| Since the concept of cloud computing has been proposed from the beginning of thiscentury, it has undergone rapid development in the field of IT application. More and morecompanies began renting cloud computing platform rather than paying for the basicresources. However, the rapid expansion of applications makes the cloud securitytechnologies cannot keep up with its pace, resulting in many security vulnerabilities.Compared with the ordinary network, cloud computing runs in a more complex networkcondition. Distributed architecture enables the cloud nodes operator throughout everycorner of the network, leading to great uncertainty of cloud security threats. In fact, manycloud computing deployments rely on computer clusters, forming a huge target on thenetwork which easily to be attacked. Traditional network security technologies can onlypassively take appropriate measures when attacked, but cannot initiatively to reduce cloudprobability of being attacked.Distributed honeypot technology has been used to solve this problem in this paper.Distributed honeypot in this paper has a consistent structure with the distributed cloudcomputing, can protect the security of the entire cloud computing environment moreaccurately. On the basis, three security mechanisms were given, namely: decoy mechanism,intrusion capture mechanism as well as defense and alarm mechanism. In the study of decoymechanism, first it determined the honeypot decoy target by analyzing the characteristics ofthe cloud, and then determined the structure of the honeypot decoy model by analyzing thebehavior of hackers, finally, given four kinds of decoy strategies: open feature ports, setweak passwords, simulate cloud services and simulate file system. In the intrusion capturemechanism, the methods for collecting the data of host and network communication werepresented in the paper, and the data analysis methods were proposed by taking advantage ofthe self-rule base. As to defense and alarm mechanism, contrary to the three type intrusions,three defensive strategies: prevent type, transfer type and modify type were proposed, andtwo alarm modes: own alarm and cluster alarm were proposed, to alarm the distributionhoneypot cluster of the cloud.From the design of a distributed architecture to the presentation of three securitymechanisms, the paper completed the protection of the cloud through the distributedhoneypots comprehensively, reduced the probability of the cloud been attack to a certain extent, and mastered the intruders’ intrusion methods of the cloud by the cloud honeypot,provided a reference basis for further improvement of cloud security technology. |
PDF Full Text Request