| With the information technology evolvement, Security issues of Data Center are essential for the Internet security. Effective identification and mitigation of Botnet has become key point for the Data Center security in term of both revenue and reputation. With the evolution of Botnet, accuracy of the legacy Honey net-based and signature-based Botnet prevention mechanisms drop down, the IDC security operation services confronted with more and more false-negative and false-positives impacts. By combining global advantages of private cloud Honey net and Internet threat distribution, cloud security approach is applied to the IDC environment. With the threat coverage and accuracy strength, cloud security mechanism significantly enhances the Botnet detection accuracy for Beijing Telecomm Datacenter.Firstly, status of Botnet prevention for Beijing Telecomm Datacenter is discussed, questions and difficulties confronted are given out, and then the Botnet detection requirement is further analyzed. At the basis of detection requirement, the Cloud Security Botnet architecture is raised, which comprise of threats distribution and private cloud Honey net information analysis, cloud reputation system analysis, and Botnet judgment optimization mechanisms. Secondly, private cloud Honey net information is used to determine Botnet controllers. Thirdly, potential Botnet database are shaped based on Internet threats distribution statistics and cloud security system, then the database used to match the captured live data, so as to locate Botnet communications. Fourthly, Botnet identification accuracy is enhanced by continuous optimization mechanisms. Botnet detection analysis and database optimization are discussed as key points. At last, Botnet detection application in Beijing Telecomm Datacenter is summarized. |
PDF Full Text Request