恶意软件常常能够成功攻击虚拟机和其管理系统,使虚拟环境处于一种不安全、难以恢复的状态.传统的安伞防护机制无法满足虚拟环境的安全要求,本文提出一种基于代理的检测和协作修复机制,通过多个虚拟机节点共享修复情况信息,快速获取有效的修复工具,提高恢复能力.模拟分析和仿真实验结果证明该机制的实用性和效率.%Intricate malwares can result in the failure of Virtual System,and enable the system to be in an unsafe state and difficult to restore. The existing policies thwarting this extreme attack are ineffective. In this paper, based on cooperafive recovery among multiple Virtual Machines and agent-based lightweight intrusion detection, an efficient recovery mechanism is proposed for Virtualization systems against malware attacks. The basic policy is to deploy an Emergency Response/Recovery (ER) agent on Virtual Machine to identify the state of the system, and cooperative security among multiple nodes is carried out so that the infected nodes can be rapidly recovered. Simulation results also demonstrate the practicality and efficiency of the proposed schemes.
展开▼
