Research on east-west traffic attack detection with deep integration of cloud architecture

包森成; 王珏; 霍旺

doi:10.13992/j.cnki.tetas.2019.12.008

Chinese

您当前的位置：

首页 >

文章列表页 >

Research on east-west traffic attack detection with deep integration of cloud architecture

更新时间：2026-04-20

- Research on east-west traffic attack detection with deep integration of cloud architecture
- Vol. 32, Issue 12, Pages: 38-44(2019)
- 作者机构：
  
  中国移动通信集团浙江有限公司
- 作者简介：
- 基金信息：
- DOI：10.13992/j.cnki.tetas.2019.12.008
  CLC： TP309
- Published：2019
- 稿件说明：
移动端阅览
[1]包森成,王珏,霍旺.深度融合云环境自身架构的东西向攻击检测技术研究[J].电信工程技术与标准化,2019,32(12):38-44.

包森成, 王珏, 霍旺. Research on east-west traffic attack detection with deep integration of cloud architecture[J]. 2019, 32(12): 38-44.
[1]包森成,王珏,霍旺.深度融合云环境自身架构的东西向攻击检测技术研究[J].电信工程技术与标准化,2019,32(12):38-44. DOI： 10.13992/j.cnki.tetas.2019.12.008.

包森成, 王珏, 霍旺. Research on east-west traffic attack detection with deep integration of cloud architecture[J]. 2019, 32(12): 38-44. DOI： 10.13992/j.cnki.tetas.2019.12.008.

摘要

随着云和容器等虚拟化技术的不断扩张

云、数据中心和企业网中的东西向流量呈快速增长趋势。如果不采集虚拟网络流量

用户80%的网络流量将呈现"黑盒"状态

无法对云平台内东西向量进行安全管控

在2019年公安部发布的《信息安全技术网络安全等级保护基本要求》云计算安全扩展部分明确要求针对虚拟机之间、宿主机与虚拟机间的流量需要进行检测和异常告警。本文通过对业内现有东西向流量检测方案进行分析

研究并提出一种与云平台自身架构深度融合且非侵入式的流量获取方式

基于大数据分析和机器学习算法提升攻击检测能力的整体方案

此外还研究了融合过程中与云平台业务自动适配的问题。

Abstract

With the continuous expansion of virtualization technologies such as cloud computing and containers

the east-west traffic in cloud

data center and enterprise network is increasing rapidly. If the virtual network traffic is not collected

80% of the user’s network traffic will be in a "black box"

unable to secure the east-west vector in cloud platforms. In the information security technology: general requirements for classified protection of cyber security version 2

cloud computing security extensions

it is clearly required to detect and report traffic anomalies between virtual machines and between hosts and virtual machines. Based on the analysis of the existing east-west traffic detection solutions in this field

this paper studies and proposes a non-invasive traffic collection method which is deeply integrated with the cloud platform’s own architecture. This overall solution of attack detection has been improved by emerging technologies such as big data analysis and machine learning algorithm. In addition

it also explains the automatic adaptation of the integration process with the cloud platform business.

关键词

Keywords

references

Views

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

Research on 5G network self-organizing optimization technology

Practice of machine learning in data analysis

Network quality of experience evaluation based on machine learning

Research on operators’ anti-fraud technology

Research and application of intelligent operation and maintenance（AIOps）under China Unicom distributed architecture

Related Author

付航

刘兴旭

幸锋

刘明艺

王玮

郭莉

何凌

蓝万顺

Related Institution

中国移动通信集团重庆有限公司

中国移动通信集团设计院有限公司

中国移动通信集团云南有限公司

中国移动通信集团广东有限公司

中国联合网络通信有限公司济南软件研究院

AI问答

Postal code：100079
Tel：（010）53879206 Email：tmw@bjxintong.com.cn
Technical support is provided by Beijing Founder electronics co., LTD 京ICP备09082226号-64 京公网安备11010602201714号
It is recommended to read the content of this site in Chrome&IE9+. Please switch to extreme mode in browser 360.
Cookies We use cookies to help provide and enhance our service and tailor content. By continuing, you agree to the use of cookies.

⁰