中文摘要：

云计算从提出以来就具备着动态性、虚拟化和开放性，频频出现的各种大型的云安全事故使得云环境中的安全性受到质疑。为了能够确保云环境的安全，将入侵防御技术与可信计算的信任理论相结合，提出了一个云环境下基于可信计算的入侵防御框架模型。该模型从入侵防御的原理出发，首先实时监控采集、获取行为特征，然后将这些特征进行规范化，并逐步确定各个特征的权重后得出用户节点的可信度。利用多种云端的集群服务器引擎进行检测防御以及综合分析决策和聚类分析，使云端能够及时快速、高效地抵御恶意行为的攻击，改变传统入侵防御各自为营，检测防御滞后的状况，为云用户提供最大安全限度的入侵防御服务，同时也能够确保云端抵御攻击，做到云端和云用户双向安全的效果。

英文摘要：

Cloud computing has the nature of being dynamic , virtual and open since it was used , and all kinds of large-scale cloud security incidents make the safety of cloud environments frequently questioned . To ensure the security of cloud environments , it proposed an intrusion prevention framework model , based on trusted computing in cloud environments , by combining intrusion prevention technologies and trusted computing ideas .The model began with the principle of intrusion prevention with access to behav-ioral characteristics .Then , these features were gradually normalized , and the weight of each feature was determined to obtain user nodes＇credibility.Next, it used a variety of cloud cluster server engines to de-tect defense and make integrated decision analysis and cluster analysis , enabling the cloud to make timely fast intrusion prevention , which avoids the drawbacks of the traditional intrusion prevention , such as min-ding only their own business , lagging behind in detecting and preventing attacks .The model provides cloud users with the maximum intrusion prevention services , and ensures that the cloud can withstand at-tacks, making the cloud and cloud users secure .