Research On Multilayer Security Audit Based On Attack Graph In Cloud Comuting

With the rapid development of Internet technology, network security issuesexposed, security issues are also the most critical issues facing the development ofcloud computing, cloud computing with virtual features, user data can be stored in theworld any one location on how to ensure security and privacy protection of user datawill be very big challenge facing the development of cloud computing. Traditionalsingle security and defense technology is not capable of large-scale cloud computingnetwork. The security audit alarm security threats before reaction network from thenetwork overall security situation and found that the relationship between the fragilenodes in the network, as well as the fragile node administrator to take appropriatemeasures in accordance with. The aftermath of the security threat attack graph alertcorrelation, and further attack scene reconstruction, identify the intention to attack, topredict network attacks, to find the most vulnerable to attack vulnerable nodes, andthen to take protective measures.Security audit is an important line of defense to ensure the security of thenetwork, there are a variety of methods used in security auditing technology, but inthe practical application of the process has also exposed many problems, such as lowaccuracy, slow, poor adaptive. According to the current security auditing technologyas well as research on a variety of network security defense technologies in a cloudcomputing environment attack graph-based multi-layer security audit approach, whichis a new security audit approach, from the attacker’s perspective Consolidated analysisof cloud computing in a variety of network configuration and vulnerabilityinformation, enumerate all possible attack paths, thus an intuitive understanding of thenetwork, the relationship between individual vulnerability and the resulting potentialthreat. In this thesis, the main research content:(1) study the safety audit methods currently used to analyze the characteristics ofthe category of security audit methods and security auditing technology, and pointedout its shortcomings pointed out. Raised from the attacker’s point of view, combinedwith cloud computing network environment, the safety analysis, the use ofmulti-layered security audit analysis method based on attack graph.(2) design based on the the attack mode breadth search attack graph generationalgorithm, as well as modeling the information based on the concept of attack graphsand host vulnerability scanning characteristics of the attack graph, and prove the feasibility of this algorithm as well as the performance analysis.(3) design of the Markov chain characteristics attack graphs attack graphanalysis methods based on Markov chain characteristics and improved, more conciseanalysis and research; queue storage of an attack graph alert correlation analysis, thisthe attack graph form of a unit queue is stored in the memory which, associationanalysis alarm correlation analysis method is carried out in memory, by the backwardpointer of the alarm can be easily associated and omission processing, and using theforward pointer you can predict the alarm.(4) set up a network environment, and then to identify host characteristics,followed by multi-layered security audit system based on attack graphs generatedattack graph generated attack graph of network security analysis, validation of theanalysis method correctness.