摘要 |
Disclosed is an apparatus for processing cloud application attack behaviours in a cloud computing system, comprising: a security analyser, a security processor and a policy manager, wherein the policy manager is used for storing a security judgement rule and a malicious application processing rule; the security analyser is used for receiving application behaviour data sent by a security detector, determining whether cloud applications running on a cloud host have attack behaviours according to the application behaviour data and the security judgement rule, and sending the application behaviour data to the security processor when it is determined that the cloud applications running on the cloud host have attack behaviours; and the security processor is used for invoking an interface provided by a cloud controller in the cloud computing system to process the cloud applications having the attack behaviours according to the malicious application processing rule. The solution in the present invention performs security protection based on a cloud computing application level, can prevent mutual attacks between different applications inside the same host, and also reduces the influence on normal applications. |