基於OpenStack開發之資訊安全演練平台

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：11

、訪客IP：3.137.182.206

姓名

聶順成(Shun-Chung Nieh) 查詢紙本館藏

畢業系所

資訊工程學系

論文名稱

基於OpenStack開發之資訊安全演練平台
(Cloud Security Experiment Platform based on the OpenStack)

相關論文

★ 以伸展樹為基礎的Android Binder Driver	★ 應用增量式學習於多種農作物判釋之研究
★ 應用分類重建學習偵測航照圖幅中的新穎坵塊	★ 用於輔助工業零件辨識之尺寸估算系統
★ 使用無紋理之3D CAD工業零件模型結合長度檢測實現細粒度真實工業零件影像分類	★ 一個建立在平行工作系統上的動態全球計算平台
★ 用權重參照計數演算法執行主動物件垃圾收集	★ 一個動態負載平衡之最大可能性估算計算架構
★ 利用多項系統負載資訊進行動態P2P系統重組的策略研究	★ 基於Hadoop系統的雲端應用程式特徵擷取與計算監測架構
★ 適用於大型動態分散式系統的調適性計算模型	★ 一個提供彈性虛擬資料中心的雲端服務平台
★ 雲端彈性虛擬機房服務平台之資源控管中心	★ 一個適用於自動供應雲端系統的動態調適計算架構
★ 線性相關工作與非相關工作的探索式排程策略	★ 適用於大資料集高效率的分散式階層分群演算法

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

[檢視]

[下載]

本電子論文使用權限為同意立即開放。
已達開放權限電子全文僅授權使用者為學術研究之目的，進行個人非營利性質之檢索、閱讀、列印。
請遵守中華民國著作權法之相關規定，切勿任意重製、散佈、改作、轉貼、播送，以免觸法。

摘要(中)

隨著網路的蓬勃發展，網路攻擊日益增加。因此資訊安全問題是急需被探討的社會議題之一，為了降低資訊安全事件的發生，資訊安全的教育是必需的。資訊安全的教育不能只專注在課堂上的教學，必須實際動手下去實驗。在過去要進行資訊安全實驗十分繁瑣，多虧於虛擬化技術(Virtualization Technology)與雲端運算(Cloud Computing)的發展，這2項技術提供了快速部屬實驗環境的功能，非常適合資訊安全實驗的進行。OpenStack就是一個非常適合的雲端運算系統。本研究為一個基於OpenStack雲端運算平台上開發的資訊安全實驗平台。透過使用OpenStack API配置OpenStack上的虛擬機器，讓資訊安全實驗在虛擬機器上操作。相較於之前的中央大學雲端安全平台(CSEP)，在結構上省去了原先的API Server 以及 VPN Server。除此之外，本研究實做出一個全新的網路介面，主要是為了系統管理者管理使用者。新的網路介面不僅能查看實驗進度還能查看虛擬機器資源。除此之外還能在介面上配置出虛擬網段以供較具規模的安全實驗。

摘要(英)

With the rapid development of the Internet, Cyber-attacks happen increasingly. Therefore, information security is one of the important social issue that need to be discussed. In order to reduce the occurrence of information security incidents, information security training is necessary. The Goal of information security training cannot just focus on teaching in the lecture. Students must do the experiments by themselves. In the past, establishing an information security experiments is very complicated. Thanks to the development of Virtualization Technology and Cloud Computing, these two technologies can establish experimental environment rapidly, which is very suitable for information security experiments. OpenStack is a very suitable cloud computing System. This research offer an information security experiment platform based on the OpenStack. In order to start an experiment in virtual machine, we use OpenStack API to configure virtual machines on OpenStack. Compared with the previous platform, Cloud Security Experiment Platform, the original API Server and VPN Server are omitted from the structure. In addition, this research has created a new web interface. This new web interface not only allows users to view the progress of the experiment but also view the virtual machine resources.

關鍵字(中)

★ 雲端運算
★ 虛擬機器
★ 資訊安全
★ 資訊安全演練平台

關鍵字(英)

★ OpenStack

論文目次

摘要 I
Abstract II
目錄 III
圖目錄 IV
表目錄 VII
第一章緒論 1
1-1 研究背景 1
1-2 研究動機與實作目標 2
1-3 研究貢獻 3
1-4 論文架構 4
第二章背景知識 5
2-1 OpenStack 5
2-2 OpenStack API / SDK 7
2-3 SAMVED 與 CSEP 9
2-4相關文獻探討 12
第三章系統設計 13
3-1 雲端安全實驗平台的使用情境 13
3-2 雲端安全實驗平台系統架構 18
3-3 安全實驗平台與OpenStack結合 21
3-3-1 OpenStack SDKs與系統實作 21
第四章案例設計 26
4-1 案例1 – Buffer Overflow 28
4-2 案例2 – Denial Of Service 33
第五章平台比較 39
第六章結論 42
參考文獻 43

參考文獻

[1] A. Fox et al., "Above the clouds: A berkeley view of cloud computing," Dept. Electrical Eng. and Comput. Sciences, University of California, Berkeley, Rep. UCB/EECS, vol. 28, no. 13, p. 2009, 2009.
[2] Y. Jadeja and K. Modi, "Cloud computing-concepts, architecture and challenges," in Computing, Electronics and Electrical Technologies (ICCEET), 2012 International Conference on, 2012, pp. 877-880: IEEE.
[3] P. Mell and T. Grance, "The NIST definition of cloud computing," 2011.
[4] K. Jackson, C. Bunch, and E. Sigler, OpenStack cloud computing cookbook. Packt Publishing Ltd, 2015.
[5] K. Pepple, Deploying openstack. " O′Reilly Media, Inc.", 2011.
[6] 劉旭哲, "互動式線上教學之互動點推薦機制研究; A Recommending Mechanism for SettingInteractive Point in Interactive E-learning," 國立中央大學, 2012.
[7] 黃世昆. User Network Attack and Defense Ability Testing System [Online]. Available: http://www.twisc.nctu.edu.tw/index.php/2010-07-06-06-38-21/wargame
[8] National Center for High-performance Computing Cyber Defense Exercise [Online]. Available: https://cdx.nchc.org.tw/index.php
[9] S. N. T.-c. Chiueh and S. Brook, "A survey on virtualization technologies," Rpe Report, vol. 142, 2005.
[10] Citrix Systems?? Citrix XenServer: Efficient Server Virtualization Software [Online]. Available: https://www.citrix.com/products/xenserver/
[11] J. R. Garcia and D. E. Williams, Virtualization with Xen: Including XenEnterprise; XenServer; and XenExpress. Syngress, 2007.
[12] S.-J. Chen, J.-Y. Huang, C.-T. Huang, and W.-J. Wang, "SAMEVED: A System Architecture for Managing and Establishing Virtual Elastic Datacenters," International Journal of Grid and High Performance Computing (IJGHPC), vol. 5, no. 2, pp. 27-42, 2013.
[13] L. McDaniel, E. Talvi, and B. Hay, "Capture the Flag as Cyber Security Introduction," in System Sciences (HICSS), 2016 49th Hawaii International Conference on, 2016, pp. 5479-5486: IEEE.
[14] M. Lehrfeld and P. Guest, "Building an ethical hacking site for learning and student engagement," in SoutheastCon, 2016, 2016, pp. 1-6: IEEE.
[15] CTFd , an opensource Capture The Flag framework [Online]. Available: https://github.com/CTFd/CTFd
[16] M. Owens and G. Allen, SQLite. Springer, 2010.
[17] G. Giacobbi, "The GNU netcat project," URL http://netcat. sourceforge. net, p. 11, 2013.
[18] G. F. Lyon, Nmap network scanning: The official Nmap project guide to network discovery and security scanning. Insecure, 2009.
[19] S. Sanfilippo, "hping3 (8) Linux main page," ed, 2005.
[20] L.-C. Chen, "Secure Web development teaching modules," 2010.
[21] J. Hu, C. Meinel, and M. Schmitt, "Tele-lab IT security: an architecture for interactive lessons for security education," in ACM SIGCSE Bulletin, 2004, vol. 36, no. 1, pp. 412-416: ACM.
[22] OWASP, WebGoat Project [Online]. Available: https://www.owasp.org/index.php/Category:OWASP_WebGoat_Project

指導教授

王尉任(Wei-Jen Wang)

審核日期

2018-8-15

推文