由于云服务提供商不愿向用户提供安全审计报告、日志、安全策略、安全漏洞和安全事故响应机制等相关安全数据,所以在云计算下用户难以发现安全攻击.为此,提出了一种基于机器学习的云安全攻击检测方案.在分析现有攻击场景的基础上,设计了实验数据的采集方案,提取了包括Dos攻击、跨虚拟机的旁路攻击、恶意的内部员工攻击、共享内存攻击和欺诈攻击共五种安全攻击场景数据,并在WEKA下使用支持向量机学习算法对攻击进行了分类实验.结果表明,除欺诈攻击外,对其他四种安全攻击的识别率均达到90%以上.%Since cloud providers are unwilling to provide security related data to its customers, such as auditing, logging, security policies, vulnerability and incident response, cloud users always less knows the details on attacks. Thus, a scheme for attack detection and classification using machine learning techniques was proposed here. Firstly current attack scenarios were analyzed. Then, the scheme for collecting data was designed. These data in five attack scenarios including Dos, Cross VM side channel, malicious insiders, shared memory and ph-ishing attack was extracted and classified using support vector machine(SVM). Results show SVM has high level of performance across all classes. Classification rate reaches 90% besides classifying phishing attack(80. 9%).
展开▼
