CN-121530767-B - Multi-tenant self-adaptive cooperative defense method and system under hybrid cloud scene

Abstract

Acquiring remote trusted certificates of hardware, verifying the trust degree and code integrity of a tenant agent based on the remote trusted certificates, granting marks, and detecting cloud information to generate a machine-readable image containing key parameters; the method comprises the steps of collecting tenant local multi-mode log data coding embedded vectors, triggering current limiting or blocking by a local model computing abnormal confidence degree super-threshold after privacy processing, constructing a hierarchical federal architecture containing tenant local nodes, regional clouds and a global control plane, generating a cross-tenant attack identification global model by encrypting aggregation parameters on the premise that log data does not go out of a domain, and issuing each tenant. The invention verifies the integrity of the security agent at the tenant side through the trusted access mechanism, constructs the tenant portrait based on the bearable mark, realizes the real and verifiable cooperative defense capability among a plurality of tenants, and ensures that the cooperative process has dependability.

Inventors

• SUN GUANGHUI

Assignees

• 北京国信蓝盾科技有限公司

Dates

Publication Date

20260512

Application Date

20260116

Claims (10)

1. 1. The multi-tenant self-adaptive collaborative defense method under the mixed cloud scene is characterized by comprising the following steps of: Acquiring a remote trusted proof of hardware, verifying the trust degree and the code integrity of the tenant agent based on the remote trusted proof, granting a mark, and detecting cloud information to generate a machine-readable image containing key parameters; acquiring tenant local multi-mode log data coding embedded vectors, calculating abnormal confidence coefficient by using a locally deployed micro model after privacy processing, and triggering local current limiting or blocking when the confidence coefficient exceeds a threshold value; Constructing a hierarchical federal architecture containing tenant local nodes, regional clouds and a global control plane, summarizing encryption gradients or model parameters uploaded by each tenant layer by utilizing a secure encryption aggregation protocol on the premise that log data does not go out of a domain, generating a global model with a cross-tenant attack pattern recognition capability, and issuing the updated global model to each tenant; Based on the behavior embedded vector of the multi-tenant and the time sequence relation of the event, constructing a causal attack map containing entities and event nodes, and outputting propagation risk probability, root cause and hub node through causal inference and graph converter inference; The method comprises the steps of integrating local anomaly, a global model, propagation risks and threat information matching degree to obtain unified scores, and providing hierarchical action suggestions by a system according to the scoring result, wherein the suggestions are automatically isolated when the scores are higher than zero, and manual auditing is suggested when the scores are between zero and nine, and the monitoring state is suggested to be maintained when the scores are lower than zero; And executing the defending action in the execution plan by adopting a transaction mode, and configuring corresponding compensation rollback operation for each reversible action so as to support the recovery of the system state under the condition of misjudgment or abnormality.
2. 2. The defending method according to claim 1, wherein the obtaining the remote trusted proof of hardware, verifying tenant agent credibility and code integrity and granting a mark based on the remote trusted proof, detecting cloud information to generate a machine-readable image containing key parameters, specifically comprises: Responding to the agent program or the connector of each tenant side to execute the remote trusted certification based on hardware, and granting corresponding trusted execution node marks after verifying the credibility and the code integrity of the running environment; the remote trusted attestation includes: the agent program generates a proving token containing an environment measurement hash value, a binary hash value and a random number in the trusted hardware, and digitally signs the proving token by utilizing a hardware built-in private key; and after receiving the proving token, the verification service of the control plane verifies the digital signature and compares whether the environment measurement hash value is in a white list, and marks the node as a trusted execution node after the verification is passed.
3. 3. The defending method according to claim 1, wherein the collecting tenant local multi-mode log data encodes an embedded vector, and after privacy processing, the local model calculates abnormal confidence level and triggers current limiting or blocking, specifically comprising: Based on locally collecting multi-mode log data of tenants, coding the log data into behavior embedded vectors by using a self-supervision learning model, and executing differential privacy noise adding or safe quantization compression processing on the behavior embedded vectors in a trusted execution environment; the behavior embedding vector generation process comprises the following steps: For the time sequence log data, adopting a time sequence converter model to encode; for the call chain and process tree structure data, adopting a graph steering quantity algorithm to encode; The self-supervision learning model generates a characterization vector with generalization capability through a contrast learning technology.
4. 4. The defending method according to claim 1, wherein the constructing a hierarchical federal architecture including tenant local nodes, regional clouds and a global control plane generates a cross-tenant attack recognition global model and issues each tenant on the premise that log data does not go out of a domain, specifically includes: Under the premise of keeping original log data without going out of domain, utilizing a safe encryption aggregation protocol to summarize encryption gradient or model parameters uploaded by each tenant layer by layer, generating a global model with cross-tenant attack pattern recognition capability, and issuing the updated global model to each tenant; The hierarchical federal learning architecture further includes a split learning mechanism: Aiming at data containing sensitive characteristics, splitting a model into a front-end network and a back-end network, wherein a tenant side only trains and uploads an intermediate layer activation value of the front-end network of the model, and the intermediate layer activation value is mathematically irreversibly restored into original input data; the control plane is responsible for training the model backend network.
5. 5. The defense method according to claim 4, The secure crypto-aggregation protocol specifically includes: the tenant nodes encrypt the gradients and upload the gradients to the regional aggregator, and the regional aggregator calculates a regional model and uploads the regional model to the global aggregator for summarization; the aggregation process of the global aggregator adopts a secure multiparty computing protocol, so that the plaintext gradient value of a single tenant cannot be analyzed by any single-point aggregator; and all weight update operations are recorded in the chain hash log for auditing.
6. 6. The defending method according to claim 2, wherein the constructing a causal attack graph containing entities and event nodes based on the multi-tenant behavior embedding and event time sequence relation, and outputting propagation risk probabilities and root causes, hub nodes through causal inference and graph transformer inference, specifically comprises: The causal attack spectrum is established and is subjected to graph transformer reasoning, based on the action embedded vector of multiple tenants and the time sequence relation of the event, the causal attack spectrum comprising entity nodes and event nodes is established, causal edges between the events are identified by using a causal inference method, the attack spectrum is deduced through a graph transformer model, and the propagation risk probability of each node and the root cause node and the hub node in an attack link are output; the causal edge identification method for identifying causal edges among events specifically comprises the following steps: Comprehensively utilizing a Grandiger causal test, a time point process and a structural causal model, judging whether a first event is a potential cause for a second event to occur based on the time sequence, the behavior similarity and the context environment of the events, and establishing a causal edge with directivity in the causal attack map; the method for dynamically adjusting the alarm threshold by combining the service criticality and the attack situation of the tenant specifically comprises the following steps of: Generating a unified threat score by weighted calculation in response to fusing the local anomaly detection score, the global model score, the causal graph derived propagation risk value, and the threat intelligence matching degree; and dynamically adjusting an alarm threshold value for judging the threat level according to the service criticality in the tenant portrait and the current overall attack situation.
7. 7. The defending method according to claim 1, wherein the high-level defending intention synthesizes a cross-cloud execution plan, formalized verifies that the service level agreement of the tenant is not violated, the transaction mode performs defending actions, and the reversible action is matched with rollback to restore the system, and the method specifically comprises: Executing the defending action in the execution plan by adopting a transaction mode, and configuring corresponding compensation rollback operation for each reversible action to support the recovery of the system state under the condition of misjudgment or abnormality; The method for verifying whether the execution plan violates the service level agreement of the tenant by using the formal verification method before execution specifically comprises the following steps: verifying whether the system state after implementation of the execution plan meets the minimum service copy number limit, service accessibility requirement and service continuity threshold set in the tenant portrait by using a satisfaction model theory solver or a bounded model checking technology; the executing the defending action in the execution plan by adopting the transaction mode, and configuring corresponding compensation rollback operation for each reversible action, specifically comprising: the transaction mode execution adopts a compensation transaction mechanism; the execution plan is broken down into a series of ordered sub-operations including blocking traffic, restricting access, generating snapshots, and isolating containers; If any sub-operation fails to be executed or a rollback instruction is received, the system automatically triggers the corresponding compensation operation and rolls back the environment state to the state before the sub-operation is executed.
8. 8. The multi-tenant self-adaptive cooperative defense system in a hybrid cloud scenario, which is applied to the multi-tenant self-adaptive cooperative defense method in the hybrid cloud scenario as claimed in any one of claims 1 to 7, is characterized by comprising: The trusted portrait module is configured to respond to the execution of the remote trusted certification based on hardware for the agent program or the connector of each tenant side, and grant corresponding trusted execution node marks after verifying the credibility and the code integrity of the running environment; The local abnormal detection module is configured to encode the log data into behavior embedded vectors by using a self-supervision learning model based on locally collecting multi-mode log data of tenants, and execute differential privacy noise adding or safe quantization compression processing on the behavior embedded vectors in a trusted execution environment; The system comprises a federation aggregation module, a global model generation module, a global control plane aggregation module and a global control plane aggregation module, wherein the federation aggregation module is configured to build a hierarchical federation learning architecture comprising tenant local nodes, an area cloud aggregator and the global control plane aggregator; The map reasoning module is configured to construct a causal attack map and conduct map transformer reasoning; identifying causal edges between events by using a causal inference method, reasoning the attack spectrum by using a graph transformer model, and outputting propagation risk probability of each node and root cause nodes and hub nodes in an attack link; The system comprises a scoring threshold adjustment module, a system and a system, wherein the scoring threshold adjustment module is configured to generate a unified threat score through weighted calculation in response to fusion of a local anomaly detection score, a global model score, a causal map derived propagation risk value and threat information matching degree; The execution checking rollback module is configured to automatically synthesize a high-level defending intention into a specific cross-cloud execution plan, check whether the execution plan violates a service level agreement of a tenant by using a formal verification method before execution, execute defending actions in the execution plan by adopting a transaction mode, and configure corresponding compensation rollback operation for each reversible action so as to support recovery of a system state under misjudgment or abnormal conditions.
9. 9. An electronic device, comprising a processor, a memory and a communication interface, wherein the memory stores a computer program, and the processor implements the multi-tenant adaptive cooperative defense method in the hybrid cloud scenario as claimed in any one of claims 1 to 7 when executing the computer program.
10. 10. A computer readable storage medium, wherein a computer program is stored on the computer readable storage medium, and when the computer program is executed by a processor, the method for implementing the multi-tenant adaptive collaborative defense in a hybrid cloud scenario according to any one of claims 1 to 7 is implemented.

Description

Multi-tenant self-adaptive cooperative defense method and system under hybrid cloud scene Technical Field The invention relates to the technical field of network security and cloud computing, in particular to a multi-tenant self-adaptive collaborative defense method and a system thereof under a mixed cloud scene. Background With the rapid development of cloud computing technology, enterprise IT architectures are gradually evolving from single data centers to hybrid cloud architectures of "public cloud, private cloud, and edge cloud". The architecture fully utilizes the elastic computing capability of public cloud, the data security of private cloud and the low-delay characteristic of edge cloud. In a hybrid cloud environment, a multi-tenant mode is the main stream, that is, multiple tenants share underlying physical hosts, virtual networks, storage resources, and container runtime. Although hybrid clouds offer increased resource utilization and business flexibility, their complex heterogeneous environments and dynamically changing resource attributes also present a significant challenge to network security defenses. Existing traditional security defense systems generally rely on single point defense tools such as firewalls, web application firewalls, endpoint detection and response, etc., which exhibit significant limitations in dealing with advanced persistent threats and complex attack chains in a hybrid cloud environment. Specifically, the following technical problems exist in the aspect of hybrid cloud and multi-tenant security defense in the prior art: First, in a hybrid cloud scenario, enterprises often use services of different manufacturers such as AWS, ali cloud, and Hua cloud, and there are significant differences among security capabilities, log formats, API interface standards, and policy management mechanisms of each cloud manufacturer. This heterogeneity results in security policies that are difficult to uniformly manage, attack event formats are inconsistent, and defense systems across clouds are difficult to cooperate. For example, attack features detected on the public cloud side cannot be synchronized to the private cloud side in real time, resulting in the same attacker being able to shuttle from cloud domain to cloud domain using information differences. Second, in a multi-tenant environment, one tenant is vulnerable to attack by other tenants in the same physical environment due to shared CPU, bandwidth, storage, and container operation. The existing security isolation mechanism is difficult to prevent container escape, physical machine invasion and data leakage attack based on side channels. In addition, the prior art is difficult to realize tenant-level resource isolation real-time monitoring, and the phenomenon of neighbor interference caused by attack of a certain tenant cannot be effectively prevented. Third, an attacker typically adopts a "detour" tactic, e.g., first invades an edge node, then moves laterally through a tunnel into the private cloud, and finally accesses public cloud core resources using tenant rights. The existing defense system often lacks the log aggregation capability of cross cloud and the behavior modeling capability of cross tenant, and cannot construct a unified attack path view, so that an defender can only see scattered alarms, and cannot identify a complete cross-domain attack chain. Fourth, the hybrid cloud resource has high dynamic performance, and the dynamic expansion and contraction capacity of Pod, the elastic expansion of virtual machine and the dynamic allocation of IP address are normal. Traditional firewall rules and IDS policies based on static IP or fixed assets cannot accommodate such changes, new instances of dilatation may not bind security policies in time, and residual policies after contraction may lead to security vulnerabilities. The prior art lacks an adaptive security policy update mechanism that can automatically adjust in real time following resource changes. Fifthly, cloud environment logs are huge in quantity and are disordered in source, and business behavior differences among tenants are obvious. Traditional IDS/IPS is difficult to effectively monitor the east-west traffic on the cloud, and general detection rules cannot adapt to the service characteristics of specific tenants, so that the false alarm rate is high. Meanwhile, due to dynamic changes of resources, the AI model trained based on the fixed samples is difficult to effectively and continuously learn and update on each tenant side. Sixth, most of the current cloud security defenses are single-point combat, and threat information sharing and linkage blocking capability across tenants is lacking. When a cloud node or tenant is trapped, attack features cannot be automatically shared to other tenants, so that a defense system cannot form resultant force. However, when implementing collaborative defense, there is a great challenge of compliance and privacy, namely, data be