[1]徐小龙,熊婧夷,程春玲.基于云端计算架构的恶意代码联合防御机制[J].东南大学学报(自然科学版),2011,41(2):220-226.[doi:10.3969/j.issn.1001-0505.2011.02.002]
 Xu Xiaolong,Xiong Jingyi,Cheng Chunling.Joint defense mechanism of malicious code based on cloud and client computing architecture[J].Journal of Southeast University (Natural Science Edition),2011,41(2):220-226.[doi:10.3969/j.issn.1001-0505.2011.02.002]
点击复制

基于云端计算架构的恶意代码联合防御机制()
分享到:

《东南大学学报(自然科学版)》[ISSN:1001-0505/CN:32-1178/N]

卷:
41
期数:
2011年第2期
页码:
220-226
栏目:
计算机科学与工程
出版日期:
2011-03-20

文章信息/Info

Title:
Joint defense mechanism of malicious code based on cloud and client computing architecture
作者:
徐小龙熊婧夷程春玲
(南京邮电大学计算机学院, 南京 210003)
Author(s):
Xu XiaolongXiong JingyiCheng Chunling
(College of Computer, Nanjing University of Posts and Telecommunications, Nanjing 210003, China)
关键词:
云计算恶意代码反病毒联合防御
Keywords:
cloud computing malicious code anti-virus joint defense
分类号:
TP393
DOI:
10.3969/j.issn.1001-0505.2011.02.002
摘要:
为了解决恶意代码防御软件存在的滞后性问题,提出一种可普遍适用于互联网和内联网的基于云端计算架构的恶意代码联合防御机制.首先将传统的云计算拓展成新型云端计算,发挥云端计算环境中的集群服务器端和用户终端各自的优势以及两者的联动作用,有效地利用云端计算环境中的服务器集群集成多种恶意代码防御引擎,同时联合海量用户终端节点来主动提供恶意代码报告,使得整个网络系统能及时、有效地抵御恶意代码的攻击.具体给出了基于云端计算架构的恶意代码联合防御机制的体系架构和工作流程.为了进一步提高系统的工作性能,还提出了一种基于节点信誉的恶意代码报告评价与排序算法,从而使系统能够及时处理最有价值的恶意代码报告.通过仿真实验和性能分析对算法性能和系统的恶意代码防御能力以及服务器端负载与网络开销进行分析.实验与分析结果表明基于云端计算架构的恶意代码联合防御机制可以较小的系统代价高效地防御层出不穷的各类恶意代码.
Abstract:
In order to solve a series of deficiencies in current anti-virus software, such as lagging behind the production of malicious codes, a new joint defense mechanism of malicious code based on the cloud & client computing architecture is proposed, which is suitable for both the Internet and the Intranet computing environment. Firstly, the traditional cloud computing is expanded into the cloud & client computing. The server-side cluster and user-side terminals are both facilitated playing their respective advantages and utilizing the linkage between each other. A variety of malicious code defense engines are integrated in the server-side cluster. The large-scale terminal nodes are responsible for providing reports of malicious code, making the network and every node effectively protected against malicious code attacks in time. The architecture and workflow of the cloud-&-client-based joint defense mechanism of malicious code is described in detail. In order to improve system performance further, the evaluation and sorting algorithm of malicious code report is also presented, with which the most valuable reports can be processed by the system in time. Simulation experiments and system performance analysis were implemented to test the efficiency of algorithm, the malicious code defending ability of the system, the load of servers and the traffic of networks. The results show that the mechanism can effectively resist endless malicious codes of all kinds with low costs.

参考文献/References:

[1] Xu X L,Wang R C,Xiao F.Malicious code passive propagation model and vaccine distribution model of P2P networks[J].Journal of Systems Engineering and Electronics, 2010,21(1):161-167.
[2] Pistolpete.杀毒软件[EB/OL].(2010-06-06)[2010-08-12].http://baike.baidu.com/view/33433.htm.
[3] Shevchenko A.The evolution of technologies used to detect malicious code [EB/OL].(2007-11-07)[2010-05-07].http://www.kaspersky.com.
[4] Kolter J,Maloof M.Learning to detect and classify malicious executables in the wild [J].Journal of Machine Learning Research,2006,7(12):2721-2744.
[5] 张小康.基于数据挖掘和机器学习的恶意代码检测技术研究[D].合肥:中国科学技术大学自动化学院,2009.
[6] 周瑞丽.基于专家系统的恶意代码检测[D].合肥:中国科学技术大学信息科学技术学院,2009.
[7] 陈康,郑纬民.云计算:系统实例与研究现状[J].软件学报,2009,20(5):1337-1348.
  Chen Kang,Zheng Weimin.Cloud computing:system instances and current research[J].Journal of Software,2009,20(5):1337-1348.(in Chinese)
[8] 安安百科.云安全[EB/OL].(2009-12-20)[2010-07-28].http:/www.hudong.com/wiki/云安全.
[9] Kondakci S.Epidemic state analysis of computers under malware attacks[J].Simulation Modelling Practice and Theory,2008,16(5):571-584.
[10] Rohloff K,Baar T.Deterministic and stochastic models for the detection of random constant scanning worms[J].ACM Transactions on Modeling and Computer Simulation:Association for Computing Machinery,2008,18(2):1-24.

相似文献/References:

[1]周振吉,吴礼发,洪征,等.云计算环境下的虚拟机可信度量模型[J].东南大学学报(自然科学版),2014,44(1):45.[doi:10.3969/j.issn.1001-0505.2014.01.009]
 Zhou Zhenji,Wu Lifa,Hong Zheng,et al.Trustworthiness measurement model of virtual machine for cloud computing[J].Journal of Southeast University (Natural Science Edition),2014,44(2):45.[doi:10.3969/j.issn.1001-0505.2014.01.009]
[2]周振吉,吴礼发,洪征,等.云计算环境下基于信任的虚拟机可信证明模型[J].东南大学学报(自然科学版),2015,45(1):31.[doi:10.3969/j.issn.1001-0505.2015.01.006]
 Zhou Zhenji,Wu Lifa,Hong Zheng,et al.Trust based trustworthiness attestation model of virtual machines for cloud computing[J].Journal of Southeast University (Natural Science Edition),2015,45(2):31.[doi:10.3969/j.issn.1001-0505.2015.01.006]
[3]王旭阳,胡爱群,方昊.基于LWE的单层同态云计算方案[J].东南大学学报(自然科学版),2016,46(5):945.[doi:10.3969/j.issn.1001-0505.2016.05.008]
 Wang Xuyang,Hu Aiqun,Fang Hao.Single-layer homographic cloud computing scheme based on LWE[J].Journal of Southeast University (Natural Science Edition),2016,46(2):945.[doi:10.3969/j.issn.1001-0505.2016.05.008]

备注/Memo

备注/Memo:
作者简介:徐小龙(1977—),男,博士,副教授,xuxl@njupt.edu.cn.
基金项目:江苏省科技支撑计划资助项目(BE2009158)、江苏省普通高校自然科学研究资助项目(09KJB520010,08KJB620002)、高等学校博士学科点专项科研基金资助项目(20093223120001)、教育部科技发展中心网络时代的科技论文快速共享专项研究资助项目(2009117)、国家重点基础研究发展计划(973计划)资助项目(2011CB302903).
引文格式: 徐小龙,熊婧夷,程春玲.基于云端计算架构的恶意代码联合防御机制[J].东南大学学报:自然科学版,2011,41(2):220-226.[doi:10.3969/j.issn.1001-0505.2011.02.002]
更新日期/Last Update: 2011-03-20