摘要
Combining the principle of antibody concentration with the idea of biological evolution, this paper proposes an adaptive target detection algorithm for cloud service security based on Bio-Inspired Performance Evaluation Process Algebra(Bio-PEPA). The formal modelling of cloud services is formally modded by Bio-PEPA and the modules are transformed between cloud service internal structures and various components. Then, the security adaptive target detection algorithm of cloud service is divided into two processes, the short-term optimal action selection process which selects the current optimal detective action through the iterative operation of the expected function and the adaptive function, and the long-term detective strategy realized through the updates and eliminations of action planning table. The combination of the two processes reflects the self-adaptability of cloud service system to target detection. The simulating test detects three different kinds of security risks and then analyzes the relationship between the numbers of components with time in the service process. The performance of this method is compared with random detection method and three anomaly detection methods by the cloud service detection experiment. The detection time of this method is 50.1% of three kinds of detection methods and 86.3% of the random detection method. The service success rate is about 15% higher than that of random detection methods. The experimental results show that the algorithm has good time performance and high detection hit rate.
Combining the principle of antibody concentration with the idea of biological evolution, this paper proposes an adaptive target detection algorithm for cloud service security based on Bio-Inspired Performance Evaluation Process Algebra(Bio-PEPA). The formal modelling of cloud services is formally modded by Bio-PEPA and the modules are transformed between cloud service internal structures and various components. Then, the security adaptive target detection algorithm of cloud service is divided into two processes, the short-term optimal action selection process which selects the current optimal detective action through the iterative operation of the expected function and the adaptive function, and the long-term detective strategy realized through the updates and eliminations of action planning table. The combination of the two processes reflects the self-adaptability of cloud service system to target detection. The simulating test detects three different kinds of security risks and then analyzes the relationship between the numbers of components with time in the service process. The performance of this method is compared with random detection method and three anomaly detection methods by the cloud service detection experiment. The detection time of this method is 50.1% of three kinds of detection methods and 86.3% of the random detection method. The service success rate is about 15% higher than that of random detection methods. The experimental results show that the algorithm has good time performance and high detection hit rate.
引文
[1]Ryan M D.Cloud computing security:The scientific challenge and a survey of solutions[J].The Journal of Systems and Software,2013,86(9):2263-2268.
[2]Li M J,Luo A,Tong T S,et al.Artificial immune algorithm and its applications[J].Control Theory&Applications,2004,21(2):153-157(Ch).
[3]Xu H,Zhao J M,Cheng X Y,et al.Research and design of survivable network system inspired by biological immunology[J].Journal of Computer Applications,2010,30(5):1194-1197(Ch).
[4]Zhou W J,Zhang D P,Xu B W,et al.An adaptive algorithm of locating fault interactions based combinatorial testing[J].Chinese Journal of Computers,2011,34(8):1509-1518(Ch).
[5]Kelly E J.An adaptive detection algorithm[J].IEEE Transactions on Aerospace and Electronic Systems,1986,22(2):115-127.
[6]Zhang Y Z,Zhang Y,Tang B,et al.Subspace signals adaptive detector in compound Gaussian clutter[J].Journal of Detection&Control,2017,39(1):96-100(Ch).
[7]Wang H,Song J X.Threshold based adaptive vibe target detection algorithm[J].Computer Science,2015,42(z1):154-157(Ch).
[8]Liu J.Performance Analysis and Application of Adaptive Detection Algorithm[D].Xi’an:Xidian University,2012(Ch).
[9]Jiang J C,Ma H T,Ren D G,et al.A survey of intrusion detection research on network security[J].Journal of Software,2000,11(11):1460-1466(Ch).
[10]Ciocchetta F,Hillston J.Bio-PEPA:A framework for the modelling and analysis of biological systems[J].Theoretical Computer Science(S0304-3975),2009,410(33):3065-3084.
[11]Galpin V.Hybrid semantics for Bio-PEPA[J].Quantum Information&Computation(S1533-7146),2014,236(C):122-145.
[12]Lv H W,Wang H Q,Lin J Y,et al.A vulnerability propagation model of distributed virtualized systems based on Bio-PEPA[J].Chinese Journal of Computers,2016,39(2):391-404(Ch).
[13]Chowdhury N M,Boutaba R.A survey of network virtualization[J].Computer Networks,2010,54(5):862-876.
[14]Zhao G S,Zhang N,Wang J,et al.Study of cognitive model for survivable system based on high-order multi-typeπcalculus[J].Journal of System Simulation,2016,28(2):275-282(Ch).
[15]Wei Z C,Xu X W,Feng L,et al.Task scheduling algorithm based on Q-Learning and programming for sensor nodes[J].Pattern Recognition and Artificial Intelligence,2016,29(11):1028-1036(Ch).
[16]Zhou J P,Liu J F,Liu S,et al.MPC performance assessment based on priority strategy[J].Journal of Shanghai Jiaotong University,2015,49(11):1641-1646(Ch).
[17]Liu L,Ren J Q,Zhang P,et al.Detecting security in cloud services based onπcalculus[J].Journal of Jilin University(Science Edition),2014,52(3):503-508(Ch).
[18]Hu D M,Yu X.Dynamic data integrity detection method in cloud storage service[J].Application Research of Computers,2014,31(10):3056-3060(Ch).