English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 80990/80990 (100%)
造訪人次 : 41636965      線上人數 : 1146
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋


    請使用永久網址來引用或連結此文件: http://ir.lib.ncu.edu.tw/handle/987654321/65707


    題名: 使用軟體定義網路之跨雲端虛擬機器保護;Inter-Cloud Networking Virtual Machine Protection Using Software Defined Network
    作者: 陳翔詠;Chen,Hsiang-yung
    貢獻者: 資訊工程學系
    關鍵詞: 跨雲端;軟體定義網路;Xen;入侵偵測與防禦;Open vSwitch;inter-cloud;Software Defined Network;Xen;intrusion detection and prevention system;Open vSwitch
    日期: 2014-07-29
    上傳時間: 2014-10-15 17:08:39 (UTC+8)
    出版者: 國立中央大學
    摘要: 隨著網路技術的快速發展,帶動了網路架構的變動。近年來最受到重視的是軟體定義網路(Software Defined Network, SDN),許多雲端運算的架構都是使用軟體定義網路來建置。雲端運算的服務類型可分為三種:基礎設施即服務(Infrastructure as a service, IaaS)、平台即服務(Platform as a service, PaaS)、軟體即服務(Software as a service, SaaS)。目前有許多的雲端供應商皆有提供虛擬機器之服務,而採用的虛擬化平台大多都是Xen來建置。政府機關、學校、公司已經將其網站及資料庫放置於雲端運算的虛擬機器之上,因而造就虛擬機器的大量使用。然而,伴隨而來的是在雲端運算平台上虛擬機器安全問題等等更多的考驗。
    在跨雲端運算環境中,使用者將可能遭受來自四面八方的攻擊,有可能是外部的攻擊,或是內部的攻擊,因此需要入侵偵測與防禦系統來抵擋這些攻擊。而外部的交換器或是內部的虛擬交換器將會接收到這些惡意攻擊之封包,因此本研究利用入侵偵測與防禦軟體需監控於這兩個地方,透過美國史丹福大學所開發的NetFPGA可程式化網卡,與Open vSwitch來架構出OpenFlow軟體定義網路,並研究雲端運算可能會面臨到那些問題。
    本論文將利用OpenFlow Switch與Open vSwitch軟體定義網路來建構出跨雲端運算的環境,並使用Xen來提供虛擬機器之服務,而在Xen的主要控制系統上安裝入侵偵測與防禦系統Snort搭配軟體定義網路之形式來保護Xen實體機器上虛擬機器之安全,透過外部機器或是內部虛擬機器攻擊正常的虛擬機器,能夠達到有效的防禦攻擊行為。
    ;With the rapid development of Internet technology, there is bringing about change of network architecture. Software Defined Network (SDN) has been greatly valued over the last few years. Many architectures of cloud computing network are built by Software Defined Network. The service model of cloud computing can be divided into three types: Infrastructure as a service, Platform as a service, and Software as a service. Currently, many cloud providers provide virtual machine service. And their virtualization platform are built by Xen. The inter connection of VM in cloud use the network that are defined and operated by software. The Government, schools, and companies put their websites and databases on the virtual machines in cloud computing. Thus it caused a lot of usage for virtual machine. However, the accompanying issues are virtual machine security and other challenge in cloud computing.
    In inter-cloud computing environment, the user may be suffered attacks in all directions. The attacks may come from external or internal. Thus, we need intrusion detection and prevention system to block attacks. External Switch or internal virtual switch can receive these malicious packets. Therefore, our study used intrusion detection and prevention system should monitor the two places. By the Stanford University developed the NetFPGA platform which is based on a programmable NIC, and Open vSwitch to build OpenFlow Software Defined Network.
    We use OpenFlow Switch and Open vSwitch Software Defined Network to build inter-cloud computing environment. And also use Xen to provide virtual machine service. We will install intrusion prevention and detection system, Snort, on domain-0 and Software Defined Network to protect the virtual machines on the Xen platform. External machines or internal virtual machines will attack normal virtual machines, our result show that External machines and internal virtual machines can’t attack normal virtual machines.
    顯示於類別:[資訊工程研究所] 博碩士論文

    文件中的檔案:

    檔案 描述 大小格式瀏覽次數
    index.html0KbHTML465檢視/開啟


    在NCUIR中所有的資料項目都受到原著作權保護.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明