| 私有云平台上的虚拟机进程安全检测 |
| |
| 引用本文: | 曹立铭,赵逢禹. 私有云平台上的虚拟机进程安全检测[J]. 计算机应用研究, 2013, 30(5): 1495-1499 |
| |
| 作者姓名: | 曹立铭 赵逢禹 |
| |
| 作者单位: | 上海理工大学 光电信息与计算机工程学院, 上海 200090 |
| |
| 基金项目: | 国家自然科学基金委员会与中国民用航空局联合资助项目(60979011) |
| |
| 摘 要: | 针对网络防火墙在私有云平台安全防护上的单调与缺陷, 提出了一种基于进程资源监控的安全监测方法(PAMon)。首先利用虚拟机监控器获取平台上虚拟机的物理资源信息; 然后通过映射表重构进程资源信息; 再对重构的进程信息从关键进程、进程隐藏和进程占用资源异常三方面分析恶意进程; 最后对分析出的恶意进程进行了适当的处理。实验结果表明, PAMon不仅可以有效地检测出恶意程序, 而且反馈给防火墙的信息可以进一步增强网络防火墙的防御能力。
|
| 关 键 词: | 私有云安全 安全监测 进程资源 虚拟机 |
Security detection of virtual machine process in private cloud platform |
| |
| CAO Li-ming,ZHAO Feng-yu. Security detection of virtual machine process in private cloud platform[J]. Application Research of Computers, 2013, 30(5): 1495-1499 |
| |
| Authors: | CAO Li-ming ZHAO Feng-yu |
| |
| Affiliation: | School of Optical-Electrical & Computer Engineering, University of Shanghai for Science & Technology, Shanghai 200090, China |
| |
| Abstract: | In terms of the network firewall monotone and defects on the security of the private cloud platform, this paper proposed a method (process analysis monitor, PAMon) based on process resource monitoring. Firstly, the virtual machine monitored the physical resources of the virtual machine platform information. Secondly, it reconstructed process resource information through the mapping table. Thirdly, it identified malicious processes by analysis of the key executing processes, hidden ones and those abnormally occupied with resources. Finally, it disposed the identified malicious processes properly. Experiment shows that PAMon can not only detect malicious programs effectively, but also enhance the defense capacity of network firewall by submitting malicious process information to it. |
| |
| Keywords: | private cloud security security monitoring process resource virtual machine |
|
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
|
