Research on Persistent Storage-Oriented Mimic Defense Technology in Container Clouds
Persistent storage security threats in the container cloud directly affect the creation and operation of the container.Traditional defense methods cannot detect an attack based on unknown vulnerabilities in time and establish corresponding defense strategies.Existing studies on enhancing the security of the container and persistent storage through dynamic,heterogeneous and redundant lack detailed analyses of the persistent storage security threats.The performance loss caused by the voting mechanism has also not been optimized.To this end,this paper first proposes a mimic defense architecture for persistent storage based on the flexible and efficient characteristics of containers and the principle of mimic defense for the aforementioned problems.Second,the analytic hierarchy process method is used to optimize the request voting mechanism of heterogeneous container applications.Thereafter,an adaptive voting algorithm is proposed based on the first-come-first-decision mechanism to improve the voting rate.Next,users are provided with an optional scheduling scheme to improve the adaptability of the architecture by evaluating the security and system overhead.Finally,this study implements a prototype system mimic-proxy.Theoretical analysis and experimental verification results demonstrate that mimic-proxy can effectively defend against persistent storage security threats in the container cloud.The adaptive voting algorithm reduces the response delay by 28.85% and improves the throughput by 40.52% compared with the traditional voting algorithm.Compared with the traditional defense architecture,the adaptive voting algorithm can effectively protect the persistent storage and enhance the container security under the condition of increasing the response delay by 0.99% and reducing the throughput by 1.01%.
国家科技期刊平台
NSTL
万方数据
维普
