期刊文献+

基于Xen的异常行为在线检测平台研究与设计 被引量:6

Research and Design on Abnormal Behavior Online Detection Platform Based on Xen
下载PDF
导出
摘要 传统的检测机制主要基于物理实体机,检测程序与恶意程序同时运行在系统中,会受到恶意程序的干扰,无法准确检测到系统状态。文章分析了当前网络突出的异常行为形式和特点,提出了通过建立异常行为在线检测平台实现网络监管的思路,并分析了搭建在线检测平台涉及的相关关键技术,研究了虚拟化技术和虚拟机自省技术的特点,提出了依托虚拟化技术,利用虚拟机自省技术实现对网络突出的异常行为进行连续测试与监测的方法。文章设计并实现了基于Xen的网络异常行为在线检测平台模型。 The traditional detection mechanism mainly based on the physical machine. The detection software is disturbed by the malicious software which resides on the same OS, so it is hard to detect OS status accurately. This paper presented an approach of supervision to the Internet by establishing an online detection platform against the abnormal behavior. It analyzed the key technologies in establishing the online detection platform and the characteristics of virtualization technology and virtual machine introspection technology. This paper proposes a method that can test and monitor the abnormal behavior in a continuous way relying on virtualization technology and virtual machine introspection technology. At last, this paper designs and implements a model of Xen-based online detection platform against the abnormal behavior.
出处 《信息网络安全》 2016年第9期139-144,共6页 Netinfo Security
基金 国家重点研发计划[2016YFB0800805] 天津市科技服务科技重大专项[16ZXFWGX00140] 中国民航大学信息安全测评中心开放基金课题[CAAC-ISECCA-201501]
关键词 异常行为 虚拟化技术 虚拟机自省技术 XEN 在线检测 abnormal behavior virtualization technology VMI Xen online detection
  • 相关文献

参考文献6

二级参考文献65

  • 1刘正伟,文中领,张海涛.云计算和云数据管理技术[J].计算机研究与发展,2012,49(S1):26-31. 被引量:170
  • 2沈昌祥,张焕国,王怀民,王戟,赵波,严飞,余发江,张立强,徐明迪.可信计算的研究与发展[J].中国科学:信息科学,2010,40(2):139-166. 被引量:253
  • 3汤儒,李秦伟.Openstack云环境中KVM虚拟机性能分析[J].微型机与应用,2013,32(23):94-96. 被引量:10
  • 4LI Xianghe ZHANG Liancheng LI Shuo.Kernel Rootkits Implement and Detection[J].Wuhan University Journal of Natural Sciences,2006,11(6):1473-1476. 被引量:2
  • 5Schneier B.Attack trees : modeling security threats[J].Dr Dobb' s Journal,1999,24 ( 12 ) : 21-29.
  • 6Arpan, Roy;Dong, Seong, Kim;Kishor, S, Trivedi, Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees[J]. Security and Communication Networks , 2012,5(8):929- 943.
  • 7L M Adleman.An abstract theory of computer viruses[J].Lecture Notes in Computer Science, 1990,40(03): 109-115.
  • 8F Cohen,Computer viruses:Theory and experiments[J]. Computers and Security, 1987,6(1):22-35.
  • 9Trusted Computing Group.TPM Main Specification versionl.2 [EB/OL]. http://www.trustedcompuup.org/resources/tprn_main_specification, 2006.
  • 10] Paul England , Jork Loeser. Para-Virtualized TPM Sharing[C]// Proceedings of the First international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing Challenges and Applications.Villach, Austria, 2008:119-132.

共引文献44

同被引文献38

引证文献6

二级引证文献29

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部