Chinese Journal of Network and Information Security ›› 2021, Vol. 7 ›› Issue (3): 95-104.doi: 10.11959/j.issn.2096-109x.2021063
• TopicⅡ: SDN and cloud computing security • Previous Articles Next Articles
Wei ZENG, Hongchao HU, Lingshu LI, Shumin HUO
Revised:
2021-04-23
Online:
2021-06-15
Published:
2021-06-01
Supported by:
Wei ZENG, Hongchao HU, Lingshu LI, Shumin HUO. Dynamic heterogeneous scheduling method based on Stackelberg game model in container cloud[J]. Chinese Journal of Network and Information Security, 2021, 7(3): 95-104.
[1] | JITHIN R , CHANDRAN P . Virtual machine isolation[C]// International Conference on Security in Computer Networks and Distributed Systems. 2014. |
[2] | JIN H , LI Z , ZOU D ,et al. DSEOM:a framework for dynamic security evaluation and optimization of MTD in container-based cloud[J]. IEEE Transactions on Dependable and Secure Computing, 2019,(99): 1-1. |
[3] | CHOWDHARY A , . Adaptive MTD security using Markov game modeling[C]// 2019 International Conference on Computing,Networking and Communications (ICNC). 2019: 577-581. |
[4] | WANG J W , ZHANG X L , LI Q ,et al. Network function virtualization technology:a survey[J]. Chinese Journal of Computers, 2019,42(2): 415-436. |
[5] | LI S Y , LI Q , LI B . Research on isolation of container based on docker technology[J]. Computer engineering & Software, 2015,(4): 110-113. |
[6] | ABDELRAHEM O , BAHAA-ELDIN A M , TAHA A . Virtualization security:a survey[C]// International Conference on Computer Engineering & Systems. 2016: 32-40. |
[7] | ZHENG Z . Virtual machine security isolation and protection based on cloud platform[J]. China Computer & Communication, 2018,417(23): 174-177. |
[8] | AZAB M , . Toward smart moving target defense for Linux container resiliency[C]// 2016 IEEE 41st Conference on Local Computer Networks (LCN). 2016: 619-622. |
[9] | HUANG R , . RELOCATE:a container based moving target defense approach[C]// Proceedings of The 7th International Conference on Computer Engineering and Networks — PoS(CENet2017). 2017:8. |
[10] | SARKALE V V , RAD P , LEE W . Secure cloud container:runtime behavior monitoring using most privileged container (MPC)[C]// IEEE International Conference on Cyber Security &Cloud Computing. 2017: 351-356. |
[11] | 杨爽 . 基于改进遗传算法的动态虚拟机调度策略研究[D]. 哈尔滨:哈尔滨工程大学, 2019. |
YANG S . Research on dynamic virtual machine scheduling strategy based on improved genetic algorithm[D]. Harbin:Harbin Engineering University, 2019. | |
[12] | TONG K , LIMING W , ZHEN X ,et al. Design of a container-based security cloud computing platform[J]. e-Science Technology & Application, 2017,8(1): 10-18. |
[13] | 蔡雨彤, 常晓林, 石禹 ,等. 动态平台技术防御攻击的瞬态效能量化分析[J]. 信息安全学报, 2019,(4): 59-67. |
CAI Y T , CHANG X L , SHI Y ,et al. Quantitative analysis of transient effectiveness of dynamic platform technology in defense against attacks[J]. Journal of Information Security, 2019,(4): 59-67. | |
[14] | ZHANG Y . Cost-effective migration-based dynamic platform defense technique:a CTMDP approach[J]. Peer-to-Peer Networking and Applications, 2021: 1-11. |
[15] | SOUROUR D , . Platform moving target defense strategy based on trusted dynamic logical heterogeneity system[C]// Proceedings of the 2019 International Conference on Artificial Intelligence 1and Computer Science. 2019: 643-648. |
[16] | CAI Z Y , XIE X L . An improved container cloud resource scheduling strategy[C]// Proceedings of the 2019 4th International Conference on Intelligent Information Processing. 2019: 383-387. |
[17] | XIAO Z , JIANG J , ZHU Y ,et al. A solution of dynamic VMs placement problem for energy consumption optimization based on evolutionary game theory[J]. Journal of Systems & Software, 2015,101(3): 260-272. |
[18] | HASAN M G M M , RAHMAN M A . Protection by detection:a signaling game approach to mitigate co-resident attacks in cloud[C]// Proc IEEE 10th Int Conf Cloud Comput (CLOUD), 2017: 552-559. |
[19] | LEI C , ZHANG H Q , WAN L M ,et al. Incomplete information Markov game theoretic approach to strategy generation for moving target defense[J]. Computer Communications, 2018,116(1): 184-199. |
[20] | 季新生, 徐水灵, 刘文彦 ,等. 一种面向安全的虚拟网络功能动态异构调度方法[J]. 电子与信息学报, 2019,41(10). |
JI X S , XU S L , LIU W Y ,et al. A security-oriented dynamic heterogeneous scheduling method of virtual network functions[J]. Journal of Electronics & Information Technology, 2019,41(10). | |
[21] | HAN Y , CHAN J , ALPCAN T ,et al. Using virtual machine allocation policies to defend against co-resident attacks in cloud computing[J]. IEEE Transactions on Dependable & Secure Computing, 2017,14(1): 95-108. |
[22] | ALNAIM A , ALWAKEEL A , FERNANDEZ E B . A misuse pattern for compromising VMs via virtual machine escape in NFV[C]// The 14th International Conference. 2019: 1-6. |
[23] | WU J . An access control model for preventing virtual machine escape attack[J]. Future Internet, 2017,9(2): 20. |
[24] | 王禛鹏 . 拟态网络操作系统调度与裁决机制研究及实现[D]. 郑州:信息工程大学, 2017. |
WANG Z P . Research and implementation of mimic network operating system scheduling and adjudication mechanism[D]. Zhengzhou:Information Engineering University, 2017. | |
[25] | WU M GUAN H , ZANG B ,et al. POSTER:quantitative security assessment method based on entropy for moving target defense[J]. ACM SIGPLAN Notices, 2017,52(8): 457-458. |
[26] | GARCIA M . Analysis of operating system diversity for intrusion tolerance[J]. Software-Practice and Experience, 2014,44(6): 735-770. |
[27] | 张杰鑫, 庞建民, 张铮 . 拟态构造的 Web 服务器异构性量化方法[J]. 软件学报, 2020(2): 564-577. |
ZHANG J X , PANG J M , ZHANG Z . Quantification method for heterogeneity on Web server with mimic construction[J]. Journal of Software, 2020(2): 564-577. | |
[28] | PARUCHURI P , PEARCE J P , TAMBLE M ,et al. An efficient heuristic approach for security against multiple adversaries[C]// Proc 6th Int Joint Conf Auton Agents Multiagent Syst. 2007: 1-8. |
[29] | PARUCHURI P , PEARCE J P , MARECKI J ,et al. Playing games for security:An efficient exact algorithm for solving Bayesian Stackelberg games[C]// Proc 7th Int Joint Conf Auton Agents Multiagent Syst. 2008: 895-902. |
[30] | PLADD:deterring attacks on cyber systems and moving target defense[P]. 2017. |
[31] | IBM Ins. CPLEX optimization studio 12.10[EB]. 2019 |
[1] | Weizhen HE, Fucai CHEN, Jie NIU, Jinglei TAN, Shumin HUO, Guozhen CHENG. Research progress on dynamic hopping technology for network layer [J]. Chinese Journal of Network and Information Security, 2021, 7(6): 44-55. |
[2] | Bin WANG, Liang CHEN, Yaguan QIAN, Yankai GUO, Qiqi SHAO, Jiamin WANG. Moving target defense against adversarial attacks [J]. Chinese Journal of Network and Information Security, 2021, 7(1): 113-120. |
[3] | Kang HE,Yuefei ZHU,Long LIU,Bin LU,Bin LIU. Improve the robustness of algorithm under adversarial environment by moving target defense [J]. Chinese Journal of Network and Information Security, 2020, 6(4): 67-76. |
[4] | Jinglei TAN, Hongqi ZHANG, Cheng LEI, Xiaohu LIU, Shuo WANG. Research progress on moving target defense for SDN [J]. Chinese Journal of Network and Information Security, 2018, 4(7): 1-12. |
[5] | Yuyang ZHOU, Guang CHENG, Chunsheng GUO. Risk assessment method for network attack surface based on Bayesian attack graph [J]. Chinese Journal of Network and Information Security, 2018, 4(6): 11-22. |
[6] | Danjun LIU,Guilin CAI,Baosheng WANG. AMTD:a way of adaptive moving target defense [J]. Chinese Journal of Network and Information Security, 2018, 4(1): 15-25. |
[7] | Jiang-yong SHI,Yue-xiang YANG,Wen-hua LI,Sen WANG. Research on SDN-based cloud security application [J]. Chinese Journal of Network and Information Security, 2017, 3(5): 10-25. |
[8] | Zhen-ping LU,Fu-cai CHEN,Guo-zhen CHENG. Secure control plane for SDN using Bayesian Stackelberg games [J]. Chinese Journal of Network and Information Security, 2017, 3(11): 40-49. |
[9] | Miao ZHANG,Xin-sheng JI,Jian-jian AI,Wen-yan LIU,Hong-chao HU,Shu-min HUO. Secure deployment strategy of virtual machines based on operating system diversity [J]. Chinese Journal of Network and Information Security, 2017, 3(10): 35-43. |
[10] | Peng XU,Hai JIN. Research on the searchable encryption [J]. Chinese Journal of Network and Information Security, 2016, 2(10): 8-16. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|