一种基于冗余跳变的虚拟机动态迁移方法

在5G核心网虚拟化环境中,虚拟机共用同一物理服务器会带来一系列的安全问题,如发生侧信道攻击、虚拟节点溢出攻击等,造成用户隐私信息泄露。现有基于虚拟机动态迁移的防御方法是一种有效的主动防御技术,但虚拟机频繁迁移导致了迁移资源开销大和迁移安全性低的问题。为此,提出一种基于冗余跳变的虚拟机迁移方法,对不同虚拟机的迁移频率建立评估计算模型,在保证虚拟机隐私信息安全的前提下减小虚拟机迁移频率,对部分虚拟机采用冗余跳变的方法,以应对虚拟机频繁迁移带来的安全风险。实验结果表明,与现有虚拟机动态迁移方法相比,该方法在取得相同安全防护效果的同时,能够缩短平均迁移收敛时间并降低迁移开销。

A Virtual Machine Dynamic Migration Method Based on Redundant Transition

In 5G core network virtualization environment,the virtual machines sharing the same physical server brings a series of problems,such as Side-Channel Attack(SCA),Virtual Node Escape Attack(VNEA)and so on,causing user private information disclosure.The existing defense method based on dynamic migration of virtual machines is an effective active defense technology,but the frequent migration of virtual machines leads to some problems,such as high resource cost and low migration security.Therefore,this paper proposes a virtual machine migration method based on redundant transition.With this method,an evaluation and calculation model is established for the migration frequency of different virtual machines.On the premise of ensuring the privacy information security of virtual machines,the migration frequency is reduced.The redundant transition method is applied to part of virtual machines to cope with the security risks brought by the frequent migration of virtual machines.Experimental results show that compared with the existing virtual machine dynamic migration method,the proposed method can reduce average migration convergence time and migration cost while maintaining the same security protection effect.