Research On The Active Security Protection Technologies For Cloud Platform

In recent years,the use of cloud platform is becoming popular.The relatively centralized and professional methods of management have been applied in cloud computing system,which make it work with high availability and security.However,a large number of malicious attacks and its own complexity and large scale still make a variety of system errors occur,and this may lead to parts or all of services unavailable.So the active security protection technologies for cloud platform has become a hot research area.Based on cloud platform network security and host security,the real-time fault analysis technologies and system testing and system recovery are adopted.This thesis focuses on enhancing cloud platform availability.There are three points in our work.Firstly,in order to get the network and host operation information of cloud platform,the active security protection fault monitoring system is designed for cloud platform.Operating data on server are collected.Through analyzing information of the cloud platform network attack probability and statistics results,we optimize the data set by feature optimization algorithm based on probability and statistics and feature optimization algorithm based on the characteristics of the data type.To solve fault detection problem of cloud platform,we design fault detection algorithm based on the information density and Bayes algorithm.Constructing the data set of complete probability,we use the information entropy to represent the uncertainty of information,and define the information density to describe the distribution of information uncertainty.The algorithm is described in detail,and the time complexity of the algorithm is analyzed.We analyze the data of DOS and other attacks in the experiment.It is proved that the method can reduce data information loss,improve the detection precision and save the testing time.Secondly,in this thesis,we analyze the fault recovery technologies and the advantages and disadvantages,and design a method for the fault recovery which is based on the state metrics.We calculate the state metrics of the computer cluster.This method can set backup recovery nodes and record the correct operation before system failure.According to fault recovery strategy,the method can set the checkpoint and provide the state recovery mechanism and the recovery protocol.The method also can maintain records consistency of nodes.The correct state records of the cloud platform are stored in the system backup storage.When cloud platform failures happen,the security module find the recent recovery node in the system backup storage,and cloud platform recover from backup recovery node.Lastly,we finish the design and implementation of the active security protection system module for cloud platform.The experimental data is collected in cloud platform where the performance of every module in the system is verified.The experimental results show that this system can reduce the time of data progressing and the loss of information effectively.What's more,the accuracy is higher and false alarm rate is lower.So the system has good performance in fault detection and fault recovery.