中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/65707
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 80990/80990 (100%)
Visitors : 41652144      Online Users : 1690
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/65707


    Title: 使用軟體定義網路之跨雲端虛擬機器保護;Inter-Cloud Networking Virtual Machine Protection Using Software Defined Network
    Authors: 陳翔詠;Chen,Hsiang-yung
    Contributors: 資訊工程學系
    Keywords: 跨雲端;軟體定義網路;Xen;入侵偵測與防禦;Open vSwitch;inter-cloud;Software Defined Network;Xen;intrusion detection and prevention system;Open vSwitch
    Date: 2014-07-29
    Issue Date: 2014-10-15 17:08:39 (UTC+8)
    Publisher: 國立中央大學
    Abstract: 隨著網路技術的快速發展,帶動了網路架構的變動。近年來最受到重視的是軟體定義網路(Software Defined Network, SDN),許多雲端運算的架構都是使用軟體定義網路來建置。雲端運算的服務類型可分為三種:基礎設施即服務(Infrastructure as a service, IaaS)、平台即服務(Platform as a service, PaaS)、軟體即服務(Software as a service, SaaS)。目前有許多的雲端供應商皆有提供虛擬機器之服務,而採用的虛擬化平台大多都是Xen來建置。政府機關、學校、公司已經將其網站及資料庫放置於雲端運算的虛擬機器之上,因而造就虛擬機器的大量使用。然而,伴隨而來的是在雲端運算平台上虛擬機器安全問題等等更多的考驗。
    在跨雲端運算環境中,使用者將可能遭受來自四面八方的攻擊,有可能是外部的攻擊,或是內部的攻擊,因此需要入侵偵測與防禦系統來抵擋這些攻擊。而外部的交換器或是內部的虛擬交換器將會接收到這些惡意攻擊之封包,因此本研究利用入侵偵測與防禦軟體需監控於這兩個地方,透過美國史丹福大學所開發的NetFPGA可程式化網卡,與Open vSwitch來架構出OpenFlow軟體定義網路,並研究雲端運算可能會面臨到那些問題。
    本論文將利用OpenFlow Switch與Open vSwitch軟體定義網路來建構出跨雲端運算的環境,並使用Xen來提供虛擬機器之服務,而在Xen的主要控制系統上安裝入侵偵測與防禦系統Snort搭配軟體定義網路之形式來保護Xen實體機器上虛擬機器之安全,透過外部機器或是內部虛擬機器攻擊正常的虛擬機器,能夠達到有效的防禦攻擊行為。
    ;With the rapid development of Internet technology, there is bringing about change of network architecture. Software Defined Network (SDN) has been greatly valued over the last few years. Many architectures of cloud computing network are built by Software Defined Network. The service model of cloud computing can be divided into three types: Infrastructure as a service, Platform as a service, and Software as a service. Currently, many cloud providers provide virtual machine service. And their virtualization platform are built by Xen. The inter connection of VM in cloud use the network that are defined and operated by software. The Government, schools, and companies put their websites and databases on the virtual machines in cloud computing. Thus it caused a lot of usage for virtual machine. However, the accompanying issues are virtual machine security and other challenge in cloud computing.
    In inter-cloud computing environment, the user may be suffered attacks in all directions. The attacks may come from external or internal. Thus, we need intrusion detection and prevention system to block attacks. External Switch or internal virtual switch can receive these malicious packets. Therefore, our study used intrusion detection and prevention system should monitor the two places. By the Stanford University developed the NetFPGA platform which is based on a programmable NIC, and Open vSwitch to build OpenFlow Software Defined Network.
    We use OpenFlow Switch and Open vSwitch Software Defined Network to build inter-cloud computing environment. And also use Xen to provide virtual machine service. We will install intrusion prevention and detection system, Snort, on domain-0 and Software Defined Network to protect the virtual machines on the Xen platform. External machines or internal virtual machines will attack normal virtual machines, our result show that External machines and internal virtual machines can’t attack normal virtual machines.
    Appears in Collections:[Graduate Institute of Computer Science and Information Engineering] Electronic Thesis & Dissertation

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML465View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明