【摘 要】
:
Security compliance auditing against standards,regulations or requirements in cloud environments is of increasing importance to boost trust between stakeholders.Many automatic security compliance audi
【机 构】
:
School of Information,Renmin university of China,Beijing,China
【出 处】
:
第十二届中国可信计算与信息安全学术会议
论文部分内容阅读
Security compliance auditing against standards,regulations or requirements in cloud environments is of increasing importance to boost trust between stakeholders.Many automatic security compliance auditing tools have been developed to facilitate accountability and trans-parency of a cloud provider to its tenants in a large scale and complex cloud.User operations in clouds that may cause security compliance violations have attracted attention,including some management oper-ations conducted by insider attackers.System changes induced by the operations concerning security policies are captured for auditing.How-cver,existing cloud sccurity compliancc auditing tools mainly conccn-trate on verification rather than on evidence provision.In this paper,we propose an automatic approach to digging evidence for security com-pliance violations of user operations,by mining the insights of system execution for the operations from system execution traces.Both known and potentially unknown suspicious user operation re-quests that may cause security compliance violations,or suspect system execution behav-ior changes,are automatically recognized.More importantly,evidences related to the detected suspicious requests are presented for further au-diting,where the abnormal and expected snippets are marked in the relevant extracted execution traces.We have evaluated our method in OpenStack,a popular open source cloud operating system.The experi-mental rcsults dcmonstrate the capability of our approach to detecting user opera-tion requests causing security compliance violations and pre-senting relevant evidences.
其他文献
At present,APT attack detection has become the focus of the network security protection _eld.APT attacks are one of the most di_cult attacks in cyber attacks.The complexity and variability of AP-T att
At present,cloud computing is developing rapidly and users can access all kinds of cloud services on cloud servers anytime and anywhere.However,cloud computing is also facing urgent security problems
集合计算作为安全多方计算领域的一个重要层面,其在保密的数据挖掘、敏感医疗数据分析及网络社交等方面都有着重要的应用价值。陈等人(电子学报,2017 年)利用离散对数困难问题,设计了一种高效的集合成员关系安全两方计算协议,该方案的构造方法很新颖,具有很高的计算效率而且十分简洁。作者研究发现该协议存在一个安全漏洞,可以使得集合拥有者能够获得另一方所拥有的元素信息。在此基础上,基于集合多项式表示技术及离散
With the rapid development of software technology,software vulnerability has become a major threat to computer security.The timely detection and repair of potential vulnerabilities in software,is of g
At present,Vehicular Ad-Hoc Networks(VANETs)has been a hot research topic for researchers in the intelligent transportation.It can not only provide real-time traffic information for managers,but also
云计算的虚拟化、跨平台、多租户等特点,使得云安全问题日益突出,用户无法保证上传资料的安全。本文拟基于文件访问行为检测方法,对文件访问程序的行为进行度量和验证,并对远程证明机制进行扩展,提高云计算环境的安全性。针对度量目标问题,采用构建系统依赖图的方法(System DependenceGraph,SDG)),研究数据与程序间的依赖关系,建立程序行为验证的目标集,较好的解决了度量粒度的问题;针对度量
网络协议流量识别可以识别流量所属的网络应用或者协议,进而及时发现和处理网络故障和安全漏洞,提高网络服务质量和保障网络空间安全。近几年,网络协议流量识别受到广泛关注并取得了许多重要成果。故本文首先总结4 种主要网络协议流量识别方法:基于行为的识别方法、基于负载随机性的识别方法、基于有效负载的识别方法和基于机器学习的识别方法;然后分别基于4 种应用场景:在线加密流量、在线非加密流量、离线加密流量和离线
在信息安全中,用户被视为信息安全的“薄弱环节”。攻击者在用户端系统不断升级软件、安全加固的情况下,充分利用用户的脆弱性,使用户在攻击策略的误导下泄露密码,打开恶意邮件附件或是访问恶意网站。这个过程被统称为社会工程学攻击,即使是最健壮的系统安全防护机制对该攻击也束手无策。本文聚焦于技术领域内的社会工程学攻击——信息欺骗攻击,即攻击者主动操纵人机接口,欺骗用户以建立人机虚假信任,误导用户操作以绕过防御
Wireless sensor networks(WSNs)face many security challenges in their applications.In order to improve the security of WSNs,a trust security algorithm based on nodes behavior analysis and cloud model i
在侧信道攻击中,传统的相关性能量分析攻击通常会将多个S 盒分离各个击破。但是针对单个S 盒的相关性能量分析攻击不但忽略了其它S 盒的能量信息而且增加了分析噪声,降低了密钥恢复的效率和正确率。本文针对相关性能量分析在攻击多个S 盒对应密钥的过程中产生计算量过大的问题,提出了一种基于粒子群算法的多盒新型能量分析模型。该模型利用粒子群优化算法结构简单、搜索速度快以及具有记忆性的特点同时完成对多个S 盒的