A Survey on Multi-Variant Execution Security Defense Technology
YAO Dong,ZHANG Zheng,ZHANG Gaofei,LIU Hao,PAN Chuanxing,WU Jiangxing
State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, China;National Digital Switching System Engineering&Technological R&D Center, Zhengzhou 450002, China
The rapid development of software and information systems has brought many conveniences to people's lives, and at the same time, more security risks have come to us. Lawless elements can easily exploit ubiquitous networks and increasingly automated, low-threshold attack techniques to gain illicit benefits. Faced with this situation, the traditional passive security defense has become incapable, and the higher defense demand has promoted the continuous research of new active defense technologies in the security field. Among them, the moving target defense technology based on attack surface randomization perturbation and the multi-variant execution architecture technology based on heterogeneous redundancy idea have received extensive attention, and it is considered to be a security technology that may change the rules of cyberspace games, and is expected to change the offensive and defensive positions. This paper summarizes the research work of multi-variant execution architecture technology in security defense in recent years, and combs the key technology and evaluation system in this direction. On this basis, the effectiveness of multi-variant execution architecture in security defense is analyzed. Finally, we pointed out the current challenges and future research directions of multi-variant implementation architecture technology.
Key words:  multi-variant execution  security defense