September 16, 2011, hosted by IT Business News Network, "It Times" co-organised by the theme of "Cloud Power" 2011 Summit Forum in Beijing Xiyuan Hotel grandly convened, the Forum aims to the industry for the first time to display the latest cloud ideas, cloud technology and cloud results, jointly explore "cloud technology and development, cloud standards and building, Cloud security and privacy, cloud case and application "and other industrial hotspots, difficulties, doubtful topics, this is the IT industry a high-level business summit, its size and scale to create the highest."
Participants in this forum include IT, telecommunications, finance, automotive, Manufacturing CIO, CTO, CEO, Enterprise user representatives, IT professionals, excellent cloud service providers, experts, etc., on the cloud computing to carry out multi-directional, multi-angle research, including SaaS (software as a service), PaaS (platform as a service), IaaS (infrastructure, services) and other fields, together to promote cloud computing technology at home and abroad, as well as business model innovation.
Shi Xiaohong, vice president of Qihoo 360, was a guest speaker for this forum. He believes that cloud security is of great significance for the safe and stable operation of the basic information network and important information systems: first, containment of security incidents in the bud, most of the security incidents are from the end of malicious software attacks. Cloud security technology can overcome the shortcomings of traditional virus killing technology, zero to achieve the malicious software to determine, kill more, so that the security incident nipped in the bud.
The following is the full text of Shi Xiaohong speech:
I am pleased to have this opportunity to share with colleagues in the industry how we use the cloud computing model to realize and implement the small experience of providing network security services. When it comes to cloud security, there are usually two layers of meaning, one of which is the security of the cloud computing platform itself. This includes things like virtualization, the security of the operating environment, the security of the digital environment, and so on, and the other level, in fact, is how to use or cloud based patterns to solve problems, to provide network security services, and some call it SAS services.
With the development of various applications in the game network, there is a huge economic incentive, resulting in a large gray industry chain, and now the internet age of software, including Trojan virus and 10 years ago, the situation is very different, such as through a variety of web pages, through a variety of user downloads and other means, Finally, a result is achieved, and this is what we can see, the different numbers intercepted in the past 360 years.
This poses a serious challenge to the traditional method of scanning engine based on the virus library, which is mainly reflected in several aspects, a traditional anti-virus software technology relies on the terminal Local has a lot of ice, but because of the explosive growth of malicious number of new Trojan features constantly need to update and upgrade to the user's local virus library inside, Can lead to the use of intermediate resources, resulting in users and their very card, and this model is difficult to be transplanted to mobile phones and other devices.
This is the first question, the second is more serious, now, according to the number of samples we intercepted, the number of malicious program files we can find every day is about 3 million to 5 million, an average of hundreds of thousands of per hour, in such a large number, probably the best anti-virus software, its virus library update speed, Also can't keep up, so the traditional anti-virus software model, is far behind the virus Trojan speed, and eventually led to the traditional anti-virus software technology, it can not prevent the latest emergence of the virus Wrangler, and even lead to user resources in the heavy occupancy, reduce performance.
Developed a kind of thinking, this is probably in 2007 time proposed a cloud to do network security, its basic theory or its basic idea to cancel the user terminal local huge virus library, to solve the problem of intermediate resource consumption, Then the huge virus library or the malware blacklist and the white list of the normal software, dedicated to the server side, we have enough technology to establish a sufficient file security support library. The security of a local file or message is identified by the communication of the network. This identification is in the cloud, implemented by the server's engine.
And the middle based on the results of the server query to the local file for the corresponding disposal, in addition to solving the problem of our intermediate resource footprint, if you have strong cloud computing power in the cloud, you have a large enough middle cover to cover enough users, new Trojans, After you automate it and update it into the cloud, you can reverse all networking and protect it, so its ability to respond to new security threats can be almost as close to the second level.
High-performance Cloud query response capability includes server-side technology based on powerful search engine, high performance query under hundreds of billions of sizes and high-reliability and high stability. Cloud security needs of the core technologies include: large-scale distributed parallel computing technology, massive data storage technologies, mass data automatic analysis and mining technology, unknown malware automatic analysis and identification technology, unknown malicious software behavior Monitoring and auditing technology, mass malicious Web page detection, mass white list collection and Automatic Update, High performance concurrent query engine.
Cloud security is significant for the safe and stable operation of the protection of basic information networks and important information systems: containment of security incidents in the bud, most of the security incidents from terminal malware attacks. Cloud security technology can overcome the shortcomings of traditional virus killing technology, zero to achieve the malicious software to determine, kill more, so that the security incident nipped in the bud. Emergency warning and vulnerability control, cloud security system can monitor the entire Chinese Internet malware and malicious Web pages, can be found in the first time a new vulnerability to exploit 0day vulnerabilities and directional attacks, for the national important information system to provide security incidents of emergency warning and vulnerability control services; lay the foundation of national trusted software management, The mass white list technology will lay the foundation for realizing the state controllable trusted software configuration management.