CN112612594B - Execution body scheduling method and related device - Google Patents
Execution body scheduling method and related device Download PDFInfo
- Publication number
- CN112612594B CN112612594B CN202011606051.0A CN202011606051A CN112612594B CN 112612594 B CN112612594 B CN 112612594B CN 202011606051 A CN202011606051 A CN 202011606051A CN 112612594 B CN112612594 B CN 112612594B
- Authority
- CN
- China
- Prior art keywords
- layer
- scheduling
- executable
- preset
- attacked
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 53
- 238000005516 engineering process Methods 0.000 claims description 11
- 238000004891 communication Methods 0.000 claims description 10
- 230000008569 process Effects 0.000 abstract description 13
- 238000010586 diagram Methods 0.000 description 11
- 238000004590 computer program Methods 0.000 description 6
- 230000007123 defense Effects 0.000 description 6
- 230000006870 function Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 239000000243 solution Substances 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 230000006399 behavior Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000002347 injection Methods 0.000 description 1
- 239000007924 injection Substances 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/48—Program initiating; Program switching, e.g. by interrupt
- G06F9/4806—Task transfer initiation or dispatching
- G06F9/4843—Task transfer initiation or dispatching by program, e.g. task dispatcher, supervisor, operating system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5005—Allocation of resources, e.g. of the central processing unit [CPU] to service a request
- G06F9/5027—Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Mobile Radio Communication Systems (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The application provides an executable scheduling method and a related device, wherein the method comprises the following steps: scheduling target executives in a preset heterogeneous executable set to a preset set to form an executable set; the target execution body is an execution body which satisfies isomerism on a target layer in the isomerism execution body set; the target layer refers to: the method comprises the steps that among a layer set formed by a hardware layer of an executive body and a plurality of preset software layers, a layer matched with preset service is formed; under the condition that an attack instruction for representing that any execution body in the execution body set is attacked is received, acquiring an attacked layer of the execution body; determining an executive body meeting preset conditions from the heterogeneous executive body set; the preset conditions comprise: different from the executing body in the attacked layer; scheduling the execution body offline and scheduling the execution body online meeting the preset condition. The method and the device can solve the problems of more consumed resources and low scheduling accuracy in the scheduling process because the executor is purposefully scheduled.
Description
Technical Field
The present disclosure relates to the field of network security, and in particular, to a method and an apparatus for scheduling an executable.
Background
With the rapid development of network technology and the advent of the information age, networks have been incorporated into aspects of people's lives. Networks offer efficiency and convenience to people's work and life, but are often related to valuable or private information, and have been the target of hacking. Hackers can use SQL injection, webShell, DDoS and other attack modes to achieve the purposes of illegally stealing user privacy, disturbing normal work of a network system and the like, and the security of the network system faces serious challenges.
At present, the mimicry defense architecture can schedule an execution body according to the characteristic of self dynamic heterogeneous redundancy, so that an attack communication chain is cut off, and attack behaviors aiming at a system are invalid.
However, the current mimicry defense architecture has the problems of more consumed resources and low scheduling accuracy in the process of scheduling an execution body.
Disclosure of Invention
The applicant finds that the current mimicry defense architecture adopts random scheduling in the scheduling execution body process, so that scheduling is not targeted, namely scheduling is not performed on a service or a specific attacked layer of the execution body, and therefore scheduling is performed in a place where scheduling is not needed, and further the problems of large scheduling consumption resources and low scheduling accuracy are caused.
The application provides an executable scheduling method and a related device, and aims to solve the problems of more consumed resources and low scheduling accuracy in the existing scheduling executable scheduling process of a mimicry defense architecture.
In order to achieve the above object, the present application provides the following technical solutions:
the application provides an executable scheduling method, which is applied to a scheduler and comprises the following steps:
scheduling target executives in a preset heterogeneous executable set to a preset set to form an executable set; the target executor is an executor which meets isomerism on a target layer in the isomerism executor set; the target layer refers to: the method comprises the steps that among a layer set formed by a hardware layer of an executive body and a plurality of preset software layers, a layer matched with preset service is formed;
under the condition that an attack instruction for representing that any executing body in the executing body set is attacked is received, acquiring an attacked layer of the executing body;
determining an executive body meeting preset conditions from the heterogeneous executive body set; the preset conditions include: different from the executable on the attacked layer;
and scheduling the execution body offline and scheduling the execution body online meeting the preset condition.
Optionally, the preset conditions further include: the degree of isomerism of the executing body set with other executing bodies in the executing body set on the attacked layer is larger than the degree of isomerism of the executing body set with other executing bodies in the executing body set on the attacked layer.
Optionally, the plurality of preset software layers includes: an operating system layer, a virtual technology layer, a kernel driver layer, and an application and protocol layer.
Optionally, the application and protocol layer includes: an application device layer, a communication technology layer and an application software layer.
The application also provides an executable scheduling device, which is applied to a scheduler and comprises:
the first scheduling module is used for scheduling target executors in a preset heterogeneous executable set to the preset set to form an executable set; the target executor is an executor which meets isomerism on a target layer in the isomerism executor set; the target layer refers to: the method comprises the steps that among a layer set formed by a hardware layer of an executive body and a plurality of preset software layers, a layer matched with preset service is formed;
the acquisition module is used for acquiring an attacked layer of any executable in the executable set under the condition of receiving an attack instruction for representing the attack of the executable;
the determining module is used for determining an executable body meeting a preset condition from the heterogeneous executable body set; the preset conditions include: different from the executable on the attacked layer;
and the second scheduling module is used for scheduling the execution body to be offline and scheduling the execution body to be online which meets the preset condition.
Optionally, the preset conditions further include: the degree of isomerism of the executing body set with other executing bodies in the executing body set on the attacked layer is larger than the degree of isomerism of the executing body set with other executing bodies in the executing body set on the attacked layer.
Optionally, the plurality of preset software layers includes: an operating system layer, a virtual technology layer, a kernel driver layer, and an application and protocol layer.
Optionally, the application and protocol layer includes: an application device layer, a communication technology layer and an application software layer.
The application also provides a storage medium, which comprises a stored program, wherein the program executes any one of the execution body scheduling methods.
The application also provides a scheduler, the device comprises at least one processor, and at least one memory and a bus connected with the processor; the processor and the memory complete communication with each other through the bus; the processor is configured to invoke the program instructions in the memory to execute any of the methods for executing the execution volume scheduling described above.
According to the executable scheduling method and the related device, on one hand, a target executable in a preset heterogeneous executable set is scheduled to a preset set to form an executable set; the target execution body is an execution body meeting isomerism on a target layer in the isomerism execution body set, and the target layer refers to: and the layer matched with the preset service is in a layer set formed by a hardware layer of the executive body and a plurality of preset software layers. I.e. the executives in the set of executives satisfy isomerism on the software and hardware layers that match the traffic. Therefore, aiming at the preset service required by the user, the executive body set built by the method meets the requirement of the preset service on the isomerism of the executive body, thereby ensuring the accuracy of the selected executive body and avoiding the scheduling of the executive body which does not need to be scheduled, and further ensuring the problems of more consumed resources and low scheduling accuracy in the process of scheduling the executive body.
On the other hand, under the condition that an attack instruction for representing that any executing body in the executing body set is attacked is received, the attacked layer of the executing body is obtained. From the heterogeneous set of executives, an execution volume that differs from the execution volume at the attacked layer is scheduled. The method and the device aim at an attacked layer to purposefully schedule the execution body, thereby ensuring the accuracy of the scheduled execution body and avoiding the scheduling of the execution body which does not need to be scheduled.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic diagram of a classical mimicry architecture based on mimicry defense technology in the prior art;
FIG. 2 is a flowchart of an executable scheduling method disclosed in an embodiment of the present application;
FIG. 3 is a schematic diagram of an executable scheduling process disclosed in an embodiment of the present application;
FIGS. 4 (a) and 4 (b) are schematic diagrams of the principle architecture of the scheduling hardware layer and the software layer disclosed in the embodiments of the present application;
fig. 5 is a schematic structural diagram of an executable scheduling device according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of a scheduler according to an embodiment of the present application.
Detailed Description
The following description of the embodiments of the present application will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are only some, but not all, of the embodiments of the present application. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present disclosure.
Fig. 1 is a schematic diagram of a classical mimicry architecture based on mimicry defense technology in the prior art, and in fig. 1, specific implementation logic of a dynamic selection algorithm, a proxy module, a arbitration module, a countercheck module, and a scheduler are in the prior art, and are not described herein again.
In this embodiment, the scheduling flow of the scheduler in fig. 1 is modified to obtain the executable scheduling method of the present application, and the specific executable scheduling method flow is shown in fig. 2, and may include the following steps:
s201, scheduling target executors in a preset heterogeneous executable set to the preset set to form an executable set.
In this embodiment, the target executor refers to: heterogeneous executives are satisfied on the target layer in the heterogeneous executable set. Wherein, the target layer refers to: and the layer matched with the preset service is in a layer set formed by a hardware layer of the executive body and a plurality of preset software layers. It should be noted that, the hardware component of the executable and the "executable" in the plurality of preset software layers refer to the executable generally. That is, generally, any executable includes a hardware layer and a plurality of software layers.
In this step, the specific scheduling process is the prior art, and will not be described herein.
Optionally, in this embodiment, the hardware layer may include: x86, ARM, shenwei, etc.
Optionally, in this embodiment, the plurality of preset software layers may include: an operating system layer, a virtual technology layer, a kernel driver layer, and an application and protocol layer. The operating system layer may include Windows, linux, unix, among others. The virtual technology layer may include: VMware, KVM, docker, etc. The kernel driver layer may include: CPU driver, memory driver, etc.
Wherein, the application and protocol layer may include: the application device layer (which may include mimicry Web servers, mimicry routers, mimicry firewalls, etc.), the communication technology layer (which may include information management, service distribution, message forwarding, data types, etc.), and the application software layer (which may include mimicry websites, mimicry APP, mimicry PC software, etc.).
For a clearer description of the present embodiment, an execution volume scheduling process shown in fig. 3 is taken as an example. In fig. 3, "executable set" means the executable set established in the present embodiment. The "heterogeneous execution pool" in fig. 3 represents a preset heterogeneous execution set in the present embodiment. Where "heterogeneous execution pool" is a subset of the "heterogeneous resource pool" in FIG. 1. The "multi-level scheduling system" in fig. 3 represents the execution body scheduler of the present embodiment.
S202, under the condition that an attack instruction for representing that any execution body in the execution body set is attacked is received, obtaining an attacked layer of the execution body.
In this embodiment, when an attacker attacks a certain executable in the executable set successfully, the scheduler may receive an attack instruction, where the attack instruction is used to indicate an attacked executable, and the attack instruction may also include an attacked layer of the attacked executable.
Also taking fig. 3 as an example, in the case where an executing body X in the executing body set is attacked, the multi-level scheduling system (scheduler) receives alarm information (attack instruction), where the alarm information may include an attacked layer of the attacked executing body. For example, the attacked layer is an operating system layer.
S203, determining an execution body meeting a preset condition from the heterogeneous execution body set.
In this embodiment, the preset conditions may include: different from the executable on the attacked layer.
In this embodiment, in order to further ensure the reliability of the determined execution body, the preset conditions may further include: the degree of isomerism on the attacked layer with other executives in the executable set is greater than the degree of isomerism on the attacked layer with other executives in the attacked executable set.
Also taking fig. 3 as an example, assuming that the attacked layer is an operating system layer, in this step, an execution body (for example, execution body n) different from the attacked execution body in the operating system layer may be determined from the heterogeneous execution body pool, and then the execution body n is different from the operating system layer of the attacked execution body.
And if the preset condition further comprises the isomerism degree, indicating that the isomerism degree of the execution body n and other execution bodies in the execution body set on the operating system layer is larger than the isomerism degree of the execution body X and other execution bodies in the execution body set on the operating system.
S204, scheduling the attacked execution body to be offline and scheduling the execution body meeting the preset condition to be online.
In this step, the attacked execution body is scheduled to be offline, and the execution body that satisfies the preset condition is scheduled to be online.
Also taking fig. 3 as an example, in this step, the execution body X is scheduled to be offline and the execution body that satisfies the preset condition is scheduled to be online. The specific scheduling manner is the prior art, and is not described herein.
In this embodiment, the execution time of the attacked execution body is scheduled to be offline, and the attacked execution body can be scheduled to be offline only after the attack instruction is received and the attack instruction is determined to indicate which execution body the attacked execution body is. The embodiment does not limit the specific scheduling time for scheduling the offline of the attacked executable.
In the present embodiment, the above-described processes S202 to S204 can be described by taking fig. 4 (a) and 4 (b) as an example. Fig. 4 (a) and fig. 4 (b) show that the scheduler can acquire the attacked layer when receiving the arbitration log sent by the arbitration model. After the scheduler acquires the attacked layer, a scheduling algorithm corresponding to the attacked layer is called, an execution subject meeting preset conditions is determined, and the execution subject meeting the preset conditions is scheduled to be online.
Fig. 5 is a block diagram of an executable scheduling apparatus according to an embodiment of the present application, which may include: a first scheduling module 501, an acquisition module 502, a determination module 503, and a second scheduling module 504, wherein,
a first scheduling module 501, configured to schedule a target executable in a preset heterogeneous executable set to a preset set to form an executable set; the target executor is an executor which meets isomerism on a target layer in the isomerism executor set; the target layer refers to: the method comprises the steps that among a layer set formed by a hardware layer of an executive body and a plurality of preset software layers, a layer matched with preset service is formed;
an obtaining module 502, configured to obtain an attacked layer of any one of the execution bodies in the execution body set under the condition that an attack instruction for characterizing the attack of the execution body is received;
a determining module 503, configured to select an executable that meets a preset condition from the heterogeneous executable set; the preset conditions include: different from the executable on the attacked layer;
the second scheduling module 504 is configured to schedule the execution body offline and schedule the execution body online that satisfies a preset condition.
Optionally, the preset conditions further include: the degree of isomerism of the executing body set with other executing bodies in the executing body set on the attacked layer is larger than the degree of isomerism of the executing body set with other executing bodies in the executing body set on the attacked layer.
Optionally, the plurality of preset software layers includes: an operating system layer, a virtual technology layer, a kernel driver layer, and an application and protocol layer.
Optionally, the application and protocol layer includes: an application device layer, a communication technology layer and an application software layer.
The executable scheduling device comprises a processor and a memory, wherein the processor is used for: the first scheduling module 501, the acquiring module 502, the determining module 503, the second scheduling module 504, and the like are stored as program units in a memory, and the processor executes the program units stored in the memory to realize corresponding functions.
The processor includes a kernel, and the kernel fetches the corresponding program unit from the memory. The kernel can be provided with one or more than one kernel, and the problems of large consumption resources and low scheduling accuracy in the process of scheduling an execution body are solved by adjusting kernel parameters.
The embodiment of the invention provides a storage medium, on which a program is stored, which when executed by a processor, implements the executable scheduling method.
The embodiment of the invention provides a processor which is used for running a program, wherein the execution body scheduling method is executed when the program runs.
An embodiment of the present invention provides a scheduler, as shown in fig. 6, where an apparatus includes at least one processor, and at least one memory and a bus connected to the processor; the processor and the memory complete communication with each other through a bus; the processor is used for calling the program instructions in the memory to execute the execution body scheduling method. The device herein may be a server, PC, PAD, cell phone, etc.
The present application also provides a computer program product adapted to perform, when executed on a data processing device, a program initialized with the method steps of:
scheduling target executives in a preset heterogeneous executable set to a preset set to form an executable set; the target executor is an executor which meets isomerism on a target layer in the isomerism executor set; the target layer refers to: the method comprises the steps that among a layer set formed by a hardware layer of an executive body and a plurality of preset software layers, a layer matched with preset service is formed;
under the condition that an attack instruction for representing that any executing body in the executing body set is attacked is received, acquiring an attacked layer of the executing body;
determining an executive body meeting preset conditions from the heterogeneous executive body set; the preset conditions include: different from the executable on the attacked layer;
and scheduling the execution body offline and scheduling the execution body online meeting the preset condition.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In one typical configuration, the device includes one or more processors (CPUs), memory, and a bus. The device may also include input/output interfaces, network interfaces, and the like.
The memory may include volatile memory, random Access Memory (RAM), and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM), among other forms in computer readable media, the memory including at least one memory chip. Memory is an example of a computer-readable medium.
Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises an element.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The foregoing is merely exemplary of the present application and is not intended to limit the present application. Various modifications and changes may be made to the present application by those skilled in the art. Any modifications, equivalent substitutions, improvements, etc. which are within the spirit and principles of the present application are intended to be included within the scope of the claims of the present application.
The functions described in the methods of the present application, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computing device readable storage medium. Based on such understanding, a portion of the embodiments of the present application that contributes to the prior art or a portion of the technical solution may be embodied in the form of a software product stored in a storage medium, comprising several instructions for causing a computing device (which may be a personal computer, a server, a mobile computing device or a network device, etc.) to perform all or part of the steps of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
Features described in the various embodiments of the present disclosure may be interchanged or combined, each having a particular emphasis on illustrating differences from other embodiments, and the same or similar elements of the various embodiments may be used in conjunction with each other.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (8)
1. An executable scheduling method, applied to a scheduler, comprising:
scheduling target executives in a preset heterogeneous executable set to a preset set to form an executable set; the target executor is an executor which meets isomerism on a target layer in the isomerism executor set; the target layer refers to: the method comprises the steps that among a layer set formed by a hardware layer of an executive body and a plurality of preset software layers, a layer matched with preset service is formed;
under the condition that an attack instruction for representing that any executing body in the executing body set is attacked is received, acquiring an attacked layer of the executing body;
determining an executive body meeting preset conditions from the heterogeneous executive body set; the preset conditions include: different from the executable on the attacked layer;
scheduling the execution body to be offline and scheduling the execution body meeting the preset condition to be online;
wherein, the preset conditions further include: the degree of isomerism of the executing body set with other executing bodies in the executing body set on the attacked layer is larger than the degree of isomerism of the executing body set with other executing bodies in the executing body set on the attacked layer.
2. The method of claim 1, wherein the plurality of pre-set software layers comprises: an operating system layer, a virtual technology layer, a kernel driver layer, and an application and protocol layer.
3. The method of claim 2, wherein the application and protocol layer comprises: an application device layer, a communication technology layer and an application software layer.
4. An executable scheduling apparatus, applied to a scheduler, comprising:
the first scheduling module is used for scheduling target executors in a preset heterogeneous executable set to the preset set to form an executable set; the target executor is an executor which meets isomerism on a target layer in the isomerism executor set; the target layer refers to: the method comprises the steps that among a layer set formed by a hardware layer of an executive body and a plurality of preset software layers, a layer matched with preset service is formed;
the acquisition module is used for acquiring an attacked layer of any executable in the executable set under the condition of receiving an attack instruction for representing the attack of the executable;
the determining module is used for determining an executable body meeting a preset condition from the heterogeneous executable body set; the preset conditions include: different from the executable on the attacked layer;
the second scheduling module is used for scheduling the execution body to be offline and scheduling the execution body to be online which meets the preset conditions;
wherein, the preset conditions further include: the degree of isomerism of the executing body set with other executing bodies in the executing body set on the attacked layer is larger than the degree of isomerism of the executing body set with other executing bodies in the executing body set on the attacked layer.
5. The apparatus of claim 4, wherein the plurality of pre-set software layers comprises: an operating system layer, a virtual technology layer, a kernel driver layer, and an application and protocol layer.
6. The apparatus of claim 5, wherein the application and protocol layer comprises: an application device layer, a communication technology layer and an application software layer.
7. A storage medium comprising a stored program, wherein the program executes the executable scheduling method of any one of claims 1 to 3.
8. A scheduler, characterized in that it comprises at least one processor, and at least one memory, bus, connected to said processor; the processor and the memory complete communication with each other through the bus; the processor is configured to invoke program instructions in the memory to execute the executable scheduling method according to any one of claims 1-3.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011606051.0A CN112612594B (en) | 2020-12-30 | 2020-12-30 | Execution body scheduling method and related device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011606051.0A CN112612594B (en) | 2020-12-30 | 2020-12-30 | Execution body scheduling method and related device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112612594A CN112612594A (en) | 2021-04-06 |
| CN112612594B true CN112612594B (en) | 2024-03-29 |
Family
ID=75249149
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011606051.0A Active CN112612594B (en) | 2020-12-30 | 2020-12-30 | Execution body scheduling method and related device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112612594B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107145376A (en) * | 2016-03-01 | 2017-09-08 | 中兴通讯股份有限公司 | A kind of active defense method and device |
| CN109218440A (en) * | 2018-10-12 | 2019-01-15 | 上海拟态数据技术有限公司 | A kind of mimicry web server isomery execution body dynamic dispatching method of displaying |
| CN111343176A (en) * | 2020-01-16 | 2020-06-26 | 郑州昂视信息科技有限公司 | Network attack countering device, method, storage medium and computer equipment |
| CN111641661A (en) * | 2020-06-12 | 2020-09-08 | 深圳供电局有限公司 | Construction method and system of heterogeneous executer |
| CN111858165A (en) * | 2020-07-06 | 2020-10-30 | 河南信大网御科技有限公司 | Rapid recovery method, system and framework for heterogeneous executer |
| CN112153024A (en) * | 2020-09-11 | 2020-12-29 | 华东计算技术研究所(中国电子科技集团公司第三十二研究所) | Mimicry defense system based on SaaS platform |
| CN114116150A (en) * | 2020-08-25 | 2022-03-01 | 华为技术有限公司 | Task scheduling method and device and related equipment |
-
2020
- 2020-12-30 CN CN202011606051.0A patent/CN112612594B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107145376A (en) * | 2016-03-01 | 2017-09-08 | 中兴通讯股份有限公司 | A kind of active defense method and device |
| CN109218440A (en) * | 2018-10-12 | 2019-01-15 | 上海拟态数据技术有限公司 | A kind of mimicry web server isomery execution body dynamic dispatching method of displaying |
| CN111343176A (en) * | 2020-01-16 | 2020-06-26 | 郑州昂视信息科技有限公司 | Network attack countering device, method, storage medium and computer equipment |
| CN111641661A (en) * | 2020-06-12 | 2020-09-08 | 深圳供电局有限公司 | Construction method and system of heterogeneous executer |
| CN111858165A (en) * | 2020-07-06 | 2020-10-30 | 河南信大网御科技有限公司 | Rapid recovery method, system and framework for heterogeneous executer |
| CN114116150A (en) * | 2020-08-25 | 2022-03-01 | 华为技术有限公司 | Task scheduling method and device and related equipment |
| CN112153024A (en) * | 2020-09-11 | 2020-12-29 | 华东计算技术研究所(中国电子科技集团公司第三十二研究所) | Mimicry defense system based on SaaS platform |
Non-Patent Citations (3)
| Title |
|---|
| 《A formalization research on Web server and scheduling strategy for heterogeneity》;Bolin Ma;《Advanced Information Management, Communicates, Electronic and Automation Control Conference》;全文 * |
| 《基于BSG 的拟态Web 服务器调度策略研究》;王晓梅;《通信学报》;全文 * |
| 《基于数据层的动态攻击面防御技术》;洪海诚;《中国优秀硕士学位论文全文数据库信息科技辑》;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112612594A (en) | 2021-04-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| AU2016369460B2 (en) | Dual memory introspection for securing multiple network endpoints | |
| EP3111364B1 (en) | Systems and methods for optimizing scans of pre-installed applications | |
| US10050999B1 (en) | Security threat based auto scaling | |
| US11108793B2 (en) | Preemptive alerts in a connected environment | |
| US20220279012A1 (en) | Methods and apparatus to identify and report cloud-based security vulnerabilities | |
| US9111089B1 (en) | Systems and methods for safely executing programs | |
| US20130097203A1 (en) | System and method for providing threshold levels on privileged resource usage in a mobile network environment | |
| Canfora et al. | Composition-malware: building android malware at run time | |
| US10691475B2 (en) | Security application for a guest operating system in a virtual computing environment | |
| EP3270317B1 (en) | Dynamic security module server device and operating method thereof | |
| US11233823B1 (en) | Efficient implementation of honeypot devices to detect wide-scale network attacks | |
| US8402539B1 (en) | Systems and methods for detecting malware | |
| US20210266181A1 (en) | Data security processing method and terminal thereof, and server | |
| Ramachandran et al. | Android anti-virus analysis | |
| US20140308919A1 (en) | Application-level trusted third party solution based on an antiviral mobile client | |
| CN112612594B (en) | Execution body scheduling method and related device | |
| US20230177148A1 (en) | Liveness guarantees in secure enclaves using health tickets | |
| CN105653948B (en) | Method and device for preventing malicious operation | |
| US11240268B1 (en) | Dynamic honeypots for computer program execution environments | |
| CN111222130B (en) | Page response method, page request method and page request device | |
| GB2548147A (en) | Self-propagating cloud-aware distributed agents for benign cloud exploitation | |
| CN113849558A (en) | Method and device for deploying data sharing service | |
| CN112685741A (en) | Static measurement method of trusted computing platform with parallel computing and protection in smart grid environment | |
| Jarabek | Towards cloud-based anti-malware protection for desktop and mobile platforms |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |