Research On Defense Strategy Of Hyper-Converged System With Autonomous And Controllable Architecture

As a core architecture of a data center,hyper-converged architecture plays an important role in the development of cloud computing virtualization.The hyper-converged architecture integrates virtualized storage,network,and computing into the same system platform,which greatly reduces costs and improves scalability.At present,foreign virtualization service providers account for more than 90% of the total number of global virtualization service providers,and most of the servers used in hyper-converged systems at home and abroad are X86 architecture,and the core technology of this hardware architecture is controlled by foreigners.Therefore,it is particularly important to realize the localization of hyper-converged systems and to complete the autonomous control of the overall system from hardware to software.In the process of localization of hyper-converged systems,security issues cannot be ignored.Due to the multi-master cluster nature of the hyper-converged system cluster,any hyper-converged node in the cluster can manage the entire cluster.Therefore,preventing the hyper-converged node from being attacked by unauthorized access and protecting the network security of the hyper-converged system is the key to the defense strategy.At the same time,in the face of Distributed Denial of Service(DDoS)attacks,it is difficult for existing firewalls to ensure the normal use of the hyper-converged system.Once the DDoS attack cannot be blocked,the hyper-converged system will be overwhelmed and even collapse.It is equally important to detect and identify DDoS attacks in a timely and accurate manner,and to reduce the damage caused by DDoS attacks to hyper-converged systems.Therefore,in view of the above problems,the following research work is carried out in this paper:(1)Propose an autonomous controllable hyper-converged system scheme based on ARM64 architecture.Use domestic hyper-converged servers and operating systems of ARM64 architecture as the underlying infrastructure.A hyper-converged system using Proxmox VE and Ceph.Aiming at the problem of illegally authorized access of hyper-converged system nodes,a hyper-converged system defense strategy based on distributed firewall is proposed to prevent the hyper-converged system from being attacked by external illegal access and provide protection for nodes and virtual machines in the hyper-converged system.(2)Aiming at the DDoS defense problem of hyper-converged systems,a DDoS malicious traffic detection model based on time correlation and a response repair model based on hyper-converged nodes are proposed.Using the feature extraction method based on time correlation can perform unified preprocessing for DDoS traffic in different network locations of the hyper-converged system.DDoS malicious traffic is detected,classified and identified using the XGBoost classifier.The response repair model based on the hyper-converged node can ensure that the hyper-converged node can defend and repair when it is attacked by DDoS,and does not affect the normal operation of other nodes in the hyper-converged cluster.Finally,it is proved by experiments that the model proposed in this paper can effectively detect,identify and classify DDoS malicious traffic,and improve the detection efficiency.