容器云中面向持久化存储的拟态防御技术研究

doi:10.19678/j.issn.1000-3428.0066958

摘要/Abstract

摘要：

容器云中面向持久化存储安全会直接影响到容器的创建和运行过程，严重威胁容器的安全性。传统的防御方法无法及时检测基于未知漏洞的攻击行为，并建立相应的防御策略。而现有的通过动态、异构和冗余增强容器及持久化存储安全性的研究缺乏对面向持久化存储安全威胁的细致分析，且对表决机制带来的性能损失没有得到优化。为此，利用容器灵活、高效的特点，结合拟态防御原理提出面向持久化存储的拟态防御架构。针对表决机制并结合层次分析法对异构容器应用请求表决机制进行优化，同时依据先到先裁机制提出一种自适应表决算法以提高表决速率，通过评估安全性和系统开销为用户提供一种折中的调度方案来满足场景中不同的安全和性能需求，最终实现原型系统Mimic-proxy。理论分析和实验结果表明：Mimic-proxy可以有效防御容器云中面向持久化存储的安全威胁，相比传统表决算法，响应时延降低了28.85%，吞吐率提高了40.52%；相比于传统防御架构，在仅提高0.99%的响应时延和降低1.01%吞吐率的情况下，可以有效保护持久化存储，达到增强容器安全性的目的。

关键词: 容器云, 持久化存储, 拟态防御, 原型系统, 容器安全

Abstract:

Persistent storage security threats in the container cloud directly affect the creation and operation of the container. Traditional defense methods cannot detect an attack based on unknown vulnerabilities in time and establish corresponding defense strategies. Existing studies on enhancing the security of the container and persistent storage through dynamic, heterogeneous and redundant lack detailed analyses of the persistent storage security threats. The performance loss caused by the voting mechanism has also not been optimized. To this end, this paper first proposes a mimic defense architecture for persistent storage based on the flexible and efficient characteristics of containers and the principle of mimic defense for the aforementioned problems. Second, the analytic hierarchy process method is used to optimize the request voting mechanism of heterogeneous container applications. Thereafter, an adaptive voting algorithm is proposed based on the first-come-first-decision mechanism to improve the voting rate. Next, users are provided with an optional scheduling scheme to improve the adaptability of the architecture by evaluating the security and system overhead. Finally, this study implements a prototype system mimic-proxy. Theoretical analysis and experimental verification results demonstrate that mimic-proxy can effectively defend against persistent storage security threats in the container cloud. The adaptive voting algorithm reduces the response delay by 28.85% and improves the throughput by 40.52% compared with the traditional voting algorithm. Compared with the traditional defense architecture, the adaptive voting algorithm can effectively protect the persistent storage and enhance the container security under the condition of increasing the response delay by 0.99% and reducing the throughput by 1.01%.

Key words: container cloud, persistent storage, mimic defense, prototype system, container safety

刘道清, 扈红超, 霍树民. 容器云中面向持久化存储的拟态防御技术研究[J]. 计算机工程, 2024, 50(2): 165-179.

Daoqing LIU, Hongchao HU, Shumin HUO. Research on Persistent Storage-Oriented Mimic Defense Technology in Container Clouds[J]. Computer Engineering, 2024, 50(2): 165-179.

http://www.ecice06.com/CN/Y2024/V50/I2/165

图/表 15

图1 容器云攻击过程

Fig.1 Container cloud attack process

图2 面向持久化存储的拟态防御架构

Fig.2 Mimic defense architecture for persistent storage

图3 表决问题的AHP模型

Fig.3 AHP model of voting problem

图4 自适应表决流程

Fig.4 Procedure of adaptive voting

图5 自适应表决算法的有效性分析

Fig.5 Effectiveness analysis of adaptive voting algorithm

图6 不同请求并发量下响应时延对比图

Fig.6 Comparison diagram of response delay under different request concurrencys

图7 不同请求并发量下吞吐率对比图

Fig.7 Comparison diagram of throughput under different request concurrencys

图8 不同机制下响应时延对比图

Fig.8 Comparison diagram of response delay under different mechanisms

图9 不同机制下吞吐率对比图

Fig.9 Comparison diagram of throughput under different mechanisms

图10 表决准确性分析图

Fig.10 Voting accuracy analysis diagram

参考文献 37

1	JIN H, LI Z, ZOU D Q, et al. DSEOM: a framework for dynamic security evaluation and optimization of MTD in container-based cloud. IEEE Transactions on Dependable and Secure Computing, 2019, 18(3): 1125- 1136.
2	KAUR K, DHAND T, KUMAR N, et al. Container-as-a-service at the edge: trade-off between energy efficiency and service availability at fog nano data centers. IEEE Wireless Communications, 2017, 24(3): 48- 56. doi: 10.1109/MWC.2017.1600427
3	KHAZAEI H, BANNAZADEH H, LEON-GARCIA A. SAVI-IoT: a self-managing containerized IoT platform[C]//Proceedings of the 5th IEEE International Conference on Future Internet of Things and Cloud. Washington D. C., USA: IEEE Press, 2017: 227-234.
4	JITHIN R, CHANDRAN P. Virtual machine isolation[C]//Proceedings of International Conference on Communications in Computer and Information Science. Berlin, Germany: Springer, 2014: 91-102.
5	邬江兴. 网络空间拟态防御研究. 信息安全学报, 2016, 1(4): 1- 10.
	WU J X. Research on cyber mimic defense. Journal of Cyber Security, 2016, 1(4): 1- 10.
6	MCALLISTER D F, SUN C E, VOUK M A. Reliability of voting in fault-tolerant software systems for small output-spaces. IEEE Transactions on Reliability, 1990, 39(5): 524- 534. doi: 10.1109/24.61308
7	JAMALI N, SAMMUT C. Majority voting: material classification by tactile sensing using surface texture. IEEE Transactions on Robotics, 2011, 27(3): 508- 521. doi: 10.1109/TRO.2011.2127110
8	POLINSKY I, MARTIN K, ENCK W, et al. N-m-variant systems: adversarial-resistant software rejuvenation for cloud-based web applications[C]//Proceedings of the 10th ACM Conference on Data and Application Security and Privacy. New York, USA: ACM Press, 2020: 235-246.
9	SETIYADI A, SETIAWAN E B. Information system monitoring access log database on database server. Materials Science and Engineering, 2018, 407, 012110.
10	SU Z D, WASSERMANN G. The essence of command injection attacks in web applications. ACM SIGPLAN Notices, 2006, 41(1): 372- 382. doi: 10.1145/1111320.1111070
11	KELLARIS G, KOLLIOS G, NISSIM K, et al. Generic attacks on secure outsourced databases[C]//Proceedings of 2016 ACM SIGSAC Conference on Computer and Communications Security. New York, USA: ACM Press, 2016: 1329-1340.
12	LIANG G Q, ZHAO J H, LUO F J, et al. A review of false data injection attacks against modern power systems. IEEE Transactions on Smart Grid, 2017, 8(4): 1630- 1638. doi: 10.1109/TSG.2015.2495133
13	LIU X A, BAO Z, LU D, et al. Modeling of local false data injection attacks with reduced network information. IEEE Transactions on Smart Grid, 2015, 6(4): 1686- 1696. doi: 10.1109/TSG.2015.2394358
14	BERTINO E, SANDHU R. Database security-concepts, approaches, and challenges. IEEE Transactions on Dependable and Secure Computing, 2005, 2(1): 2- 19. doi: 10.1109/TDSC.2005.9
15	BERTINO E, JAJODIA S, SAMARATI P. Database security: research and practice. Information Systems, 1995, 20(7): 537- 556. doi: 10.1016/0306-4379(95)00029-4
16	MOUSA A, KARABATAK M, MUSTAFA T. Database security threats and challenges[C]//Proceedings of the 8th International Symposium on Digital Forensics and Security. Washington D. C., USA: IEEE Press, 2020: 1-5.
17	HUANG Y, KINTALA C, KOLETTIS N, et al. Software rejuvenation: analysis, module and applications[C]//Proceedings of the 25th International Symposium on Fault-Tolerant Computing. Washington D. C., USA: IEEE Press, 1995: 381-390.
18	潘传幸, 张铮, 马博林, 等. 面向进程控制流劫持攻击的拟态防御方法. 通信学报, 2021, 42(1): 37- 47.
	PAN C X, ZHANG Z, MA B L, et al. Method against process control-flow hijacking based on mimic defense. Journal on Communications, 2021, 42(1): 37- 47.
19	陈双喜, 吴安邦, 岐舒骏, 等. 新型主动防御框架的资源对抗模型分析. 电子学报, 2019, 47(7): 1557- 1565.
	CHEN S X, WU A B, QI S J, et al. Analysis of resource defense model for novel active defense modeling. Acta Electronica Sinica, 2019, 47(7): 1557- 1565.
20	扈红超, 陈福才, 王禛鹏. 拟态防御DHR模型若干问题探讨和性能评估. 信息安全学报, 2016, 1(4): 40- 51.
	HU H C, CHEN F C, WANG Z P. Performance evaluations on DHR for cyberspace mimic defense. Journal of Cyber Security, 2016, 1(4): 40- 51.
21	郑秋华, 胡程楠, 崔婷婷, 等. 一种基于概率分析的DHR模型安全性分析方法. 电子学报, 2021, 49(8): 1586- 1598.
	ZHENG Q H, HU C N, CUI T T, et al. A security analysis approach for dynamic heterogeneous redundancy model based on probability analysis. Acta Electronica Sinica, 2021, 49(8): 1586- 1598.
22	李凌书, 邬江兴. 面向云网融合SaaS安全的虚拟网络功能映射方法. 计算机工程, 2021, 47(12): 30- 39. URL
	LI L S, WU J X. SaaS security oriented virtual network function embedding method under cloud-network integration. Computer Engineering, 2021, 47(12): 30- 39. URL
23	LI H R, GUO Y F, SUN P H, et al. An optimal defensive deception framework for the container-based cloud with deep reinforcement learning. IET Information Security, 2022, 16(3): 178- 192. doi: 10.1049/ise2.12050
24	BEKIROGLU B, KOREL B. Survivability analysis of K-variant architecture for different memory attacks and defense strategies. IEEE Transactions on Dependable and Secure Computing, 2019, 18(4): 1868- 1881.
25	ZHOU D C, CHEN H C, CHENG G Z, et al. SecIngress: an API gateway framework to secure cloud applications based on N-variant system. China Communications, 2021, 18(8): 17- 34. doi: 10.23919/JCC.2021.08.002
26	SINGH M, PATI D. Countermeasures to replay attacks: a review. IETE Technical Review, 2020, 37(6): 599- 614. doi: 10.1080/02564602.2019.1684851
27	MALLIK A. Man-in-the-middle-attack: understanding in simple words. Cyberspace: Jurnal Pendidikan Teknologi Informasi, 2019, 2(2): 109. doi: 10.22373/cj.v2i2.3453
28	朱正彬, 刘勤让, 刘冬培, 等. 拟态多执行体调度算法研究进展. 通信学报, 2021, 42(5): 179- 190.
	ZHU Z B, LIU Q R, LIU D P, et al. Research progress of mimic multi-execution scheduling algorithm. Journal on Communications, 2021, 42(5): 179- 190.
29	SAATY T L. Group decision making and the AHP. Berlin, Germany: Springer, 1989: 59- 67.
30	XU Z. On consistency of the weighted geometric mean complex judgement matrix in AHP. European Journal of Operational Research, 2000, 126(3): 683- 687. doi: 10.1016/S0377-2217(99)00082-X
31	YUAN E, MALEK S, SCHMERL B, et al. Architecture-based self-protecting software systems[C]//Proceedings of the 9th International ACM Sigsoft Conference on Quality of Software Architectures. New York, USA: ACM Press, 2013: 33-42.
32	PACHEV S. Understanding MySQL internals. [S. 1. ]: O'Reilly Media, Inc., 2007.
33	MORGAN J. Classification and regression tree analysis[D]. Boston, USA: Boston University, 2014.
34	VENKATESWARAN C, PALLAVI D R, RAMACHANDRAN M, et al. A study on weighted aggregated sum product assessment w. r. t multiple criteria decision making. Data Analytics and Artificial Intelligence, 2022, 2(1): 26- 33. doi: 10.46632/daai/2/1/5
35	曾威, 扈红超, 霍树民, 等. 一种面向N变体系统的时延隐蔽信道攻击及其对策研究. 信息安全学报, 2022, 7(3): 91- 106.
	ZENG W, HU H C, HUO S M, et al. A delayed covert channel attack for N variant systems and its countermeasures. Journal of Cyber Security, 2022, 7(3): 91- 106.
36	WU T. An accurate computation of the hypergeometric distribution function. ACM Transactions on Mathematical Software, 1993, 19(1): 33- 43. doi: 10.1145/151271.151274
37	CHVÁTAL V. The tail of the hypergeometric distribution. Discrete Mathematics, 1979, 25(3): 285- 287. doi: 10.1016/0012-365X(79)90084-0

[1]	张青青, 汤红波, 游伟, 普黎明. 基于演化博弈的NFV拟态防御架构动态调度策略[J]. 计算机工程, 2022, 48(4): 30-38,49.
[2]	杨珂, 张帆, 郭威, 赵博, 穆清. 一种拟态存储元数据随机性问题解决方法[J]. 计算机工程, 2022, 48(2): 140-146,155.
[3]	吴正江, 姚琪, 冯四风, 顾青. 基于数据库二进制日志的竞赛式仲裁优化方案[J]. 计算机工程, 2021, 47(5): 24-29.
[4]	魏帅, 张辉华, 苏野, 薛鹏飞, 闻亮. 面向拟态防御系统的高阶异构度大数判决算法[J]. 计算机工程, 2021, 47(5): 30-35.
[5]	李凌书, 邬江兴. 面向云网融合SaaS安全的虚拟网络功能映射方法[J]. 计算机工程, 2021, 47(12): 30-39.
[6]	郭威, 谢光伟, 张帆, 李敏. 一种分布式存储系统拟态化架构设计与实现[J]. 计算机工程, 2020, 46(6): 12-19.
[7]	武兆琪, 张帆, 郭威, 卫今, 谢光伟. 一种基于执行体异构度的拟态裁决优化方法[J]. 计算机工程, 2020, 46(5): 12-18.
[8]	付琳, 邵培南, 应飞, 解维. 拟态通用运行环境的框架设计[J]. 计算机工程, 2020, 46(3): 24-33.
[9]	杨凯琪, 姚培, 赵玉龙, 汤凌韬. 面向异构容器云的应用迁移方法[J]. 计算机工程, 2019, 45(8): 42-47.
[10]	李卫超, 张铮, 王立群, 刘镇武, 刘浩. 一种拟态构造的Web威胁态势分析方法[J]. 计算机工程, 2019, 45(8): 1-6.
[11]	屠雪真,屠要峰,陈小强. 一种优化的Key-Value型NoSQL系统[J]. 计算机工程, 2019, 45(6): 52-59.
[12]	林森杰,刘勤让,王孝龙. 面向拟态防御系统的竞赛式仲裁模型[J]. 计算机工程, 2018, 44(4): 193-198.
[13]	王伟,曾俊杰,李光松. 动态异构冗余系统的安全性分析[J]. 计算机工程, 2018, 44(10): 42-45,50.
[14]	罗军，陈席林，李文生. 高效Key-Value持久化缓存系统的实现[J]. 计算机工程, 2014, 40(3): 33-38.
[15]	田晓云;方丽英;闫健卓;王普. 有时态本体模型及其管理原型系统[J]. 计算机工程, 2010, 36(3): 41-43,5.

选择文件类型/文献管理软件名称

选择包含的内容