[1]张海辉,张勇,欧争光.基于任务驱动的云计算平台漏洞扫描系统[J].深圳大学学报理工版,2014,31(1):71-76.[doi:10.3724/SP.J.1249.2014.01071]
 Zhang Haihui,Zhang Yong,and Ou Zhengguang.Vulnerability scanning system for cloud computing platform based on task driven[J].Journal of Shenzhen University Science and Engineering,2014,31(1):71-76.[doi:10.3724/SP.J.1249.2014.01071]
点击复制

基于任务驱动的云计算平台漏洞扫描系统()
分享到:

《深圳大学学报理工版》[ISSN:1000-2618/CN:44-1401/N]

卷:
第31卷
期数:
2014年第1期
页码:
71-76
栏目:
电子与信息科学
出版日期:
2014-01-14

文章信息/Info

Title:
Vulnerability scanning system for cloud computing platform based on task driven
文章编号:
20140110
作者:
张海辉张勇欧争光
深圳大学ATR国防科技重点实验室,深圳 518060
Author(s):
Zhang Haihui Zhang Yong and Ou Zhengguang
ATR National Defense Science and Technology Key Lab, Shenzhen University, Shenzhen 518060, P.R.China
关键词:
信息安全云计算漏洞扫描任务驱动多代理负载均衡
Keywords:
information security cloud computing vulnerability scanning task driven multi-agent load balance
分类号:
TP 319
DOI:
10.3724/SP.J.1249.2014.01071
文献标志码:
A
摘要:
针对基础设施即服务云计算平台多目标虚拟机的漏洞扫描问题,设计一个多代理分布式漏洞扫描系统,提出一种分布式漏洞扫描任务分配算法.所设计的系统包括控制中心模块和检测代理模块,控制中心控制检测代理运行及分配扫描任务,检测代理实施漏洞扫描任务并返回扫描结果.提出的任务分配算法主要是根据待分配任务及检测代理负载信息分配扫描任务.采用OpenStack搭建了单节点云计算平台进行漏洞扫描模拟实验.实验结果表明,该算法可行、有效,并降低了多目标虚拟机的漏洞扫描耗时.
Abstract:
A multi-agent distributed vulnerability scanning system is proposed for vulnerability scanning on an IaaS (infrastructure as a service) cloud computing platform. The system contains two modules of control center and multiple agents of scanning. The state of the agents, the assignment of task and the return of scanning results are determined by the control center. In the proposed task-assigning algorithm, the scanning tasks are assigned based on the the tasks to be allocated and the loading information on the agents. The single point IaaS cloud platform is implemented with OpenStack. The experiment results demonstrate that the proposed system is feasible and effective. The time required for vulnerability scanning in multi-virtual machines is also reduced.

参考文献/References:

[1] Armbrust M, Fox A, Griffith R, et al. Above the clouds: a berkeley view of cloud computing [EB/OL]. [2013-05-10]. http://www.eecs.berkeley.edu/Pubs/TechRpts/2009/EECS-2009-28.html.
[2] Amazon. Amazon elastic compute cloud (Amazon EC2)[EB/OL].[2013-06-10]. http://aws.amazon.com/ec2.
[3] Microsoft. Azure services platform[EB/OL].[2013-06-10]. http://www.microsoft.com/azure/default.mspx.
[4] Google. Google app engine[EB/OL].[2013-06-10]. http://code.google.com/appengine/.
[5] Valleytalk. Investigation on the development of public cloud service in China(2012)[EB/OL].[2013-05-06]. http://www.valleytalk.org/2013/05/05/.(in Chinese)
弯曲评论. 中国公共云服务发展调查报告(2012)[EB/OL].[2013-05-06]. http://www.valleytalk.org/2013/05/05/.
[6] Archie R, Chris R, Paul S. Security guidance for critical areas of focus in cloud computing [EB/OL].[2012-10-11]. http: //cloudsecurityalliance.org/research/security-guidance/.
[7] Feng Dengguo, Zhang Min, Zhang Yan, et al. Study on cloud computing security[J]. Journal of Software, 2010,22(1):71-83.(in Chinese)
冯登国,张敏,张妍,等. 云计算安全研究[J]. 软件学报,2010,22(1):71-83.
[8] Fang Jing, Wu Hao, Bai Songlin. Virtualization security issues in cloud computing[J]. Telecommunications Science, 2012, 4:135-140.(in Chinese)
房晶,吴昊,白松林. 云计算的虚拟化安全问题[J]. 电信科学, 2012, 4:135-140.
[9] Yi Tao. Study on security technology of cloud computing virtualization[J]. Information Security and Communications Privacy, 2012(5):63-65.(in Chinese)
易涛. 云计算虚拟化安全技术研究[J]. 信息安全与通信保密, 2012(5):63-65.
[10] Mika D A. Cloud Vulnerability Assessment[D]. Massachusetts(USA): Worcester Polytechnic Institute, 2012.
[11] Wei Jinpeng, Zhang Xiaolan, Ammons G. Managing security of virtual machine images in a cloud environment[C]// CCSW ‘09 Proceedings of the 2009 ACM Workshop on Cloud Computing Security. New York(USA): ACM, 2009: 91-96.
[12] Wang Yulong, Shen Jiakun. CloudProxy: a NAPT proxy for vulnerability scanners based on cloud computing[J]. Journal of Networks, 2013, 8(3):607-615.
[13] Schwarzkopf R, Schmidt M, Strack C, et al. Increasing virtual machine security in cloud environments[J]. Journal of Cloud Computing: Advances, Systems and Applications, 2012, 1(1):1-12.
[14] Zhang Guangyuan, Zheng Xiaopeng. Vulnerability scanning and host information security[J]. Modern Information, 2007, 8: 221-223.(in Chinese)
张光远,郑骁鹏. 漏洞扫描与主机信息资源安全[J]. 现代情报, 2007,8:221-223.
[15] Liu Pin, Tang Chaojing, Zhang Senqiang. Analysis for the classification scanner method of network vulnerability[J]. Information and Electronic Engineering, 2004, 2(4): 318-320.(in Chinese)
刘嫔,唐朝京,张森强. 基于网络的安全漏洞分类和扫描分析[J]. 信息与电子工程, 2004, 2(4):318-320.
[16] China Telecom Lab of Network Security. Technology and Application of Cloud Computing Security[M]. Beijing: Publishing House of Electronics Industry, 2012.
中国电信网络安全实验室. 云计算安全技术与应用[M]. 北京:电子工业出版社,2012.
[17] Zhan Zi’ao, Tian Zhengjun. Design of network vulnerability scanning distributed system[J]. Microcomputer Information, 2009, 25(33): 82-89.(in Chinese)
詹自熬,田正军. 一种分布式网络漏洞扫描系统的设计[J]. 微计算机信息, 2009, 25(33): 82-89.
[18] OpenStack. OpenStack[EB/OL].[2012-10-10]. http://www.openstack.org/.

相似文献/References:

[1]张席,陈泯融,杨玲.基于身份多接收者签密方案的安全性分析[J].深圳大学学报理工版,2010,27(4):408.
 ZHANG Xi,CHEN Min-rong,and YANG Ling.Cryptanalysis of an identity-based multi-recipient signcryption scheme[J].Journal of Shenzhen University Science and Engineering,2010,27(1):408.
[2]陈国良,蔡晔,罗秋明.国产个人高性能计算机系统研制[J].深圳大学学报理工版,2011,28(No.6(471-564)):471.
 CHEN Guo-liang,CAI Ye,and LUO Qiu-ming.The China made personal high performance computing system[J].Journal of Shenzhen University Science and Engineering,2011,28(1):471.
[3]吕智涵,钟晨,冯良炳,等.用于普适WebGIS多尺度覆盖景观地图的高速索引[J].深圳大学学报理工版,2013,30(No.5(441-550)):480.[doi:10.3724/SP.J.1249.2013.05480]
 Lyu Zhihan,Zhong Chen,Feng Liangbing,et al.A high-speed index for the multi-scale overlay landscape map on ubiquitous WebGIS[J].Journal of Shenzhen University Science and Engineering,2013,30(1):480.[doi:10.3724/SP.J.1249.2013.05480]
[4]陈国良,毛睿,蔡晔.高性能计算及其相关新兴技术[J].深圳大学学报理工版,2015,32(1):25.[doi:10.3724/SP.J.1249.2015.01025]
 Chen Guoliang,Mao Rui,and Cai Ye.High performance computing and related new technologies[J].Journal of Shenzhen University Science and Engineering,2015,32(1):25.[doi:10.3724/SP.J.1249.2015.01025]
[5]张凡,张巍.基于SNMP分层式网络监控印证系统的研究[J].深圳大学学报理工版,2005,22(1):46.
 ZHANG Fan and ZHANG Wei.Research and implementation of hierarchical network monitoring and confirming system based on SNMP[J].Journal of Shenzhen University Science and Engineering,2005,22(1):46.
[6]张妍琰,姚远,张娜.一种基于简谐振动的云资源分配方法[J].深圳大学学报理工版,2017,34(6):591.[doi:10.3724/SP.J.1249.2017.06591]
 Zhang Yanyan,Yao Yuan,and Zhang Na.Harmonic vibration based resource allocation model in cloud environments[J].Journal of Shenzhen University Science and Engineering,2017,34(1):591.[doi:10.3724/SP.J.1249.2017.06591]

备注/Memo

备注/Memo:
Received:2013-11-29;Accepted:2013-12-17
Foundation:National Science & Technology Pillar Program(2011BAH20B02); Special Fund on Strategic New Industry Development of Shenzhen (ZDSY20120612094312435)
Corresponding author:Professor Zhang Yong. E-mail: yzhang@szu.edu.cn
Citation:Zhang Haihui, Zhang Yong, Ou Zhengguang. Vulnerability scanning system for cloud computing platform based on task driven[J]. Journal of Shenzhen University Science and Engineering, 2014, 31(1): 71-76.(in Chinese)
基金项目:国家科技支撑计划资助项目(2011BAH20B02); 深圳市战略性新兴产业发展专项基金资助项目(ZDSY20120612094312435)
作者简介:张海辉(1988-),男(汉族),广东省韶关市人,深圳大学硕士研究生. E-mail: 790590335@qq.com
引文:张海辉,张勇,欧争光. 基于任务驱动的云计算平台漏洞扫描系统[J]. 深圳大学学报理工版,2014,31(1):71-76.
更新日期/Last Update: 2014-01-08