Research And Implementation Of Cloud Host Feedback Control Method Based On Mimic Defense Mechanism

With the popularity of cloud computing,more and more applications migrate and deploy to the cloud to run.Multiple virtual machines use virtualization technology to share and call the underlying resources to realize the elastic management of resources.At the same time,it also introduces risks,such as the vulnerability of the platform where the virtual machine is located and the attack by malicious attackers,which will cause the data of the virtual machine to be snooped or stolen.The current research ideas of virtual machine mainly focus on the security design of virtual machine system: first,apply the existing security mechanism to virtual machine to improve the security protection ability of virtual machine system;The second is to use multi virtual machine architecture to improve the security of virtual machine system.The existing security mechanism reinforcement technology is mature,and has good effect in dealing with external attacks,but it is difficult to solve the problems of common mode vulnerability and backdoor attack based on virtual machine itself.Multi virtual machine architecture improves the security of virtual machine through distributed deployment or fault tolerance mechanism.But at present,the system based on multi virtual machine architecture mainly adopts the idea of "isomorphism".Common mode vulnerability may exist among multiple virtual machines,which can provide attackers with convenient attack in static condition.Based on the project research,aiming at the static,isomorphic and other security problems of the existing virtual machines in the cloud,this paper designs a mimic cloud host feedback control system architecture by using the advantages of redundancy,heterogeneity and dynamic of the mimic defense mechanism,which makes the virtual machine have endogenous security characteristics,so as to improve the security of the virtual machine.The main work is as follows:1.Aiming at the security problems caused by static and isomorphic of virtual machine in cloud environment,a mimic cloud host feedback control architecture based on mimic defense mechanism is proposed.This method first uses the mimic defense mechanism to construct the mimic cloud host,and designs a feedback control architecture to realize the real-time monitoring and dynamic rotation operation of the mimic cloud host;in order to ensure the security of the mimic cloud host,the heterogeneous image library is constructed by using the differences of different system vulnerabilities;and the dynamic rotation algorithm based on the feedback control makes it rotate the virtual machine in a specific way to prevent attacks It is difficult for attackers to obtain information about virtual machines,which reduces the success rate of attackers using common mode vulnerabilities.The experimental results show that the design can effectively solve the attack threat caused by the backdoor based on the system vulnerabilities by establishing the isomerization multi virtual machine operation mechanism,and greatly improve the security of cloud users renting virtual machines.2.To solve the problem of whether the virtual machine set system fails before and after scheduling and the overhead caused by scheduling,a negative feedback dynamic perception scheduling algorithm based on decision information is proposed.Firstly,the heterogeneous virtual machine system is constructed by using the vulnerability difference among different components in the system,and its heterogeneity is quantified;secondly,the historical record information of virtual machine set is constructed,and monitored by feedback controller module to form a scheduling strategy with perceptual ability;finally,the negative feedback dynamic perception module algorithm is used to schedule among heterogeneous virtual machines.Experimental results show that the proposed scheduling strategy can keep the failure rate and scheduling cost of the mimic cloud host feedback control system at a low level for a long time.After scheduling,the heterogeneity of virtual machine combination is improved by 36.46%,and the security is improved by 61.9%.3.Based on the above research,the principle verification of the feedback control system of mimic cloud host is realized.Firstly,the feedback control system of mimic cloud host is designed based on cloud platform;Then,the mimic state layer and mimic feedback control protocol are designed on the cloud resource management system.The feedback controller,dispatcher and system interface are designed on the mimic cloud host control system,which realizes the function of feedback control and scheduling;Finally,the usability and security of the system are tested and verified.The experimental results show that the system can deal with the single point fault of virtual machine,improve the fault tolerance and intrusion tolerance of virtual machine under malicious user attack,and provide safe and reliable service for cloud users.