淡江大學覺生紀念圖書館 (TKU Library)
進階搜尋


下載電子全文限經由淡江IP使用) 
系統識別號 U0002-0709201722301400
中文論文名稱 使用在雲端計算環境中的新型毒液攻擊識別機制
英文論文名稱 A Novel Venom Attack Identification Mechanism in Cloud Computing Environment
校院名稱 淡江大學
系所名稱(中) 資訊工程學系全英語碩士班
系所名稱(英) Master’s Program, Department of Computer Science and Information Engineering (English-taught program
學年度 105
學期 2
出版年 106
研究生中文姓名 魏希哲
研究生英文姓名 OUEDRAOGO Cheick Abdoul Kader
學號 604785013
學位類別 碩士
語文別 英文
口試日期 2017-06-23
論文頁數 25頁
口試委員 指導教授-張世豪
委員-夏至賢
委員-陳以鋒
中文關鍵字 虛擬雲端計算  全性  惡意攻擊  虛擬機器監視器  毒液 
英文關鍵字 Venom  LibVirt  KVM  QEMU  FDC 
學科別分類 學科別應用科學資訊工程
中文摘要 本論文是在研究虛擬雲端計算的安全性。主要探討兩個階段:首先,辨認出雲端上的惡意攻擊(Venom Vulnerability),同時也保護虛擬機器監視器(hypervisor)不遭受相同的攻擊。
第一步,我在QUEMU/KVM的環境中執行Venom的漏洞,以偵測他在雲端上的運作方式。第二步,保護虛擬網路中漏洞最多的虛擬機器監視器(hypervisor)。因此得知,這樣的操作機制提供了辨識Venom攻擊以及試著封鎖負責傳輸I/O命令的軟碟控制器(FDC 0x3f5)。
英文摘要 This thesis investigates the security of virtualization in the cloud computing. The main idea of this papers is focuses on two steps: First we, identify the malicious attack (Venom Vulnerability) in the cloud, and also protect the hypervisor of this kind of attack. Firstly, I have implemented Venom vulnerability in the environment of QUEMU/KVM to identify its behavior (action) in the cloud. Secondly, I protected the hypervisor which is the most vulnerability part for Virtual Network. Thus, the proposed mechanism provides identification venom Attack and tried to locked the FDC port (0x3f5) which is responsible to send I/O command to the hypervisor.
論文目次 Contents
List of Figures IV
List of Tables V
CHAPTER 1. INTRODUCTION - 1 -
1.1 GENERAL OVERVIEW OF CLOUD COMPUTING - 1 -
1.2. VENOM VULNERABILITY - 5 -
CHAPTER 2. RELATED WORK - 8 -
CHAPTER 3. VENOM ATTACK BEHAVIOR - 9 -
3.1. APPROACH - 9 -
3.2. OVERVIEW OF VENOM VULNERABILITY - 11 -
3.3. IDENTIFICATION OF VENOM VULNERABILITY - 12 -
CHAPTER 4. THE PROPOSED METHODOLOGY - 21 -
CHAPTER 5. COMPARISON AND EVALUATION - 23 -
CHAPTER 6. CONCLUSION - 24 -
References - 25 -

List of Figures
Figure 1. Example of Cloud-Computing - 1 -
Figure 2. Components of virtualization. - 5 -
Figure 3. Vulnerable Cloud Infrastructure - 10 -
Figure 4. Attacking Hypervisor Emulation of Hardware Devices (Hardware Emulation Attack Vectors). - 10 -
Figure 5. Venom Vulnerability Source Code - 12 -
Figure 6. Statistic of KVM hypervisor - 13 -
Figure 7. Statics of VMs in KVM - 14 -
Figure 8. General Information of VMs - 14 -
Figure 9. Static of CPU and Memory of VMs - 15 -
Figure 10. Virtual memory size of Host machine - 15 -
Figure 11. I/O static of Hypervisor - 16 -
Figure 12. Venom Vulnerability in the Hypervisor - 16 -
Figure 13. Result of Venom Vulnerability in the Hypervisor (1) - 17 -
Figure 14. Statistic of hypervisor with Venom Vulnerability - 18 -
Figure 15. (a) Virtual memory size of Host machine with Venom Vulnerability. 15 (b) I/O static of Hypervisor with Venom Vulnerability. - 19 -
Figure 16. code of FDC - 21 -
Figure 17. Result of Venom Vulnerability in the Hypervisor (2) - 23 -
Figure 18. Static of Hypervisor when the FDC is locked - 23 -

List of Tables
Table 1. Notable Cloud Service Example - 3 -

參考文獻 [1] Cloud-Computing: www.cloudcomputing.com.
[2] An identification and prevention of theft-of-service attack on cloud computing, 2016 International Conference on Selected Topics in Mobile & Wireless Networking (MoWNeT), IEEE 11-13 April 2016.
[3] Main-Page---KVM(http://www.linuxkvm.org/page/Main_Page).
[4] Libvirt: The Virtualization API.
[5] About---QEMU (http://wiki.quemu.org/Main_page).
[6] Hypervisor and virtual machine dependent Intrusion Detection and Prevention System for virtualized cloud environment, International Conference on Telematics and Future Generation Networks (TAFGEN), IEEE 26-28 May 2015.
[7] D. Tsafrir, Y. Etsion, and D. G. Feitelson, “Secretly Monopolizing the CPU Without Superuser Privileges,” in Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, Berkeley, CA, USA, 2007, pp. 17:1–17:18.
[8] KLrtD: Kernel Level Rootkit Detection (ICEE 2014), May 20-22, 2014, Shahid Beheshti University.
[9] Providing Memory Protection in an Untrusted Commodity Hypervisor (IEEE) 2012), 24-26 Sept.
論文使用權限
  • 同意紙本無償授權給館內讀者為學術之目的重製使用,於2017-09-22公開。
  • 同意授權瀏覽/列印電子全文服務,於2017-09-22起公開。


  • 若您有任何疑問,請與我們聯絡!
    圖書館: 請來電 (02)2621-5656 轉 2486 或 來信