KEYWORDS: Computer security, Data transmission, Network security, Elasticity, Windows, Data acquisition, Security technologies, Environmental monitoring, Data storage, Operating systems
With the increasingly fierce offensive and defensive confrontation in cyberspace, security threats have spread to the field of network terminal equipment data monitoring and collection, and the problems of network terminal equipment data collection being damaged and tampered with under the offensive and defensive environment are prominent. To this end, this paper proposes an SGX-based network countermeasure host log highly trusted collection method, adopts SGX hardware-level protection technology as the security reinforcement means, and conducts research on log collection methods, transmission methods, and storage methods. In this paper, the SGX-based network countermeasure host log highly trusted collection system is designed with full consideration of the collection strategy for host logs of multi-operating system platforms. At the same time, not only the physical host collection scenario is considered in the scheme design, but also the host log collection task for virtual machines in the cloud platform with the continuous development of cloud computing, which greatly broadens the application scenario of this method and satisfies most of the network scenarios in reality.
In the network security test environment, due to the destructive nature of network adversarial behavior and uncontrollable boundaries and other characteristics, it is easy to lead to security risks in the event capture process. A real-time and secure event capture method for network security tests is an effective guarantee of the authority of the exercise results, and is also a pressing challenge for the key applications of network security tests. To this end, the article investigates the event capture technology for network security tests in a trusted execution environment, and designs a secure and efficient event capture method based on SGX technology, Elastic Stack technology stack and virtualization technology tools to ensure the authenticity and confidentiality of the original data in the network security test environment, which can realize the secure and The method enables secure and efficient capture of virtual host behavior logs in the test environment.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
INSTITUTIONAL Select your institution to access the SPIE Digital Library.
PERSONAL Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.