通信学报 ›› 2018, Vol. 39 ›› Issue (4): 176-188.doi: 10.11959/j.issn.1000-436x.2018069
樊佩茹,赵波,倪明涛,陈治宏
出版日期:
2018-04-01
发布日期:
2018-04-29
作者简介:
樊佩茹(1990-),女,山西忻州人,武汉大学博士生,主要研究方向为虚拟化与云安全。|赵波(1972-),男,山东青岛人,武汉大学教授、博士生导师,主要研究方向为可信计算、虚拟化安全、嵌入式系统安全等。|倪明涛(1977-),男,湖北天门人,武汉大学博士生,主要研究方向为可信计算、物联网安全等。|陈治宏(1984-),女,重庆人,武汉大学博士生,主要研究方向为虚拟化与云存储安全。
基金资助:
Peiru FAN,Bo ZHAO,Mingtao NI,Zhihong CHEN
Online:
2018-04-01
Published:
2018-04-29
Supported by:
摘要:
在IaaS平台中,虚假数据的存在将对测评结果造成混淆,无法为用户给出公平公正的平台选择依据。针对该问题,提出一种适用于IaaS平台的测试代理agent保护机制(APM,agent protection mechanism),在不需要额外软硬件支持的条件下保证agent的完整性和命令执行的正确性;同时提出一种基于质询的APM有效性验证方法,及时发现失效APM所在IaaS节点以止损。实现了基于APM的实验环境,对APM的有效性和性能开销进行测试。实验结果表明,该机制可以有效保护agent的完整性及其执行命令的正确性,且对IaaS平台引入的性能代价较小。
中图分类号:
樊佩茹,赵波,倪明涛,陈治宏. APM:适用于IaaS平台的agent保护机制[J]. 通信学报, 2018, 39(4): 176-188.
Peiru FAN,Bo ZHAO,Mingtao NI,Zhihong CHEN. APM:agent protection mechanism applied for IaaS platform[J]. Journal on Communications, 2018, 39(4): 176-188.
表4
软硬件配置信息"
序号 | 类型 | 配置信息 |
S1 | 单节点C1 | 计算机C1:处理器为Intel(R) Pentium G3250 @ 3.20 GHz,内存为4 GB,操作系统为OSX 10.9.5 |
S2 | 多节点C1,C2,C3 | 计算机C1:处理器为Intel(R) Pentium G3250 @ 3.20 GHz,内存为4 GB,操作系统为OSX 10.9.5 |
计算机C2:处理器为Intel(R) Xeon(R) E5- 2620v3 @ 2.40 GHz,内存为64 GB,操作系统为CentOS release 6.8 | ||
计算机C3:处理器为Intel(R) Xeon(R) E5- 2603 v4 @ 1.70 GHz,内存为64 GB,操作系统为Ubuntu 16.04.2 LTS |
表5
APM失效检测结果"
攻击间隔时间Tattack/s | 攻击延续时间Tadelay/s | 攻击时间的增长步长 | 攻击次数 | 总时长/s | Tinquire质询周期 | 质询总次数 | 攻击总次数 | 成功检测到的攻击次数 | 检测率 |
5 | 200 | 1 | 200 | 21 097.912 109 | 2 | 9 943 | 200 | 200 | 100% |
5 | 200 | 1 | 200 | 21 100.072 266 | 4 | 5 225 | 200 | 200 | 100% |
5 | 200 | 1 | 200 | 21 100.044 922 | 6 | 3 483 | 200 | 193 | 96.5% |
5 | 200 | 2 | 100 | 10 500.020 508 | 2 | 5 149 | 100 | 100 | 100% |
5 | 200 | 2 | 100 | 10 500.018 555 | 4 | 2 850 | 100 | 99 | 99% |
5 | 200 | 2 | 100 | 10 500.019 531 | 6 | 1 717 | 100 | 98 | 98% |
表6
完整性度量时延"
场景 | 命令 | 原始执行时间/μs | 开启APM执行时间/μs | 时延开销/μs | 时延比值 |
twadmin | 993 633.602 | 993 672.604 | 39.002 | 0.39 | |
init | 993 243.960 | 993 281.249 | 37.289 | 0.38 | |
节点C1 | check | 998 251.158 | 998 320.632 | 69.474 | 0.70 |
version | 5 910.368 | 5 991.211 | 80.843 | 134.94 | |
test | 5 807.799 | 5 903.042 | 95.243 | 161.35 | |
twadmin | 106 269.497 | 106 294.458 | 24.961 | 2.35 | |
init | 106 548.015 | 106 572.666 | 24.651 | 2.31 | |
节点C2 | check | 995 196.121 | 995 226.251 | 30.130 | 0.30 |
version | 33 205.232 | 33 243.813 | 38.581 | 11.61 | |
test | 6 436.648 | 6 474.78 | 38.132 | 58.89 | |
twadmin | 989 539.064 | 989 373.686 | 34.622 | 0.35 | |
init | 990 192.956 | 990 239.783 | 46.827 | 0.47 | |
节点C3 | check | 8 989 757.590 | 8 989 788.516 | 30.926 | 0.034 4 |
version | 39 730.975 | 39 748.145 | 17.170 | 4.32 | |
test | 2 896.657 | 2 925.743 | 29.086 | 99.41 |
表7
命令执行时延"
场景 | 被检查函数数量 | 原始执行时间/μs | 引入APM后的时延开销/μs |
1 | 999 441 | 8.541 | |
2 | 999 027 | 9.295 | |
3 | 998 277 | 9.688 | |
节点C1 | 5 | 998 297 | 10.333 |
8 | 999 583 | 12.865 | |
12 | 998 499 | 15.504 | |
17 | 999 888 | 17.571 | |
1 | 998 798 | 9.544 | |
2 | 999 679 | 12.243 | |
3 | 999 731 | 14.607 | |
节点C2 | 5 | 998 415 | 19.906 |
8 | 999 899 | 27.349 | |
12 | 999 403 | 36.758 | |
17 | 999 022 | 50.027 | |
1 | 8981 673 | 15.070 | |
2 | 9 021 959 | 15.860 | |
3 | 9 018 784 | 18.709 | |
节点C3 | 5 | 8 981 750 | 19.950 |
8 | 9010 309 | 26.639 | |
12 | 9 017 070 | 33.090 | |
17 | 8 962 640 | 40.549 |
[1] | RIDDLE A R , CHUNG S M . A survey on the security of hypervisors in cloud computing[C]// International Conference on Distributed Computing Systems Workshops. 2015: 100-104. |
[2] | SHAHZAD F . State-of-the-art survey on cloud computing security challenges,approaches and solutions[J]. Procedia Computer Science, 2014,37: 357-362. |
[3] | SARAVANAKUMAR C , ARUN C . Survey on interoperability,security,trust,privacy standardization of cloud computing[C]// International Conference on Contemporary Computing and Informatics. 2015: 977-982. |
[4] | Common Criteria Project Sponsoring Organizations. Common criteria for information technology security evaluation:Version 2.1[S]. 2004. |
[5] | Trusted Computing Platform Alliance. Main specification:Version 1.1[S]. 2002. |
[6] | 赵波, 戴忠华, 向騻 ,等. 一种云平台可信性分析模型建立方法[J]. 软件学报, 2016,27(6): 1349-1365. |
ZHAO B , DAI Z H , XIANG S ,et al. Model constructing method for analyzing the trusty of cloud[J]. Journal of Software, 2016,27(6): 1349-1365. | |
[7] | KING T M , GANTI A S . Migrating autonomic self-testing to the cloud[C]// 2010 Third International Conference on Software Testing,Verification,and Validation Workshops (ICSTW). 2010: 438-443. |
[8] | ZECH P , . Risk-based security testing in cloud computing environments[C]// IEEE International Conference on Software Testing. IEEE Computer Society, 2011: 411-414. |
[9] | KHAN I , REHMAN H , ZAHID A . Design and deployment of a trusted eucalyptus cloud[C]// 2011 IEEE International Conference on Cloud Computing (CLOUD). 2011: 380-387. |
[10] | PHAM C , CHEN D , KALBARCZYK Z ,et al. CloudVal:a framework for validation of virtualization environment in cloud Infrastructure[C]// International Conference on Dependable Systems & Networks. 2011: 189-196. |
[11] | SHAIKH R , SASIKUMAR M . Trust model for measuring security strength of cloud computing service[J]. Procedia Computer Science, 2015,45: 380-389. |
[12] | CARBONE M , CUI W , LU L ,et al. Mapping kernel objects to enable systematic integrity checking[C]// ACM Conference on Computer and Communications Security. 2009: 555-565. |
[13] | 谢亚龙, 丁丽萍, 林渝淇 ,等. ICFF:一种 IaaS 模式下的云取证框架[J]. 通信学报, 2013,34(5): 200-206. |
XIE Y L,DING , L P , LIN Y Q ,et al. ICFF:a cloud forensics framework under the IaaS model[J]. Journal of Communications, 2013,34(5): 200-206. | |
[14] | PAZZAGLIA J C , LOTZ V , CERDA V C ,et al. Advanced security service certificate for SOA:certified services go digital[M]. Vieweg Teubner, 2011. |
[15] | ARJONA M , HARHANI R , MUNOZ A . An engineering process to address security challenges in cloud computing[C]// ASE Bigdata/ Social Com/Cybersecurity Conference. 2014: 1-12. |
[16] | JAATUN M G , MELAND P H , BERNSMED K ,et al. A briefing on cloud security challenges and opportunities[R]. Cloud Security Whitepaper, 2013. |
[17] | MCCUNE J M , LI Y , QU N ,et al. TrustVisor:efficient TCB reduction and attestation[C]// Security and Privacy. 2010: 143-158. |
[18] | MUNOZ A , MAFIA A . Software and hardware certification techniques in a combined certification model[C]// 11th International Conference on Security and Cryptography (SECRYPT). 2014: 1-6. |
[19] | WU L , ZHAN J , ZHAO Y ,et al. A trusted evidence collection method based on the trusted third party for cloud platform[J]. International Journal of Distributed Sensor Networks, 2015,501:984964. |
[20] | ZHAI Y , CAO Q , CHASE J ,et al. TapCon:practical third-party attestation for the cloud[C]// 9th Workshop on Hot Topics in Cloud Computing (HotCloud 17), 2017: 1-7. |
[21] | HUNT T , ZHU Z , XU Y ,et al. Ryoan:a distributed sandbox for untrusted computation on secret data[C]// Usenix Conference on Operating Systems Design and Implementation. USENIX Association, 2016: 533-549. |
[22] | RILEY R , JIANG X , XU D . Guest-transparent prevention of kernel rootkits with VMM-based memory shadowing[C]// International Symposium on Recent Advances in Intrusion Detection,RAID 2008. 2008: 1-20. |
[23] | HUA J , SAKURAI K . Barrier:a lightweight hypervisor for protecting kernel integrity via memory isolation[C]// ACM Symposium on Applied Computing. 2012: 1470-1477. |
[24] | WANG Z , JIANG X . HyperSafe:a lightweight approach to provide lifetime hypervisor control-flow integrity[C]// Security and Privacy. 2010: 380-395. |
[25] | ZHANG F , WANG J , SUN K ,et al. HyperCheck:a hardware-assisted integrity monitor[J]. IEEE Transactions on Dependable and Secure Computing, 2014,11(4): 332-344. |
[26] | AZAB A M , NING P , WANG Z ,et al. HyperSentry:enabling stealthy in-context measurement of hypervisor integrity[C]// ACM Conference on Computer and Communications Security. 2010: 38-49. |
[27] | LIN K J , WANG C Y . Using TPM to improve boot security at BIOS layer[C]// IEEE International Conference on Consumer Electronics. 2012: 376-377. |
[28] | REN J , QI Y , DAI Y ,et al. AppSec:a safe execution environment for security sensitive applications[C]// ACM Sigplan/Sigops International Conference on Virtual Execution Environments. 2015: 187-199. |
[29] | ZHAI Y , YIN L , CHASE J ,et al. CQSTR:securing cross-tenant applications with cloud containers[C]// ACM Symposium on Cloud Computing. 2016: 223-236. |
[30] | HUANG Z , ZHENG T , SHI Y ,et al. A dynamic detection method against ROP and JOP[C]// International Conference on Systems and Informatics. 2012: 1072-1077. |
[31] | BRAR N S , DHINDSA K S . Study of virtual side channel attack in cloud computing a review[J]. International Journal of Engineering Development and Research, 2015,3(3): 1-6. |
[32] | MCCUNE J M , PARNO B J , PERRIG A ,et al. Flicker:An execution infrastructure for TCB minimization[C]// ACM European Conference on Computer Systems. 2008: 315-328. |
[33] | BAUER J , GRUHN M , FREILING F C . Lest we forget:cold-boot attacks on scrambled DDR3 memory[J]. Digital Investigation, 2016,16: S65-S74. |
[34] | 刘川意, 林杰, 唐博 . 面向云计算模式运行环境可信性动态验证机制[J]. 软件学报, 2014,25(3): 662-674. |
LIU C Y , LIN J , TANG B . Dynamic trustworthiness verification mechanism for trusted cloud execution Environment[J]. Journal of Software, 2014,25(3): 662-674. | |
[35] | WANG Z , JIANG X . HyperSafe:a lightweight approach to provide lifetime hypervisor control-flow integrity[C]// IEEE Symposium on Security and Privacy. 2010: 380-395. |
[36] | 刘贵堂, 周正, 周鲁苹 . 软件行为的一种静态可信度量模型[J]. 海军航空工程学院学报, 2012,27(4): 459-463. |
LIU G T , ZHOU Z , ZHOU L P . A static trustworthy measurement model for software behaviors[J]. Journal of Naval Aeronautical and Astronautical University, 2012,27(4): 459-463. | |
[37] | SHI W C , ZHOU H W , Y J H ,et al. DCFI-Checker:checking kernel dynamic control flow integrity with performance monitoring counter[J]. China Communications, 2014,11(9): 31-46. |
[38] | PENG G , PAN X , ZHANG H ,et al. Dynamic trustiness authentication framework based on software's behavior integrity[C]// The International Conference for Young Computer Scientists. 2008: 2283-2288. |
[39] | 吴涛, 杨秋松, 贺也平 . 基于邻接点的 VMM 动态完整性度量方法[J]. 通信学报, 2015,36(9): 169-180. |
WU T , YANG Q S , HE Y . Method of dynamic integrity measurement for VMM based on adjacency data[J]. Journal of Communications, 2015,36(9): 169-180. | |
[40] | TIAN-GE S I , ZHANG Y X , DAI Y Q . L-BLP security model in local area network[J]. Acta Electronica Sinica, 2007,35(5): 1005-1008. |
[1] | 李君, 周乐佳, 李正权, 吉茹, 诸锦涛, 刘兴鑫, 刘子怡. 基于GRU网络辅助和路径度量交换的极化码SCLF算法[J]. 通信学报, 2023, 44(6): 223-237. |
[2] | 郑震, 严迎建, 蔡爵嵩, 刘燕江. 基于双样本KS检验的非特定TVLA方法[J]. 通信学报, 2023, 44(5): 137-147. |
[3] | 王欣, 付威. 基于推土机距离的证据冲突强度量方法[J]. 通信学报, 2022, 43(5): 204-213. |
[4] | 李凤华, 李超洋, 郭超, 李子孚, 房梁, 郭云川. 泛在网络环境下隐蔽通道关键技术研究综述[J]. 通信学报, 2022, 43(4): 186-201. |
[5] | 顾秋阳, 吴宝, 池仁勇. 基于高阶路径相似度的复杂网络链路预测方法[J]. 通信学报, 2021, 42(7): 61-69. |
[6] | 王洪雁, 张莉彬, 陈国强, 汪祖民, 管志远. 结合粒子滤波及度量学习的目标跟踪方法[J]. 通信学报, 2021, 42(5): 98-110. |
[7] | 郭兴林, 孙振晓, 周昱瑶, 漆莲芝, 张谊. 基于Pignistic概率转换和奇异值分解的证据冲突度量方法[J]. 通信学报, 2021, 42(4): 150-157. |
[8] | 李瑞琪, 贾春福, 王雅飞. 基于NTRU的多密钥同态代理重加密方案及其应用[J]. 通信学报, 2021, 42(3): 11-22. |
[9] | 王娅茹, 唐明. 基于Bartlett和多分类F检验侧信道泄露评估[J]. 通信学报, 2021, 42(12): 35-43. |
[10] | 涂碧波, 程杰, 夏豪骏, 张坤, 孙瑞娜. 云虚拟化平台可信证明技术研究综述[J]. 通信学报, 2021, 42(12): 212-225. |
[11] | 杨小东, 席婉婷, 王嘉琪, 陈艾佳, 王彩芬. 基于签密和区块链的车联网电子证据共享方案[J]. 通信学报, 2021, 42(12): 236-246. |
[12] | 贺蕾, 马建峰, 魏大卫. 面向无人机网络的属性代理签名方案[J]. 通信学报, 2021, 42(11): 87-96. |
[13] | 潘传幸, 张铮, 马博林, 姚远, 季新生. 面向进程控制流劫持攻击的拟态防御方法[J]. 通信学报, 2021, 42(1): 37-47. |
[14] | 黄瑞章,白瑞娜,陈艳平,秦永彬,程欣宇,田有亮. CMDC:一种差异互补的迭代式多维度文本聚类算法[J]. 通信学报, 2020, 41(8): 155-164. |
[15] | 牛淑芬,刘文科,陈俐霞,王彩芬,杜小妮. 基于联盟链的可搜索加密电子病历数据共享方案[J]. 通信学报, 2020, 41(8): 204-214. |
阅读次数 | ||||||
全文 |
|
|||||
摘要 |
|
|||||
|