CN111786946B - Mimicry cloud service heterogeneous execution body scheduling method and device - Google Patents

Mimicry cloud service heterogeneous execution body scheduling method and device Download PDF

Info

Publication number
CN111786946B
CN111786946B CN202010418351.XA CN202010418351A CN111786946B CN 111786946 B CN111786946 B CN 111786946B CN 202010418351 A CN202010418351 A CN 202010418351A CN 111786946 B CN111786946 B CN 111786946B
Authority
CN
China
Prior art keywords
heterogeneous
executives
executive
clustered
class
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010418351.XA
Other languages
Chinese (zh)
Other versions
CN111786946A (en
Inventor
冯东煜
钟晓睿
焦秀珍
李华
王鹏达
王玉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Diankeyun Beijing Technology Co ltd
China Academy of Electronic and Information Technology of CETC
Original Assignee
Diankeyun Beijing Technology Co ltd
China Academy of Electronic and Information Technology of CETC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Diankeyun Beijing Technology Co ltd, China Academy of Electronic and Information Technology of CETC filed Critical Diankeyun Beijing Technology Co ltd
Priority to CN202010418351.XA priority Critical patent/CN111786946B/en
Publication of CN111786946A publication Critical patent/CN111786946A/en
Application granted granted Critical
Publication of CN111786946B publication Critical patent/CN111786946B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/23Clustering techniques
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • H04L67/1004Server selection for load balancing

Landscapes

  • Engineering & Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Evolutionary Computation (AREA)
  • Physics & Mathematics (AREA)
  • Evolutionary Biology (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Artificial Intelligence (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention provides a method and a device for scheduling a mimicry cloud service heterogeneous executive, wherein the method comprises the following steps: clustering heterogeneous executives to be clustered based on the heterogeneous degrees of the heterogeneous executives so as to divide the heterogeneous executives in a heterogeneous executives pool into a plurality of classes and obtain a set of the classes; selecting a corresponding number of classes from the set of the multiple classes according to a preset heterogeneous executive redundancy number; for each selected class, determining the performance weight of each isomorphic executive based on the performance index of each isomorphic executive in the class; and selecting the heterogeneous executives as equivalent heterogeneous executives according to the performance weights of the heterogeneous executives by using a consistent hash algorithm, and constructing an equivalent heterogeneous executives set used for scheduling. The invention realizes the heterogeneous maximization of the distribution management process, thereby increasing the attack difficulty, reducing the attack success probability and improving the system security.

Description

Mimicry cloud service heterogeneous execution body scheduling method and device
Technical Field
The invention relates to the technical field of cloud service systems, in particular to a method and a device for scheduling a mimicry cloud service heterogeneous executive.
Background
With the increase of security vulnerabilities and the frequent explosion of high-risk vulnerabilities, security problems faced by cloud service systems are becoming more serious, and the security of cloud service executives has become a focus problem in the network space security field. The mimicry defense is a new idea for transforming a network security pattern, and a cloud service execution body based on the mimicry defense realizes the intrusion tolerance aiming at specific system bugs or backdoors by constructing a dynamic heterogeneous redundant system architecture and an operation mechanism. In the cloud service system based on the mimicry defense, a redundancy controller receives external control parameters, generates a redundancy scheduling strategy and a result arbitration strategy, and respectively sends the redundancy scheduling strategy and the result arbitration strategy to an input agent and an output agent, the input agent selects a corresponding function equivalent heterogeneous executive body to respond to an external service request according to the received redundancy scheduling strategy, the function equivalent heterogeneous executive body sends results to the output agent, the output agent judges each result according to the result arbitration strategy generated by the redundancy controller, and finally one path is selected as response output.
The heterogeneous executive body is used as a functional main body of the cloud service system for responding to the external service request, and the effective scheduling of the heterogeneous executive body is the key for constructing the dynamic redundancy heterogeneous structure. The existing scheduling strategy considers equivalent heterogeneous executors in a heterogeneous redundant pool as independent individuals, does not consider the similarity between the heterogeneous executors, and has a single scheduling algorithm. Based on the existing scheduling strategy, the possibility of a leak or defect intersection existing between heterogeneous executors with small heterogeneous degree is high, and the overall service performance of the mimicry cloud service system is limited.
Based on this, how to construct an optimal heterogeneous executable combination is a problem which needs to be solved urgently at present.
Disclosure of Invention
In view of this, embodiments of the present invention provide a method and an apparatus for scheduling a pseudo cloud service heterogeneous executive based on clustering and consistent hash, so as to eliminate or improve one or more defects in the prior art.
The technical scheme of the invention is as follows:
a mimicry cloud service heterogeneous executive scheduling method comprises the following steps:
clustering the heterogeneous executives to be clustered based on the heterogeneous degrees of the heterogeneous executives so as to divide the heterogeneous executives in the heterogeneous executives pool into a plurality of classes and obtain a set of the classes;
selecting a corresponding number of classes from the set of the multiple classes according to a preset heterogeneous executive body redundancy number;
for each selected class, determining the performance weight of each isomorphic executive based on the performance index of each isomorphic executive in the class;
and selecting the heterogeneous executives as equivalent heterogeneous executives according to the performance weights of the heterogeneous executives by using a consistent hash algorithm to construct an equivalent heterogeneous executant set used for scheduling.
Optionally, the clustering the heterogeneous executives to be clustered based on the heterogeneity of the heterogeneous executives includes: initially determining a clustering center heterogeneous executive body, and calculating the heterogeneous degrees of the component elements of the heterogeneous executive body to be clustered and the determined clustering center heterogeneous executive body; calculating the isomerism indexes of the heterogeneous executives to be clustered and the clustering center heterogeneous executives based on the isomerism degrees of the component elements; and taking the calculated isomerism degree index as the distance between the heterogeneous executive bodies to be clustered and the clustering center heterogeneous executive body, and determining the class to which the heterogeneous executive bodies to be clustered belong based on the calculated distance and a preset distance threshold value, so that the distance from the heterogeneous executive bodies to be clustered to the clustering center heterogeneous executive bodies of the class to which the heterogeneous executive bodies to be clustered belong does not exceed the distance threshold value.
Optionally, the method further comprises the steps of: and when the distance between the heterogeneous executive body to be clustered and the determined clustering center heterogeneous executive body exceeds the distance threshold value, taking the heterogeneous executive body to be clustered as a clustering center heterogeneous executive body of a new class.
Optionally, in a case that distances from the heterogeneous executive to be clustered to the plurality of determined cluster center heterogeneous executives do not exceed the distance threshold, clustering the heterogeneous executive to be clustered to a class to which a cluster center heterogeneous executive closest to the cluster center heterogeneous executives in the plurality of determined cluster center heterogeneous executives belongs.
Optionally, the step of calculating the degrees of isomerism of the components of the heterogeneous executables to be clustered and the corresponding components of the determined cluster center heterogeneous executables includes: calculating the isomerism degree of the composition elements of the heterogeneous executive bodies to be clustered and the determined homogeneous composition elements of the heterogeneous executive bodies of the clustering centers by adopting XOR operation; the step of calculating the isomerism index between the heterogeneous executive to be clustered and the cluster center heterogeneous executive based on the isomerism degree comprises the following steps: and taking the weighted sum of the isomerism of the component elements as the isomerism index of the heterogeneous executive body to be clustered and the heterogeneous executive body of the clustering center.
Optionally, the constituent elements of the heterogeneous executables include at least one of: CPU, operating system, web server and database.
Optionally, the determining the performance weight of each heterogeneous executive based on the performance index of each heterogeneous executive in the class includes: and determining a performance index based on a plurality of hardware state indexes of each heterogeneous executive body, and determining the performance weight of each heterogeneous executive body based on the ratio of the performance index of each heterogeneous executive body to the sum of the performance indexes of all heterogeneous executive bodies in the class.
Optionally, the selecting, by using a consistent hash algorithm, a heterogeneous executable as an equivalent heterogeneous executable according to the performance weight of each heterogeneous executable includes: dividing the [0,1] interval into a plurality of subintervals according to the performance weight of each heterogeneous executive in the class, wherein each heterogeneous executive corresponds to one subinterval; and constructing a hash function based on the request of the client, mapping the request to the divided subintervals, and selecting an equivalent heterogeneous executive body from the current class based on the mapping result.
Optionally, the dividing the [0,1] interval into a plurality of sub-intervals according to the performance weight of each heterogeneous executor in the class, where each heterogeneous executor corresponds to one sub-interval, includes: and dividing the subinterval corresponding to each heterogeneous executive body according to the number sequence of the heterogeneous executive bodies, wherein the width of each subinterval is the performance weight of the corresponding heterogeneous executive body.
In another aspect of the present invention, there is also provided a pseudo cloud service heterogeneous executive scheduling apparatus, which includes a processor and a memory, where the memory stores computer instructions, and the processor is configured to execute the computer instructions stored in the memory, and when the computer instructions are executed by the processor, the apparatus implements the steps of the method as described above.
In another aspect of the present invention, a computer-readable storage medium is also provided, on which a computer program is stored, which computer program, when being executed by a processor, carries out the steps of the method as set forth above.
The mimicry cloud service heterogeneous executive body scheduling method and device provided by the invention have the advantages that the clustering algorithm is introduced, the heterogeneous maximization of the distribution management process is realized, the component composition of the executive body is uncertain, the dependency of the attack on a platform and the environment is destroyed, and the problem of heterogeneous deficiency caused by 'homology' can be solved, so that the attack difficulty is increased, the attack success probability is reduced, the threat caused by known and unknown bugs is defended, and the system safety and the overall service performance can be obviously improved.
Additional advantages, objects, and features of the invention will be set forth in part in the description which follows and in part will become apparent to those having ordinary skill in the art upon examination of the following or may be learned from practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
It will be appreciated by those skilled in the art that the objects and advantages that can be achieved with the present invention are not limited to the specific details set forth above, and that these and other objects that can be achieved with the present invention will be more clearly understood from the detailed description that follows.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the principle of the invention.
Fig. 1 is a process diagram of a pseudo cloud service heterogeneous executor scheduling method according to an embodiment of the present invention.
Fig. 2 is a schematic flow chart of a clustering algorithm of heterogeneous executors in the embodiment of the present invention.
Fig. 3 is a schematic flow chart illustrating the process of allocating heterogeneous executives to the nearest class in fig. 2.
Fig. 4 is a diagram illustrating an equivalent heterogeneous execution set constructed from clustering results based on a consistent hash intra-class load balancing mechanism in the embodiment of the present invention.
Fig. 5 is a schematic diagram of an ICLB algorithm based on consistent hash according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail with reference to the following embodiments and accompanying drawings. The exemplary embodiments and descriptions of the present invention are provided to explain the present invention, but not to limit the present invention.
It should be noted that, in order to avoid obscuring the present invention with unnecessary details, only the structures and/or processing steps closely related to the scheme according to the present invention are shown in the drawings, and other details not so relevant to the present invention are omitted.
It should be emphasized that the term "comprises/comprising" when used herein, is taken to specify the presence of stated features, elements, steps or components, but does not preclude the presence or addition of one or more other features, elements, steps or components.
The existing scheduling strategy considers equivalent heterogeneous executors in a heterogeneous redundant pool as independent individuals, does not consider the similarity between the heterogeneous executors, and has a single scheduling algorithm. In fact, due to functional equivalence, it is impossible to make complete differences between heterogeneous executors, and the differences between heterogeneous executors are also divided by the size, so that there is a high possibility of a leak or a defect intersection between several heterogeneous executors with small heterogeneity. Meanwhile, the heterogeneous executive body pool comprises a large number of heterogeneous executive bodies for the deployment of the software heterogeneous executive bodies, and the existing scheduling strategy is lack of a mechanism of balancing request load from the perspective of heterogeneous executive body performance, so that the whole service performance of the mimicry cloud service system is restricted.
Therefore, the invention provides a quasi-cloud service heterogeneous executive scheduling method based on clustering and consistent hash, the heterogeneous executives are clustered, the heterogeneous executives in each class are within a preset range, meanwhile, the heterogeneous executives are selected according to the performance weights of the heterogeneous executives through an intra-class load balancing mechanism of consistent hash, and an equivalent heterogeneous executives set is constructed to process external requests.
Fig. 1 is a schematic process diagram of a mimicry cloud service heterogeneous executor scheduling method based on clustering and consistent hash in an embodiment of the present invention. As shown in fig. 1, the method of the present invention includes two processes, namely clustering of heterogeneous executives and construction of an equivalent heterogeneous executor set from a clustering result based on a consistent hash intra-class load balancing mechanism, and realizes heterogeneous maximization of a distribution management process by introducing a clustering algorithm, increasing attack difficulty and reducing attack success probability; request loads are reasonably distributed according to the performance state of the heterogeneous executors by introducing a consistent hash method, so that the balanced distribution of the internal loads of the mimicry cloud service system is realized. These two processes are described in detail below, respectively.
Clustering of heterogeneous executives
As shown in fig. 2, when clustering heterogeneous executives, the process is as follows: firstly, inputting a set of heterogeneous executives to be clustered (step S200), and then initializing a clustering center (step S210), namely, selecting a heterogeneous executor from the set as a clustering center of a class, wherein the heterogeneous executor serving as the clustering center is called a clustering center heterogeneous executor; after the cluster center is initialized, clustering the heterogeneous executors that have not been clustered based on the heterogeneous degrees between other heterogeneous executors and the cluster center heterogeneous executors to divide the heterogeneous executors in the heterogeneous execution body pool into a plurality of classes (step S220), and obtaining a set of the plurality of classes, so that the heterogeneous degree of the heterogeneous executors in each class is within a preset range. In the embodiment of the present invention, the isomerism between heterogeneous executives may be expressed as a distance between isomers, and clustering is performed by allocating the heterogeneous executives to be clustered to a class in which a cluster center closest to the heterogeneous executives is located. If the distance from the heterogeneous executive to be clustered to the nearest cluster center exceeds the predetermined threshold, the heterogeneous executive to be clustered can be used as the cluster center of the new class, that is, one more cluster center is added (step S230). Clustering is performed for each heterogeneous executable until clustering is completed, and clustering results are output (steps S240 to S250).
Fig. 3 is a schematic diagram illustrating a specific implementation flow of step S220 in fig. 2, and as shown in fig. 3, the flow of allocating each heterogeneous executable to the closest class specifically includes the following steps:
step S221, calculating the isomerism degree of the composition elements of the heterogeneous executive bodies to be clustered and the determined clustering center heterogeneous executive bodies.
By way of example, a CPU, operating system, web server, database may be used as constituent elements to describe heterogeneous executives in a heterogeneous execution pool, which may be denoted as d i
d i =(C i ,O i ,W i ,D i )
Where C denotes a CPU, O denotes an operating system, W denotes a Web server, D denotes a database, and subscript i denotes a heterogeneous executable number.
In embodiments of the present invention, an exclusive OR operation may be introduced
Figure BDA0002495926690000051
To calculate the degree of isomerism of a component, the parameters m and n respectively represent the homologous components of two heterogeneous executions, if both are identical, w =0, and vice versa w =1.
Thus, any two heterogeneous executables d i And d j The degree of isomerism of each constituent element of (a) may be expressed as: w (C) i ,C j ),w(O i ,O j ),w(W i ,W j ),w(D i ,D j ). Based on the algorithm, the isomerism degree of the component elements of the heterogeneous executives to be clustered and the corresponding component elements of the determined clustering center heterogeneous executives can be calculated.
The CPU, the operating system, the Web server, and the database are used as the constituent elements of the heterogeneous executors in the above description, which are only examples, and more or less elements may be included.
Step S222, calculating the isomerism indexes of the heterogeneous executives to be clustered and the heterogeneous executives in the clustering center based on the isomerism.
The isomerization index can be defined as: two heterogeneous executives d i And d j The isomerism index of (2) is the weighted sum of the isomerism of the constituent elements and is denoted as r i j ,r i j Can satisfy the following conditions:
r ij =η C ·w(C i ,C j )+η O ·w(O i ,O j )+η W ·w(W i ,W j )+η D ·w(D i +D j );
wherein eta is C ,η O ,η w ,η D The weights of the components of the CPU, the operating system, the Web server, and the database are respectively expressed, and are numbers greater than 0 and less than 1.
The isomerization index may be used to indicate the isomerization of two heterogeneous executions.
The above expression of the isomerism index in the form of a weighted sum is merely an example, but the present invention is not limited thereto, and the isomerism indexes of two heterogeneous executions may be calculated by other expressions than the weighted sum based on the isomerism of the constituent elements and their weights.
Step S223, using the calculated isomerism index as a distance between the heterogeneous executives to be clustered and the clustering center heterogeneous executives, and determining a class to which the heterogeneous executives to be clustered belong based on the calculated distance and a preset distance threshold, so that the distance from the heterogeneous executives to be clustered to the clustering center heterogeneous executives of the class to which the heterogeneous executives to be clustered belong does not exceed the distance threshold.
More specifically, in the embodiment of the present invention, a distance between heterogeneous executions is defined, that is, an index of isomerism between two heterogeneous executions is used as the distance between two heterogeneous executions, that is, d i And d j A distance of r from each other ij
Based on the distance between the heterogeneous executives, the distance between the heterogeneous executives and the class is further defined: let a class of heterogeneous executives be S and its clustering center be d i In which d is i E.g., S, then another isomorphismExecutive d j Distance to class S is equal to heterogeneous executors d j To the cluster center d i A distance r of ij . The distance of the heterogeneous executables to a class may also be referred to as the distance of the class to the heterogeneous executables.
The clustering is aimed at making the distance from the heterogeneous executives in each class to the cluster center thereof not exceed a preset threshold, which may be called an intra-class distance threshold, i.e. the maximum distance from the allowed heterogeneous executives to the class. Calculating the distance r from the heterogeneous executer to the cluster center according to the definition of the distance from the heterogeneous executer to the class ij . And setting the intra-class distance threshold as T, and comparing the distance from the heterogeneous executive to be clustered to the clustering center of a selected class with the intra-class distance threshold T to judge the class to which the heterogeneous executive belongs. And in the case that the distance from the heterogeneous executive to be clustered to the selected class does not exceed the intra-class distance threshold T, classifying the heterogeneous executive to be clustered into the selected class. And in the case that the distance from the heterogeneous executive to be clustered to the selected class exceeds the intra-class distance threshold T, taking the heterogeneous executive to be clustered as the clustering center of a new class. Thus adding one more cluster.
If in step S210 of fig. 2, the heterogeneous executive group N is taken 0 ={d 1 ,...,d n Any one of the heterogeneous executions d i As class 1S 1 E.g. taking d as the center of the cluster 1 As class 1S 1 Of the center of (c). Then in steps S220-S230, each heterogeneous executable in the set of heterogeneous executables to be clustered is traversed and clustering is performed based on the distance of the heterogeneous executables to the class. E.g. from the next heterogeneous executable d 2 Initially, the next heterogeneous execution d is computed based on the definition of the distance of the heterogeneous execution to the class 2 To d 1 Of the distance of (c). If the distance value is less than or equal to the intra-class distance threshold T, d is added 2 Fall into class S 1 Performing the following steps; otherwise, d is 2 As new class S 2 The cluster center of (2).
Thus, after classifying multiple heterogeneous executives, there may be multiple classes and corresponding cluster centers. In the presence of a plurality of (e.g. k) cluster centersIn the case of (1), when the unclassified heterogeneous executives are classified in step S223, the unclassified heterogeneous executives d may be calculated i Minimum distances to k cluster centers, if the minimum distance is greater than the intra-class distance threshold T, the heterogeneous implementation d i As new class S k+1 The center of (a); otherwise, the heterogeneous executive is allocated to the class closest to the heterogeneous executive among the k classes, i.e. the class with the minimum distance to the heterogeneous executive.
The above process is repeated until all the heterogeneous executables are classified into various classes, and thus the clustering of the heterogeneous executables is completed. Assuming heterogeneous execution set N after clustering is completed 0 ={d 1 ,...,d n Is divided into a set of g classes C = { S = 1 ,...,S g }。
As described above, the clustering method is only an example, the present invention is not limited thereto, and other clustering processes may be used to cluster the heterogeneous executors, as long as the heterogeneous executors with small heterogeneous degrees are classified into one class as much as possible, or the distance between the heterogeneous executors in the same class does not exceed the distance threshold.
(II) consistent hash-based intra-class load balancing mechanism
The process is based on a consistent hash intra-class load balancing mechanism to construct an equivalent heterogeneous execution body set from clustering results.
As shown in fig. 3, the process includes the steps of:
step S410, selecting a corresponding number of classes from the set of multiple classes according to the preset heterogeneous executable redundancy number.
The heterogeneous executives are collected in the clustering algorithm N 0 ={d 1 ,...,d n Divide into a set of g classes C = { S = 1 ,...,S g Then, in this step, a corresponding number of classes may be selected from the set C according to the redundancy number of the heterogeneous executors set by the mimicry environment redundancy controller, for example, the same number of classes as the redundancy number may be randomly selected.
After selecting the same number of classes as the redundancy number, further, one heterogeneous execution needs to be selected from each class to construct an equivalent heterogeneous execution set for being scheduled to process external requests. By selecting heterogeneous executives from different classes to construct an equivalent heterogeneous executives set, the heterogeneous structure of a distribution management process can be maximized, the component composition of the executives presents uncertainty, the dependency of attacks on a platform and the environment is destroyed, and the problem of insufficient heterogeneous property caused by 'homologous' can be solved, so that the attack difficulty is increased, and the attack success probability is reduced.
How to reasonably select the heterogeneous executives in the class to construct an equivalent heterogeneous executives set is a problem related to further improving the service performance of the system. Therefore, the embodiment of the invention provides an intra-class load balancing algorithm (ICLB: load balance in class) based on consistent hash (hash), the algorithm firstly calculates performance weight according to the performance index of the heterogeneous executives, and then selects the heterogeneous executives as equivalent heterogeneous executives according to the weight based on a consistent hash method to balance and distribute request loads. The following steps are to describe how to construct an equivalent heterogeneous executive for each selected class, and can reasonably distribute request loads according to the performance state of the heterogeneous executors, so that the balanced distribution of the internal loads of the mimicry cloud service system is realized, and the overall service performance of the system can be obviously improved.
Step S420, aiming at each selected class, determining the performance weight of each isomorphic executive body based on the performance index of each isomorphic executive body in the class.
First, a performance index of the heterogeneous executables is calculated. The performance index of a heterogeneous execution may be defined as an index characterizing the hardware performance of the heterogeneous execution based on a plurality of hardware state indicators of the heterogeneous execution. As an example, there is a class
Figure BDA0002495926690000081
Heterogeneous executives of (1)
Figure BDA0002495926690000082
The heterogeneous executives
Figure BDA0002495926690000083
The performance index of (2) can be defined as the result of weighted calculation of hardware status indicators such as CPU, memory M (memory), hard Disk D (Disk), available bandwidth B (Band Width), etc., and is recorded as
Figure BDA0002495926690000084
Figure BDA0002495926690000085
Wherein, C i ,M i ,D i ,B i Respectively representing heterogeneous executives
Figure BDA0002495926690000086
The hardware status indexes of the CPU, the memory, the hard disk and the available bandwidth are respectively C, beta, gamma and eta i ,M i ,D i ,B i The weight of (c).
Then, a performance weight of the heterogeneous executables is calculated based on the performance indexes of the heterogeneous executables. The performance weight of a heterogeneous implementation may be defined as the ratio of the performance index of the heterogeneous implementation to the sum of all the performance indices of the heterogeneous implementations within a class. As an example, there is a class
Figure BDA0002495926690000087
Heterogeneous executives in (1)
Figure BDA0002495926690000088
The heterogeneous executives
Figure BDA0002495926690000089
The performance weight of (A) is the ratio of the sum of all the heterogeneous executives in the class, and is recorded as
Figure BDA00024959266900000810
Figure BDA00024959266900000811
n j Number of heterogeneous executors within class, n j The total weight of the heterogeneous executors is as follows:
Figure BDA00024959266900000812
step S430, selecting the heterogeneous executors as equivalent heterogeneous executors according to the performance weights of the heterogeneous executors by using a consistent hash algorithm, and constructing an equivalent heterogeneous execution set for being scheduled.
More specifically, the step may further include the steps of:
(1) According to class S j The performance weight of each of the isomorphic executors in (A) will be [0,1]]The interval is divided into a plurality of sub-intervals, and each heterogeneous executive corresponds to one sub-interval.
As an example, the sub-interval corresponding to each heterogeneous executable may be divided according to the number order of the heterogeneous executables, and the width of each sub-interval is the performance weight of the corresponding heterogeneous executable.
For example, [0,1] can be substituted]The interval is divided into multiple sub-intervals, such that heterogeneous executives
Figure BDA00024959266900000813
Corresponding sub-interval
Figure BDA00024959266900000814
Comprises the following steps: l < n j When the temperature of the water is higher than the set temperature,
Figure BDA00024959266900000815
l=n j when the temperature of the water is higher than the set temperature,
Figure BDA00024959266900000816
the above sub-interval division manner is only an example, and the present invention is not limited thereto.
(2) And constructing a hash function based on the request of the client, mapping the request to the divided subintervals, and selecting an equivalent heterogeneous executive from the current class based on the mapping result.
The mimicry cloud service system receives the information from the clientAfter request X of (2), a hash function h is constructed, X → [0,1]And sends the request X ∈ X 0 Mapping to [0,1] of subinterval divided into corresponding heterogeneous executives]In the interval. In fig. 5, a plurality of sub-intervals respectively corresponding to a plurality of heterogeneous executors, which are represented by circular arcs between the heterogeneous executors on a circle, are shown, and based on which sub-interval the value of the hash function constructed by the request x falls, the request x is allocated to the heterogeneous executable corresponding to the sub-interval, which is the equivalent heterogeneous executable.
That is, the embodiment of the present invention completes the mapping of the request to the heterogeneous executable according to the consistent hash rule, if yes
Figure BDA0002495926690000091
The load of request x is allocated to the subinterval
Figure BDA0002495926690000092
Corresponding heterogeneous executives
Figure BDA0002495926690000093
I.e. heterogeneous executives
Figure BDA0002495926690000094
And constructing the equivalent heterogeneous executives as equivalent heterogeneous executives for the corresponding external scheduling requests.
Setting function
Figure BDA0002495926690000095
Representing the mapping of the load of request x to set S j The ICLB may be represented as a function ICLB (x, f), wherein ICLB (x, f) = f (x). The flow of the pseudo-code representation of f is as follows:
Figure BDA0002495926690000096
as known from probability theory, the request amount falling into each interval is proportional to the interval size, and the interval size is positively correlated to the performance weight of the heterogeneous executors, so that the request load can be determined according to the heterogeneous executorsPerformance of executables across heterogeneous execution sets
Figure BDA0002495926690000097
Are uniformly distributed.
Compared with the prior art, the mimicry cloud service heterogeneous executive scheduling method described in the embodiment of the invention combines the clustering algorithm and the consistent hash method to solve the scheduling problem of the heterogeneous executive, and has the following beneficial effects:
the invention introduces a clustering algorithm to realize the heterogeneous maximization of the distribution management process, ensures that the component composition of the executant presents uncertainty, destroys the dependency of the attack on a platform and the environment, and can solve the problem of insufficient heterogeneity caused by homology, thereby increasing the attack difficulty, reducing the attack success probability, and defending the threat caused by known and unknown vulnerabilities.
In addition, the influence of the performance of the heterogeneous executant on the overall service performance of the mimicry cloud service system is innovatively considered, the performance weight is measured through hardware indexes reflecting the performance state of the heterogeneous executant, a consistent hash method is introduced to reasonably distribute request loads according to the performance state of the heterogeneous executant, the balanced distribution of internal loads of the mimicry cloud service system is achieved, and the overall service performance of the system can be obviously improved.
The scheduling method of the pseudo cloud service heterogeneous executive body can be executed by a pseudo cloud service system, and can be executed by a redundant controller in the pseudo cloud service system as an example.
Corresponding to the above-mentioned mimicry cloud service heterogeneous executive scheduling method, the present invention further provides a mimicry cloud service heterogeneous executive scheduling device, which includes a processor and a memory, wherein the memory stores computer instructions, the processor is configured to execute the computer instructions stored in the memory, and when the computer instructions are executed by the processor, the device implements the steps of the foregoing method. In an example, the pseudo cloud service heterogeneous executor scheduling device is a pseudo cloud service system.
The present invention also relates to a storage medium on which computer program code may be stored, which when executed may implement various embodiments of the method of the present invention, and which may be a tangible storage medium such as an optical disk, a Random Access Memory (RAM), a memory, a Read Only Memory (ROM), an electrically programmable ROM, an electrically erasable programmable ROM, a register, a hard disk, a removable disk, a CD-ROM, or any other form of tangible storage medium known in the art.
It is to be understood that the invention is not limited to the precise arrangements and instrumentalities shown. A detailed description of known methods is omitted herein for the sake of brevity. In the above embodiments, several specific steps are described and shown as examples. However, the method processes of the present invention are not limited to the specific steps described and illustrated, and those skilled in the art can make various changes, modifications and additions or change the order between the steps after comprehending the spirit of the present invention.
Those of ordinary skill in the art will appreciate that the various illustrative components, systems, and methods described in connection with the embodiments disclosed herein may be implemented as hardware, software, or combinations thereof. Whether this is done in hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention. When implemented in hardware, it may be, for example, an electronic circuit, an Application Specific Integrated Circuit (ASIC), suitable firmware, plug-in, function card, or the like. When implemented in software, the elements of the invention are the programs or code segments used to perform the required tasks. The program or code segments may be stored in a machine-readable medium or transmitted by a data signal carried in a carrier wave over a transmission medium or a communication link. A "machine-readable medium" may include any medium that can store or transfer information. Examples of a machine-readable medium include an electronic circuit, a semiconductor memory device, a ROM, a flash memory, an Erasable ROM (EROM), a floppy disk, a CD-ROM, an optical disk, a hard disk, an optical fiber medium, a Radio Frequency (RF) link, and so forth. The code segments may be downloaded via computer networks such as the internet, intranets, etc.
It should also be noted that the exemplary embodiments mentioned in this patent describe some methods or systems based on a series of steps or devices. However, the present invention is not limited to the order of the above-described steps, that is, the steps may be performed in the order mentioned in the embodiments, may be performed in an order different from the order in the embodiments, or may be performed simultaneously.
Features that are described and/or illustrated with respect to one embodiment may be used in the same way or in a similar way in one or more other embodiments and/or in combination with or instead of the features of the other embodiments in the present invention.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes may be made to the embodiment of the present invention by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (8)

1. A mimicry cloud service heterogeneous executive scheduling method is characterized by comprising the following steps:
clustering heterogeneous executives to be clustered based on the heterogeneous degrees of the heterogeneous executives so as to divide the heterogeneous executives in a heterogeneous executives pool into a plurality of classes and obtain a set of the classes;
selecting a corresponding number of classes from the set of the multiple classes according to a preset heterogeneous executive body redundancy number;
for each selected class, determining the performance weight of each isomorphic executive based on the performance index of each isomorphic executive in the class;
selecting heterogeneous executives as equivalent heterogeneous executives according to the performance weights of the heterogeneous executives by using a consistent Hash algorithm, and constructing an equivalent heterogeneous executives set for being scheduled;
the clustering step of the heterogeneous executives to be clustered based on the isomerism degree of the heterogeneous executives comprises the following steps: initially determining a clustering center heterogeneous executive body, and calculating the heterogeneous degrees of the component elements of the heterogeneous executive body to be clustered and the determined clustering center heterogeneous executive body; calculating the isomerism indexes of the heterogeneous executives to be clustered and the clustering center heterogeneous executives based on the isomerism degrees of the component elements; taking the calculated isomerism degree index as the distance between the heterogeneous executive to be clustered and the clustering center heterogeneous executive, and determining the class to which the heterogeneous executive to be clustered belongs based on the calculated distance and a preset distance threshold value, so that the distance from the heterogeneous executive to be clustered to the clustering center heterogeneous executive of the class to which the heterogeneous executive to be clustered belongs does not exceed the distance threshold value;
the determining the performance weight of each heterogeneous executive body based on the performance index of each heterogeneous executive body in the class comprises the following steps: determining performance indexes based on a plurality of hardware state indexes of each heterogeneous executive, and determining the performance weight of each heterogeneous executive based on the ratio of the performance indexes of each heterogeneous executive to the sum of the performance indexes of all heterogeneous executors in the class;
the selecting the heterogeneous executives as equivalent heterogeneous executives according to the performance weights of the heterogeneous executives by using the consistent hash algorithm comprises the following steps: dividing the [0,1] interval into a plurality of subintervals according to the performance weight of each heterogeneous executive in the class, wherein each heterogeneous executive corresponds to one subinterval; and constructing a hash function based on the request of the client, mapping the request to the divided subintervals, and selecting an equivalent heterogeneous executive from the current class based on the mapping result.
2. The method according to claim 1, characterized in that the method further comprises the steps of:
and when the distance between the heterogeneous executive body to be clustered and the determined clustering center heterogeneous executive body exceeds the distance threshold value, taking the heterogeneous executive body to be clustered as a clustering center heterogeneous executive body of a new class.
3. The method of claim 1,
clustering the heterogeneous executives to be clustered to a class to which a nearest clustering center heterogeneous executives among the determined clustering center heterogeneous executives belong if distances from the heterogeneous executives to be clustered to the determined clustering center heterogeneous executives do not exceed the distance threshold.
4. The method of claim 1,
the step of calculating the isomerism degree of the component elements of the heterogeneous executive bodies to be clustered and the corresponding component elements of the determined clustering center heterogeneous executive bodies comprises the following steps: calculating the isomerism degree of the composition elements of the heterogeneous executive bodies to be clustered and the determined homogeneous composition elements of the heterogeneous executive bodies of the clustering centers by adopting XOR operation;
the step of calculating the isomerism index between the heterogeneous executive to be clustered and the cluster center heterogeneous executive based on the isomerism degree comprises the following steps: and taking the weighted sum of the isomerism degrees of the component elements as the isomerism degree index of the heterogeneous executive body to be clustered and the heterogeneous executive body in the clustering center.
5. The method of claim 1,
the constituent elements of the heterogeneous executables include at least one of: CPU, operating system, web server and database.
6. The method of claim 1, wherein the dividing the [0,1] interval into a plurality of sub-intervals according to the performance weight of each heterogeneous execution body in the class, wherein each heterogeneous execution body corresponds to one sub-interval comprises:
and dividing the subinterval corresponding to each heterogeneous executive body according to the number sequence of the heterogeneous executive bodies, wherein the width of each subinterval is the performance weight of the corresponding heterogeneous executive body.
7. A mimicry cloud service heterogeneous executive scheduling device, the device comprising a processor and a memory, wherein the memory has stored therein computer instructions, the processor being configured to execute the computer instructions stored in the memory, and wherein the device implements the steps of the method as claimed in any one of claims 1 to 6 when the computer instructions are executed by the processor.
8. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 6.
CN202010418351.XA 2020-05-18 2020-05-18 Mimicry cloud service heterogeneous execution body scheduling method and device Active CN111786946B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010418351.XA CN111786946B (en) 2020-05-18 2020-05-18 Mimicry cloud service heterogeneous execution body scheduling method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010418351.XA CN111786946B (en) 2020-05-18 2020-05-18 Mimicry cloud service heterogeneous execution body scheduling method and device

Publications (2)

Publication Number Publication Date
CN111786946A CN111786946A (en) 2020-10-16
CN111786946B true CN111786946B (en) 2022-12-09

Family

ID=72754117

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010418351.XA Active CN111786946B (en) 2020-05-18 2020-05-18 Mimicry cloud service heterogeneous execution body scheduling method and device

Country Status (1)

Country Link
CN (1) CN111786946B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114826638B (en) * 2021-03-17 2024-04-12 中国人民解放军战略支援部队信息工程大学 Mimicry router anomaly detection method and system based on state feature similarity
CN113079169B (en) * 2021-04-13 2022-09-13 华东计算技术研究所(中国电子科技集团公司第三十二研究所) Two-stage multi-layer resource scheduling method and system for mimicry defense
CN115277163A (en) * 2022-07-22 2022-11-01 杭州安司源科技有限公司 Mimicry transformation method based on label

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109525418A (en) * 2018-10-11 2019-03-26 浙江工商大学 A kind of dispatching method that mimicry defends lower service arrangement execution body set isomery degree to guarantee
CN110673951A (en) * 2019-08-30 2020-01-10 华东计算技术研究所(中国电子科技集团公司第三十二研究所) Mimicry scheduling method, system and medium for general operation environment
CN111083232A (en) * 2019-12-27 2020-04-28 南京邮电大学 Server-side load balancing method based on improved consistent hash

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9954885B2 (en) * 2015-06-01 2018-04-24 Shanghai Redneurons Co., Ltd. Software/hardware device with uncertain service function and structural characterization, and scheduling method thereof

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109525418A (en) * 2018-10-11 2019-03-26 浙江工商大学 A kind of dispatching method that mimicry defends lower service arrangement execution body set isomery degree to guarantee
CN110673951A (en) * 2019-08-30 2020-01-10 华东计算技术研究所(中国电子科技集团公司第三十二研究所) Mimicry scheduling method, system and medium for general operation environment
CN111083232A (en) * 2019-12-27 2020-04-28 南京邮电大学 Server-side load balancing method based on improved consistent hash

Also Published As

Publication number Publication date
CN111786946A (en) 2020-10-16

Similar Documents

Publication Publication Date Title
CN111786946B (en) Mimicry cloud service heterogeneous execution body scheduling method and device
Zade et al. SAEA: A security-aware and energy-aware task scheduling strategy by Parallel Squirrel Search Algorithm in cloud environment
Mozhaev et al. Multiservice network security metric
CN111046429B (en) Method and device for establishing relationship network based on privacy protection
JP4846772B2 (en) Method and apparatus for community-based trust
RU2710860C1 (en) Method for limiting the scope of automatic selection of a virtual protection machine
US9459861B1 (en) Systems and methods for detecting copied computer code using fingerprints
CN101304321B (en) Method for defending equity network virus based on trust
CN116126130A (en) Task unloading method for trusted edge server selection and energy consumption optimization
CN109871682B (en) Execution unified control method of heterogeneous virtual machine platform
CN116418603A (en) Safety comprehensive management method and system for industrial Internet
Prud'Homme et al. Poisoning attack anticipation in mobile crowdsensing: A competitive learning-based study
Tunga et al. Efficacy analysis of NSGAII and multi-objective particle swarm optimization (MOPSO) in agent based weapon target assignment (WTA) model
CN113360898A (en) Index weight determination method, network attack evaluation method and electronic equipment
Wu et al. Heterogeneous executors scheduling algorithm for mimic defense systems
Huang et al. A differential private mechanism to protect trajectory privacy in mobile crowd-sensing
CN116599687B (en) Low-communication-delay cascade vulnerability scanning probe deployment method and system
EP3274820B1 (en) Systems and methods for detecting copied computer code using fingerprints
Özarslan et al. Interactive Approaches to Multiple Criteria Sorting Problems: Entropy-Based Question Selection Methods
Maheswari et al. A hybrid soft computing technique for intrusion detection in web and cloud environment
Peng et al. Spatiotemporal prediction based intelligent task allocation for secure spatial crowdsourcing in industrial IoT
Deng et al. NAAM‐MOEA/D‐Based Multitarget Firepower Resource Allocation Optimization in Edge Computing
Xie et al. A secure VM allocation strategy based on tenant behavior analysis and anomaly identification
Kaljahi et al. DTM: An efficient and dynamic trust and reputation model for e-commerce agents
CN115665025B (en) Method, device, equipment and storage medium for detecting key node sequence of inter-domain routing system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant