Cloud computing attack graph based on graph and parallel computing

Abstract

Abstract: Different from the traditional computing model, the unique virtualization features and dynamic scalability of cloud computing pose challenges to the security research of cloud computing. A graph -based technical framework usingSDN(software defined network) is proposed toobtain information about network configuration and hostaccess control list, building a reachability map of the network system based on the information. The map is decomposed to obtain the SCC(strongly connected component), and parallel security analysis is performed on this basis. Finally, the attack graph is constructed based on the analyzing result. Experimental verification shows that there is a significant improvement of attack grhph generating speed compared with the traditional analyzing method.

Key words: SDN, cloud computing, strong connected component decomposition, attack graph

CLC Number:

TP391

QIU Xiaorui. Cloud computing attack graph based on graph and parallel computing[J]. .

References 11

[1]	云计算关键行业应用报告(2017 年)[R]. 北京: 中国信息通信研究院,2017.
[2]	SHEYNER O, HAINES J, JHA S, et al. Automated Generation and Analysis of Attack Graphs[C]//Proceedings of 2002 IEEE Symposium on Security and Privacy, IEEE, 2002: 273-284.
[3]	OU XINMING, BOYER W F, MCQUEEN M A. A Scalable Approach to Attack Graph Generation[C]//Proceedings of the 13th ACM Conference on Computer and Communications Security, ACM, 2006: 336-345.
[4]	叶子维, 郭渊博, 王宸东, 等. 攻击图技术应用研究综述[J].通信学报, 2017, 38(11): 121-132.
[5]	MJIHIL O, KIM D S, HAQIQ A. Security assessment framework for multitenant cloud with nested virtualization[J]. Journal of Information Assurance and Security, 2016, 11(2): 283-292.
[6]	KAYNAR K, SIVRIKAYA F. Distributed attack graph generation[J].IEEE Transactions on Dependable and Secure Computing, 2016,13(5):519-532.
[7]	MCKEOWN N. Software-defined networking[J]. INFOCOM Keynote Talk, 2009, 17(2): 30-32.
[8]	NUNES B A A, MENDONCA M, NGUYEN X N, et al. A survey of software-defined networking: past, present, and future of programmable networks[J]. IEEE Communications Surverys and Tutorials, 2014, 16(3):1617-1634.
[9]	SHARIR M. A strong-connectivity algorithm and its applications in data flow analysis[J]. Computers & Mathematics with Applications, 1981, 7(1): 67-72.
[10]	GABOW H N. Path-based depth-first search for strong and biconnected components[J]. Information Processing Letters, 2000, 74(3/4): 107-114.
[11]	TANGE O. GNU parallel-the command-line power tool[J]. USENIX Magazine, 2011, 36(1): 42-47.

[1]	LIU Haitao, DONG Qinzhuo, DA I Y ongzhang. Modeling the medium access control protocol of VDL Mode 2 [J]. Journal of Civil Aviation University of China, 2026, 44(1): 80-85.
[2]	JIAO Weidong, JIAO Yizhe. Two-level matching algorithm for image features based on CA-SIFT [J]. Journal of Civil Aviation University of China, 2025, 43(2): 73-82.
[3]	WANG Peng , YAO Xinpeng , WANG Kenian , CHEN Wenqi , CHEN Xi . Detection method for code defect based on LSTM-Seq2Seq model with large perception [J]. Journal of Civil Aviation University of China, 2023, 41(2): 14-20.
[4]	DING Jianli SU Wei. Joint extraction method of entity relationship based on coding feature fusion of BERT-CNN [J]. Journal of Civil Aviation University of China, 2023, 41(2): 47-53.
[5]	SHI Yongsheng, XIA Zhichao. Research on flight simulation system of unmanned helicopter based on Vega Prime [J]. Journal of Civil Aviation University of China, 2023, 41(2): 58-64.
[6]	ZHANG Wei , CHEN Yuhao , ZHANG Pan , CUI Ming. Measurement method of airline checked baggage based on#br# RGB-D image#br# [J]. Journal of Civil Aviation University of China, 2023, 41(4): 44-50.
[7]	GAO Jianshu , WANG Qingqiang. Numerical simulation of the effect of water mist nozzle spray angle on fire suppression in semi-enclosed aircraft cabin [J]. Journal of Civil Aviation University of China, 2023, 41(3): 53-58.
[8]	SHI Yongsheng, DU Kun, LI Sha. Optimization of strength of safety box buckle based on response surface model [J]. Journal of Civil Aviation University of China, 2023, 41(3): 59-64.
[9]	HE Huaiqing, ZHANG Yumin, LIU Haohan. Visual analysis of indoor trajectories based on AOI division [J]. Journal of Civil Aviation University of China, 2022, 40(6): 45-52.
[10]	HAN Ping , WANG Haowei , FANG Cheng. Object tracking algorithm based on dynamic weight in dual branch siamese network [J]. Journal of Civil Aviation University of China, 2022, 40(5): 15-22.
[11]	CAO Weidong, XU Xiuli. Research on methods of identifying unruly passengers in civil aviation [J]. Journal of Civil Aviation University of China, 2022, 40(2): 24-30.
[12]	WANG Hongjian. Tourism route recommendation based on latent representation and improved collaborative filtering [J]. Journal of Civil Aviation University of China, 2021, 39(5): 40-43.
[13]	WANG Y ue, Y ANG Y onggang, SONG Ze. Simulated flight training evaluation for flight cadets based on competency [J]. Journal of Civil Aviation University of China, 2021, 39(5): 51-54.
[14]	XU Jianxin, GUO Ziqi, SHI Lizhong, FEI Yang. Optimization of line-replaceable unit list based on parking loss [J]. Journal of Civil Aviation University of China, 2021, 39(4): 37-41.
[15]	XIE Chunsheng , ZHAO Long , LIU Yuepeng. Track identification in terminal airspace based on self-organizing neural network [J]. Journal of Civil Aviation University of China, 2021, 39(3): 6-9.