Research On Network Security Situation Awareness Technology In Cloud Computing Environment

The Internet as a basic component of cloud computing,the continuous development of infrastructure and the continuous emergence of new applications make the network scale expand.Because of its openness and heterogeneity,the topology structure is becoming more and more complex,and the difficulty of network security management is increasing.Due to the large number of user data stored in cloud network,attacks and disruptive behaviors against cloud networks are becoming more and more common,and gradually appear the characteristics of organization strictness,behavior seeking and direct targeting.However,because the traditional means of safety protection only focus on the local information of network threats,the source of data is single,and the independent working mechanism can not detect the threat behavior and its inherent relationship comprehensively,timely and accurately.In addition,the traditional network security protection lacks the ability to identify the security risks in the virtualization environment,which leads to the traditional network security protection measures are difficult to solve the security problems in the cloud network environment.Network security situational awareness can acquire,understand,display and predict the future development trend of the security elements that cause the change of network security situation.It is a means for quantitative analysis of network security.In this paper,the network security situational awareness technology is applied to the cloud network,and the research of network security situation awareness in the cloud network environment is carried out.This paper describes the network security situation awareness research background and research significance.Starting from the current security problems of cloud network,this paper introduces the shortcomings of traditional security technology,leads to network security situational awareness technology,summarizes the research status at home and abroad,and introduces several typical network security situational awareness models.In view of the large number of virtual machines in cloud network and the fact that there is a lot of redundancy and inconsistency among data collected by various security devices,this paper propose a cloud network security situation assessment method based on rough set and D-S evidence theory.The method combines the rough set theory with the D-S evidence theory.First,according to the dependence between network attacks decompose the cloud network risk system,and then use the reduction algorithm on system reduction attack based on threat degree.Finally,according to the rule of evidence combination,we synthesize the security risk values of the virtual machine layer and physical machine layer in each subsystem,and get the security situation value of cloud network.This method can effectively evaluate the security situation of the cloud network through the calculation of the example.In this paper,combined with the threat of attack spread cloud physical machine and virtual machine nodes in the network node,by modeling the evolution of cloud network risk,the probability of PS_dynamic decision model based on rough set for the assessment of the security situation of each node in the network through the cloud,each node is suffering from attacks and the security state of next time,analysis and evaluation of each node is safe,risk danger or risk.Then,according to the high risk of nodes in the network cloud,build a cloud based network risk defense model extended open Petri network,then gives a method to develop the optimal defense strategy of cloud network,and proposes a maximum utility single point local defense strategy and single point global defense strategy.13 figures,24 tables,74 references.