클라우드 컴퓨팅 환경에서 NoSQL기반 대용량 보안로그 통합

Abstract

As cloud computing technologies are rapidly advancing, cloud environment is significantly expanding. Although cloud environment provides users with convenience, prevention and detection of possible security invasion accidents is still unsolved problems. The most intrinsic method to prevent security invasion accident is to collect security logs for each system and then analyze them.

This paper proposes NoSQL-based large capacity security log integration method for cloud security platform. Since cloud computing provides various services to users, a new security log that is different from existing one is likely to occur. Therefore, this paper proposes large scaled security log management to collect, store and integrate logs considering characteristics between heterogeneous machine.

Amount of large scaled security logs which should be collected and stored under cloud computing environment is rapidly increasing. However, conventional collection method based on RDBMS storage can't afford the amount of security logs. In order to solve this problem, this paper proposes NoSQL-based method to collect and integrate security logs. NoSQL is more effective and rapid data storage than conventional RDBMS. As a result, this paper confirmed service availability of NoSQL and then integrated more than 87% of all logs in a way that sets key for common area in security log field and integrate them and it also proved that speed is improved when number of processing nodes is increasing.