信息网络安全
信息網絡安全
신식망락안전
Netinfo Security
2015年
9期
191-195
,共5页
云计算%入侵检测系统%软件定义网络
雲計算%入侵檢測繫統%軟件定義網絡
운계산%입침검측계통%연건정의망락
cloud computing%intrusion detection system%software deifned network
云计算技术在近十年的发展中得到了学术界与产业界的广泛关注,其安全问题制约着云计算技术的发展,针对云中所面临的安全问题,往往采用多种安全手段结合的解决方案来保障其安全.在这些安全手段中,入侵检测是云安全解决方案中不可缺少的重要环节.文章针对使用软件定义网络(software defined network,SDN)技术的云平台,分析总结了入侵检测系统在云上部署时所面临的问题和对应的解决方案,提出了入侵检测系统的设计目标.同时基于SDN思想,设计了一个软件定义的入侵检测系统,该系统具有鲁棒性,可以降低云中的资源消耗,还能在虚拟机迁移后,使其依然处于系统的保护之下.
雲計算技術在近十年的髮展中得到瞭學術界與產業界的廣汎關註,其安全問題製約著雲計算技術的髮展,針對雲中所麵臨的安全問題,往往採用多種安全手段結閤的解決方案來保障其安全.在這些安全手段中,入侵檢測是雲安全解決方案中不可缺少的重要環節.文章針對使用軟件定義網絡(software defined network,SDN)技術的雲平檯,分析總結瞭入侵檢測繫統在雲上部署時所麵臨的問題和對應的解決方案,提齣瞭入侵檢測繫統的設計目標.同時基于SDN思想,設計瞭一箇軟件定義的入侵檢測繫統,該繫統具有魯棒性,可以降低雲中的資源消耗,還能在虛擬機遷移後,使其依然處于繫統的保護之下.
운계산기술재근십년적발전중득도료학술계여산업계적엄범관주,기안전문제제약착운계산기술적발전,침대운중소면림적안전문제,왕왕채용다충안전수단결합적해결방안래보장기안전.재저사안전수단중,입침검측시운안전해결방안중불가결소적중요배절.문장침대사용연건정의망락(software defined network,SDN)기술적운평태,분석총결료입침검측계통재운상부서시소면림적문제화대응적해결방안,제출료입침검측계통적설계목표.동시기우SDN사상,설계료일개연건정의적입침검측계통,해계통구유로봉성,가이강저운중적자원소모,환능재허의궤천이후,사기의연처우계통적보호지하.
The technology of cloud computing has received the attention of academia and industry in the development of the last ten years, but the security problem restricts its development. Towards the security issues faced by the cloud, the cloud often use a variety of security means the combination of solutions to ensure its security. In these security measures, intrusion detection system (IDS) is an important and indispensable link in cloud security solutions. In this paper, towards to the cloud platform which used software deifned network (SDN), and the intrusion detection system deployed on it. We analysis the issues the IDS faced and conclude the correspond solutions, put forward the design goal of the IDS, and designed a software deifned IDS based on SDN. The system has robustness, it can save the cloud resource consumption, and after the virtual machine migration, it's still under the protection of the IDS, ifnally realize the important modules of the system.
