CAJ | 학술논문

云计算是通过Internet以服务的方式提供动态可伸缩的虚拟化资源的计算模式，所提供的服务基于现有标准化的网络协议，具有特定的格式及标准。然而现有技术和标准协议所存在的安全隐患为非法分子敞开了入侵的大门。基于支持向量机SVM和主成分分析方法PCA提出云环境中自适应异常检测模型CAPS（Cloud Adaptive PCA-SVM），基于OpenStack真实云平台数据，采用PCA进行数据降维，利用SVM分类器，将疑似异常提交至云安全管理员进行确认，不断对所构造的分类器进行迭代，能够对历史数据自适应检测。实验表明，所提出的CAPS具有以下优点：（1）与标准SVM相比，自适应过程和平均迭代时间花费较少，效率较高；（2）与经典的异常检测方法相比，在真实云环境中在较低的误报率下能达到较高的检测率。
운계산시통과Internet이복무적방식제공동태가신축적허의화자원적계산모식，소제공적복무기우현유표준화적망락협의，구유특정적격식급표준。연이현유기술화표준협의소존재적안전은환위비법분자창개료입침적대문。기우지지향량궤SVM화주성분분석방법PCA제출운배경중자괄응이상검측모형CAPS（Cloud Adaptive PCA-SVM），기우OpenStack진실운평태수거，채용PCA진행수거강유，이용SVM분류기，장의사이상제교지운안전관리원진행학인，불단대소구조적분류기진행질대，능구대역사수거자괄응검측。실험표명，소제출적CAPS구유이하우점：（1）여표준SVM상비，자괄응과정화평균질대시간화비교소，효솔교고；（2）여경전적이상검측방법상비，재진실운배경중재교저적오보솔하능체도교고적검측솔。
Cloud computing is a computing mode which provides dynamical and scalable resources of virtualisation by means of services through Internet.The cloud services provided are based on existing normalised networks protocols and have specific formats and criteria. However current technologies and standard protocols exist security pitfalls,which open the door of invasion for illegal attackers.This paper comes up with CAPS (cloud adaptive PCA-SVM)model based on support vector machine (SVM)and primary component analysis (PCA). According to the data on OpenStack real cloud platform,the model uses PCA for data dimensionality reduction and adopts SVM classifier to submit the suspected anomalies to cloud security operator for verification.By constant iteration of the constructed classifier it is able to make adaptive detection on historical data.Experiment shows that the proposed CAPS has following strengths:(1 )Time consumption of adaptation process and average iteration is lower than standard SVM,and the efficiency is higher.(2)Achieving higher detection rate with lower false positive rate in real cloud environment compared with classic anomaly detection methods.