CAJ | 학술논문

云计算由于通过因特网提供公共资源般的计算存储服务，而使之暴露于各种网络入侵威胁中。搭建安全云架构以提高云服务的安全性是云安全的首要任务。入侵检测是一种被动防御技术，擅长实时识别已知攻击模式，对未知异常行为的误判率较高。蜜罐是一种主动防御技术，它通过提供虚假信息、系统或网络环境，诱使攻击方实施攻击，从而了解攻击行为并做出相应处理，有利于发现新攻击手段及态势。将入侵检测和蜜罐技术融合到云架构Eucalyptus的方案，可使云端更加安全可靠。
운계산유우통과인특망제공공공자원반적계산존저복무，이사지폭로우각충망락입침위협중。탑건안전운가구이제고운복무적안전성시운안전적수요임무。입침검측시일충피동방어기술，천장실시식별이지공격모식，대미지이상행위적오판솔교고。밀관시일충주동방어기술，타통과제공허가신식、계통혹망락배경，유사공격방실시공격，종이료해공격행위병주출상응처리，유리우발현신공격수단급태세。장입침검측화밀관기술융합도운가구Eucalyptus적방안，가사운단경가안전가고。
Cloud computing services are provided through the Internet, resulting in the exposure to various security threats risk. Secure cloud infrastructure is the primary task for improvement on cloud security. Intrusion detection is a kind of passive defense technology, which is good at real-time recognition of known attack patterns, but it’s not skillful in detecting unknown attack patterns. Honeypot is a kind of active defense technology, which provides fake information, system or network environment, alluring the attackers to conduct attacks, then analysis of attack patterns and appropriate reactions could be performed. This paper introduces a scheme for incorporating intrusion detection and honeypot technologies into cloud infrastructure Eucalyptus, which augments the cloud service security and reliability.