priority in the queue The computing resource and storage resource situation at multiple private clound platform managements center;
The Web task interfaces thread is used to carry out priority setting to the task in the sandbox adaptive platform;
The thread that distributes is in the task and the private clound in sandbox adaptive platform described in periodic scan Idling-resource;
The harvesting thread is for the task in sandbox adaptive platform described in periodic scan.
Second aspect, the present invention provide a kind of adaptive private clound sandbox setting equipment, including:At least one processing Device, at least one processor and the computer program instructions being stored in the memory, when the computer program instructions Method as described in relation to the first aspect is realized when being executed by the processor.
The third aspect, the present invention provide a kind of computer readable storage medium, are stored thereon with computer program instructions, when Method as described in relation to the first aspect is realized when the computer program instructions are executed by processor.
Adaptive private clound sandbox setting method, equipment and medium provided by the invention are compared with prior art, beneficial Effect is:
By being communicated with private clound administrative center, the resource situation of Cloud Server can be perceived, sandbox example number can be fitted With private clound, possess adaptive characteristic, and bottom good compatibility, special sandbox equipment need not be bought, reach saving cost Purpose.
Description of the drawings
It, below will be to specific in order to illustrate more clearly of the specific embodiment of the invention or technical solution in the prior art Embodiment or attached drawing needed to be used in the description of the prior art are briefly described.
Fig. 1 shows a kind of flow chart for adaptive private clound sandbox setting method that the embodiment of the present invention is provided;
A kind of sandbox of the adaptive private clound sandbox setting method provided Fig. 2 shows the embodiment of the present invention is adaptive Management platform and private clound is answered to interact schematic diagram;
Fig. 3 shows a kind of sandbox signal for adaptive private clound sandbox setting method that the embodiment of the present invention is provided Figure;
Fig. 4 shows a kind of hardware configuration for adaptive private clound sandbox setting equipment that the embodiment of the present invention is provided Schematic diagram.
Specific implementation mode
The embodiment of technical solution of the present invention is described in detail below in conjunction with attached drawing.Following embodiment is only used for Clearly illustrate technical scheme of the present invention, therefore be intended only as example, and the protection of the present invention cannot be limited with this Range.
Embodiment one
In a first aspect, referring to Fig. 1, the present invention provides a kind of adaptive private clound sandbox setting method, including:
Step S1 monitors the resource service condition of private clound by cloud resource monitoring programme, and detecting in the private clound is No available free resource, the cloud resource monitoring programme are established in the private clound, and multiple sandboxs are carried by Cloud Server;
Step S2 sends out the right quantity sandbox in the multiple sandbox of task start when the available free resource of the private clound, Sandbox after startup obtains task requests from sandbox adaptive platform, wherein sandbox adaptive platform setting is exclusive virtual In machine;
Step S3 detects the load capacity of Cloud Server according to the cloud resource monitoring programme, when the private clound does not have Idling-resource continues waiting for until available free resource;
Step S4, when the Cloud Server load be more than predetermined threshold value, hang up the sandbox, and record the sandbox Metadata, wherein metadata refer to memory and CMOS of sandbox etc., and metadata (Metadata), also known as broker data relay data, To describe the data (data about data) of data, the information of data attribute (property) is mainly described, for supporting Such as indicate storage location, historical data.The sandbox is transferred to available free cloud by the Cloud Server for finding available free resource It is continued to run on server;When the load of the Cloud Server is less than the predetermined threshold value, the sandbox continues to run with.
Adaptive private clound sandbox setting method provided by the invention, simply and efficiently solve sandbox make full use of it is privately owned The elasticity capacity problem of cloud, the unpractical disadvantage that can not be combined with private clound with the traditional sandbox solved under private clound.It is logical It crosses and private clound administrative center communicates, the resource situation of Cloud Server can be perceived, allow sandbox example number that can be adapted to private clound, gather around There are adaptive characteristic, and bottom good compatibility, client to run sandbox by using the private clound of itself, need not buy special Sandbox equipment, achieve the purpose that save cost.
Preferably, adaptive private clound sandbox setting method provided by the invention, bottom good compatibility can support mainstream Virtualization technology such as KVM, VMWARE, LXC etc..
Referring to Fig. 2, it is preferable that further include:In the Cloud Server, finger daemon is monitored by server resource Daemon is to multiple private clound platform managements center authentication registration;
After obtaining certification, finger daemon is monitored by the server resource and reports server to provide to cloud resource monitoring center Source service condition.
Wherein, the resource service condition of private clound includes the computing resource and storage resource situation of private clound, or Cpu resource utilizations information and memory usage.
It is highly preferred that if private clound it is resourceful, more sandbox examples can be maintained, subsequently have in this way appoint When business, it can be sent directly into sandbox, avoid starting and closed the sandbox required time.If the resource of private clound is tight , then adaptive platform moderately can reduce inactive sandbox example according to current task number and resource.The more moneys of release Operation system is given in source.It can ensure that the resource of entire cloud makes full use of in this way.
Preferably, further include:According to the resource of the private clound, an appropriate number of sandbox is pre-established.
By above-mentioned setting, an appropriate number of sandbox can be set, to ensure the reasonable utilization of privately owned cloud resource.
Preferably, further include:According to the resource service condition of the private clound, an appropriate number of sand is pre-established to described Case is allocated processing:
When the resource of the private clound is nervous, certain inoperative shapes in an appropriate number of sandbox are pre-established described in closing The sandbox example of state, playback resource give the private clound;And/or
Certain sandbox examples in working condition in an appropriate number of sandbox are pre-established described in pause, and cloud resource is waited for fill Foot again continues to the work of the pause sandbox.
When detecting the resource anxiety of private clound, it can be based on pre-establishing an appropriate number of sandbox example, wait for Purposeful software needs to analyze.If adaptive platform finds that resource is nervous in cloud, can carry out following handle:It closes The sandbox example of off working state deletes sandbox, and playback resource is to private clound, so that other cloud resources user uses.Or Suspend some in the sandbox example of working condition, suspend sandbox, waits for cloud resource sufficient, again continue to the work of the sandbox.
Preferably, the sandbox adaptive platform receives the task requests by restful API.
In addition, can also pass through restful API Access software to be scanned and revocation task.
Preferably, the step S2 detects Cloud Server according to the task requests by the cloud resource monitoring programme Load capacity;It specifically includes:
According to the task requests, the sandbox adaptive platform update task status is SCANNING, while updating institute The task of stating corresponds to the information such as the IP and hostname of unique virtual machine, and hostname is used to show and be arranged the host name of system Claim;
After obtaining task requests, the sandbox starts dynamic operation, and scans the behavioural information for collecting sample to be detected;
After the completion of scanning, report is generated, the sandbox adaptive platform is sent to, sandbox adaptive platform update at this time should Task is REPORT;The report reflects the behavioural information of the sample to be detected.
Wherein, the behavioural information of sample to be detected refers to the behavioural information on Cloud Server, is specifically used for detection Cloud Server Load capacity.
Specifically, referring to Fig. 3, sandbox shown in figure includes sandbox 1, and 3,3 sandboxs of sandbox 2 and sandbox can be from sandbox certainly It adapts to obtain task in management platform, when having task in sandbox adaptive management platform, mission bit stream is sent to sandbox, it is husky The behavioural information of sample to be detected is collected in case scanning, is generated behavior report messages, is sent to sandbox adaptive platform.
Further, if cancelling task, task is executing, and the task is removed at adaptive center from vector table, simultaneously Destroy the corresponding sandbox for being carrying out the task.Otherwise directly remove the task.
Preferably, in the sandbox adaptive platform, including 2 vector tables and 4 threads, wherein 2 vectors Table is respectively task dimension and sandbox virtual machine dimension, and 4 threads are worked in coordination work.
Wherein, 2 vector tables are specially:
Preferably, 4 threads specifically include timer thread, and Web task interface threads distribute thread and harvesting line Journey;
The timer thread is used for one global priority queue of Dynamic Maintenance, is stored according to priority in the queue (cpu resource utilizations information and memory use the computing resource and storage resource situation at multiple private clound platform managements center Rate);Its cpu and memory source threshold value are configurable, and cloud platform administrative center is configurable.Only idleness is more than just putting for threshold value Enqueue.When needing to create sandbox virtual machine, the scheduler communications corresponding with it of an element are taken out in queue Such as the nova-scheduler of openstack, start unique virtual machine.
The Web task interfaces thread is used to carry out priority setting to the task in the sandbox adaptive platform;Tool Body, task can assign priority, and task is also organized into a priority query in inside, be stored by the priority of task. Acquiescence does not assign priority, then being defaulted as 0.
The thread that distributes is in the task and the private clound in sandbox adaptive platform described in periodic scan Idling-resource;Specifically, scan task queue after thread cycle locks is distributed, if there is task, is taken out, unlock.Scanning money Source queue obtains most idle calculating center, sends out task start sandbox.Task status is PENDING. if not provided, sleep is arrived Period starts.
The harvesting thread is for the task in sandbox adaptive platform described in periodic scan.Specifically, thread is gathered in The task of periodic scan SCANNING types destroys corresponding unique virtual machine, task team is added in task again if overtime Row mainly prevent sandbox abnormal.
Second aspect, the present invention provide a kind of adaptive private clound sandbox setting equipment, including:At least one processing Device, at least one processor and the computer program instructions being stored in the memory, when the computer program instructions Method as described in relation to the first aspect is realized when being executed by the processor.
It can in conjunction with the non-local mean denoising method of the compacting seismic data random noise of Fig. 4 embodiment of the present invention described To be realized by adaptive private clound sandbox setting equipment.Fig. 4 shows provided in an embodiment of the present invention adaptive privately owned The hardware architecture diagram of equipment is arranged in cloud sandbox.
Adaptive private clound sandbox setting equipment may include processor 401 and be stored with computer program instructions Memory 402.
Specifically, above-mentioned processor 401 may include central processing unit (CPU) or specific integrated circuit (Application Specific Integrated Circuit, ASIC), or may be configured to implement implementation of the present invention One or more integrated circuits of example.
Memory 402 may include the mass storage for data or instruction.For example unrestricted, memory 402 may include hard disk drive (Hard Disk Drive, HDD), floppy disk, flash memory, CD, magneto-optic disk, tape or logical With the combination of universal serial bus (Universal Serial Bus, USB) driver or two or more the above.It is closing In the case of suitable, memory 402 may include the medium of removable or non-removable (or fixed).In a suitable case, it stores Device 402 can be inside or outside data processing equipment.In a particular embodiment, memory 402 is nonvolatile solid state storage Device.In a particular embodiment, memory 402 includes read-only memory (ROM).In a suitable case, which can be mask The ROM of programming, programming ROM (PROM), erasable PROM (EPROM), electric erasable PROM (EEPROM), electrically-alterable ROM (EAROM) or the combination of flash memory or two or more the above.
Processor 401 is by reading and executing the computer program instructions stored in memory 402, to realize above-mentioned implementation Any one adaptive private clound sandbox setting method in example.
In one example, adaptive private clound sandbox setting equipment may also include communication interface 403 and bus 410. Wherein, as shown in figure 4, processor 401, memory 402, communication interface 403 are connected by bus 410 and complete mutual lead to Letter.
Communication interface 403 is mainly used for realizing in the embodiment of the present invention between each module, device, unit and/or equipment Communication.
Bus 410 includes hardware, software or both, and the component that adaptive private clound sandbox is arranged to equipment is coupled to each other Together.For example unrestricted, bus may include accelerated graphics port (AGP) or other graphics bus, enhancing industry mark Quasi- framework (EISA) bus, front side bus (FSB), super transmission (HT) interconnection, Industry Standard Architecture (ISA) bus, infinite bandwidth Interconnection, low pin count (LPC) bus, memory bus, micro- channel architecture (MCA) bus, peripheral component interconnection (PCI) bus, PCI-Express (PCI-X) bus, Serial Advanced Technology Attachment (SATA) bus, Video Electronics Standards Association part (VLB) are total The combination of line or other suitable buses or two or more the above.In a suitable case, bus 410 may include One or more buses.Although specific bus has been described and illustrated in the embodiment of the present invention, the present invention considers any suitable Bus or interconnection.
The third aspect, in conjunction with the adaptive private clound sandbox setting method in above-described embodiment, the embodiment of the present invention can A kind of computer readable storage medium is provided to realize.It is stored with computer program instructions on the computer readable storage medium; The computer program instructions realize that any one adaptive private clound sandbox in above-described embodiment is set when being executed by processor Set method.
It should be clear that the invention is not limited in specific configuration described above and shown in figure and processing. For brevity, it is omitted here the detailed description to known method.In the above-described embodiments, several tools have been described and illustrated The step of body, is as example.But procedure of the invention is not limited to described and illustrated specific steps, this field Technical staff can be variously modified, modification and addition after the spirit for understanding the present invention, or suitable between changing the step Sequence.
Functional block shown in structures described above block diagram can be implemented as hardware, software, firmware or their group It closes.When realizing in hardware, it may, for example, be electronic circuit, application-specific integrated circuit (ASIC), firmware appropriate, insert Part, function card etc..When being realized with software mode, element of the invention is used to execute program or the generation of required task Code section.Either code segment can be stored in machine readable media program or the data-signal by being carried in carrier wave is passing Defeated medium or communication links are sent." machine readable media " may include any medium for capableing of storage or transmission information. The example of machine readable media includes electronic circuit, semiconductor memory devices, ROM, flash memory, erasable ROM (EROM), soft Disk, CD-ROM, CD, hard disk, fiber medium, radio frequency (RF) link, etc..Code segment can be via such as internet, inline The computer network of net etc. is downloaded.
It should also be noted that, the exemplary embodiment referred in the present invention, is retouched based on a series of step or device State certain methods or system.But the present invention is not limited to the sequence of above-mentioned steps, that is to say, that can be according in embodiment The sequence referred to executes step, may also be distinct from that the sequence in embodiment or several steps are performed simultaneously.
Adaptive private clound sandbox setting method, equipment and medium provided by the invention are compared with prior art, beneficial Effect is:
By being communicated with private clound administrative center, the resource situation of Cloud Server can be perceived, sandbox example number can be fitted With private clound, possess adaptive characteristic, and bottom good compatibility, special sandbox equipment need not be bought, reach saving cost Purpose.
Finally it should be noted that:The above embodiments are only used to illustrate the technical solution of the present invention., rather than its limitations;To the greatest extent Present invention has been described in detail with reference to the aforementioned embodiments for pipe, it will be understood by those of ordinary skill in the art that:Its according to So can with technical scheme described in the above embodiments is modified, either to which part or all technical features into Row equivalent replacement;And these modifications or replacements, various embodiments of the present invention technology that it does not separate the essence of the corresponding technical solution The range of scheme should all cover in the claim of the present invention and the range of specification.

Claims (10)

1. a kind of adaptive private clound sandbox setting method, which is characterized in that including:
Step S1 monitors the resource service condition of private clound by cloud resource monitoring programme, and whether detect in the private clound has Idling-resource, the cloud resource monitoring programme are established in the private clound, and multiple sandboxs are carried by Cloud Server;
Step S2 sends out the right quantity sandbox in the multiple sandbox of task start when the available free resource of the private clound, starts Sandbox afterwards obtains task requests from sandbox adaptive platform, wherein the sandbox adaptive platform is arranged in unique virtual machine In;
Step S3 detects the load capacity of Cloud Server according to the cloud resource monitoring programme, when the private clound is without the free time Resource continues waiting for until available free resource;
Step S4, when the Cloud Server load be more than predetermined threshold value, hang up the sandbox, and record first number of the sandbox According to finding the Cloud Server of available free resource, the sandbox be transferred on available free Cloud Server and continued to run with;When described The load of Cloud Server is less than the predetermined threshold value, and the sandbox continues to run with.
2. according to the method described in claim 1, it is characterized in that,
Further include:In the Cloud Server, finger daemon daemon is monitored to private clound platform management by server resource Center authentication registration;
After obtaining certification, finger daemon is monitored by the server resource and reports server resource to make to cloud resource monitoring center Use situation.
3. according to the method described in claim 1, it is characterized in that,
Further include:According to the resource of the private clound, an appropriate number of sandbox is pre-established.
4. according to the method described in claim 3, it is characterized in that,
Further include:According to the resource service condition of the private clound, pre-establishes an appropriate number of sandbox to described and be allocated Processing:
When the resource of the private clound is nervous, certain off working states in an appropriate number of sandbox are pre-established described in closing Sandbox example, playback resource give the private clound;And/or
Certain sandbox examples in working condition in an appropriate number of sandbox are pre-established described in pause, wait for cloud resource sufficient, Again continue to the work of the pause sandbox.
5. according to the method described in claim 1, it is characterized in that,
The sandbox adaptive platform receives the task requests by restful API.
6. according to the method described in claim 1, it is characterized in that,
The step S2 detects the load capacity of Cloud Server by the cloud resource monitoring programme according to the task requests; It specifically includes:
According to the task requests, the sandbox adaptive platform updates task status, at the same update the task correspond to it is exclusive The IP and Hostname of virtual machine;
After obtaining task requests, the sandbox starts dynamic operation, and scans the behavioural information for collecting sample to be detected;
After the completion of scanning, report is generated, is sent to the sandbox adaptive platform, the report reflects the sample to be detected Behavioural information.
7. according to the method described in claim 1, it is characterized in that,
In the sandbox adaptive platform, including 2 vector tables and 4 threads, wherein 2 vector tables are respectively task Dimension and sandbox virtual machine dimension, 4 threads are worked in coordination work.
8. the method according to the description of claim 7 is characterized in that
4 threads specifically include timer thread, and Web task interface threads distribute thread and harvesting thread;
The timer thread is used for one global priority queue of Dynamic Maintenance, multiple according to priority storage in the queue The computing resource and storage resource situation at private clound platform management center;
The Web task interfaces thread is used to carry out priority setting to the task in the sandbox adaptive platform;
The thread that distributes is for the free time in the task and the private clound in sandbox adaptive platform described in periodic scan Resource;
The harvesting thread is for the task in sandbox adaptive platform described in periodic scan.
9. equipment is arranged in a kind of adaptive private clound sandbox, which is characterized in that including:It is at least one processor, at least one Memory and the computer program instructions being stored in the memory, when the computer program instructions are by the processor The method as described in any one of claim 1-8 is realized when execution.
10. a kind of computer readable storage medium, is stored thereon with computer program instructions, which is characterized in that when the calculating The method as described in any one of claim 1-8 is realized when machine program instruction is executed by processor.
CN201810106489.9A 2018-02-02 2018-02-02 Adaptive private clound sandbox setting method, equipment and medium Pending CN108377263A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810106489.9A CN108377263A (en) 2018-02-02 2018-02-02 Adaptive private clound sandbox setting method, equipment and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810106489.9A CN108377263A (en) 2018-02-02 2018-02-02 Adaptive private clound sandbox setting method, equipment and medium

Publications (1)

Publication Number Publication Date
CN108377263A true CN108377263A (en) 2018-08-07

Family

ID=63017195

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810106489.9A Pending CN108377263A (en) 2018-02-02 2018-02-02 Adaptive private clound sandbox setting method, equipment and medium

Country Status (1)

Country Link
CN (1) CN108377263A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109710392A (en) * 2018-12-21 2019-05-03 万达信息股份有限公司 A kind of heterogeneous resource dispatching method based on mixed cloud
CN109815007A (en) * 2018-12-15 2019-05-28 平安科技(深圳)有限公司 Thread control method, device, electronic equipment and storage medium based on cloud monitoring
CN111339529A (en) * 2020-03-13 2020-06-26 杭州指令集智能科技有限公司 Management framework and method for low-code business orchestration component operation, computing device and medium
CN112199188A (en) * 2019-07-08 2021-01-08 富士通株式会社 Non-transitory computer-readable recording medium, method and apparatus for information processing
CN113238870A (en) * 2021-05-31 2021-08-10 山东中科好靓科技有限公司 Calculation capacity recycling algorithm based on multi-node storage device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104010028A (en) * 2014-05-04 2014-08-27 华南理工大学 Dynamic virtual resource management strategy method for performance weighting under cloud platform
CN104104679A (en) * 2014-07-18 2014-10-15 四川中亚联邦科技有限公司 Data processing method based on private cloud
US20150067171A1 (en) * 2013-08-30 2015-03-05 Verizon Patent And Licensing Inc. Cloud service brokering systems and methods
CN106713332A (en) * 2016-12-30 2017-05-24 山石网科通信技术有限公司 Network data processing method, device and system
CN107171894A (en) * 2017-06-15 2017-09-15 北京奇虎科技有限公司 The method of terminal device, distributed high in the clouds detecting system and pattern detection

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150067171A1 (en) * 2013-08-30 2015-03-05 Verizon Patent And Licensing Inc. Cloud service brokering systems and methods
CN104010028A (en) * 2014-05-04 2014-08-27 华南理工大学 Dynamic virtual resource management strategy method for performance weighting under cloud platform
CN104104679A (en) * 2014-07-18 2014-10-15 四川中亚联邦科技有限公司 Data processing method based on private cloud
CN106713332A (en) * 2016-12-30 2017-05-24 山石网科通信技术有限公司 Network data processing method, device and system
CN107171894A (en) * 2017-06-15 2017-09-15 北京奇虎科技有限公司 The method of terminal device, distributed high in the clouds detecting system and pattern detection

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109815007A (en) * 2018-12-15 2019-05-28 平安科技(深圳)有限公司 Thread control method, device, electronic equipment and storage medium based on cloud monitoring
CN109710392A (en) * 2018-12-21 2019-05-03 万达信息股份有限公司 A kind of heterogeneous resource dispatching method based on mixed cloud
CN109710392B (en) * 2018-12-21 2023-08-01 万达信息股份有限公司 Heterogeneous resource scheduling method based on hybrid cloud
CN112199188A (en) * 2019-07-08 2021-01-08 富士通株式会社 Non-transitory computer-readable recording medium, method and apparatus for information processing
CN111339529A (en) * 2020-03-13 2020-06-26 杭州指令集智能科技有限公司 Management framework and method for low-code business orchestration component operation, computing device and medium
CN113238870A (en) * 2021-05-31 2021-08-10 山东中科好靓科技有限公司 Calculation capacity recycling algorithm based on multi-node storage device

Similar Documents

Publication Publication Date Title
CN108377263A (en) Adaptive private clound sandbox setting method, equipment and medium
US9813377B2 (en) Dynamic provisioning of protection software in a host intrusion prevention system
US9386044B2 (en) Correlation based security risk identification
US8453204B2 (en) Method and system for regulating host security configuration
US7979863B2 (en) Method and apparatus for dynamic CPU resource management
CN108039964B (en) Fault processing method, device and system based on network function virtualization
US8863276B2 (en) Automated role adjustment in a computer system
CN102254120B (en) Method, system and relevant device for detecting malicious codes
US20160021131A1 (en) Identifying stealth packets in network communications through use of packet headers
US20110179489A1 (en) Host intrusion prevention server
IL182013A (en) Method and device for questioning a plurality of computerized devices
CN104392175A (en) System and method and device for processing cloud application attack behaviors in cloud computing system
US20130254524A1 (en) Automated configuration change authorization
JP6717206B2 (en) Anti-malware device, anti-malware system, anti-malware method, and anti-malware program
CN111917769A (en) Automatic handling method and device of security event and electronic equipment
US10445213B2 (en) Non-transitory computer-readable storage medium, evaluation method, and evaluation device
CN107704313A (en) A kind of virtual machine management method and its device
CA2939610C (en) Methods and systems for regulating host security configuration
US20240152609A1 (en) Event-driven monitoring of resources in a cloud computing environment
CN118044155A (en) Transparency of information collected from tenant containers
CN111984363A (en) WAF management method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20180807