摘要: |
软件和信息系统的高速发展在给人们生活带来诸多便利的同时,也让更多的安全风险来到了我们身边,不法分子可以很方便的利用无处不在的网络和越来越自动化、低门槛的攻击技术去获得非法利益。面对这种现状,传统被动式的安全防御已显得力不从心,更高的防御需求,促进了安全领域不断研究新的主动防御技术。这其中,基于攻击面随机化扰动的移动目标防御技术和基于异构冗余思想的多变体执行架构技术受到了广泛的关注,被认为是有可能改变网络空间游戏规则的安全技术,有望改变攻防双方不平衡的地位。本文对近年来多变体执行架构技术在安全防御方面的研究工作进行归纳总结,梳理了该方向的关键技术及评价体系。在此基础上,分析了多变体执行架构在安全防御方面的有效性,最后指出多变体执行架构技术当前面临的挑战与未来的研究方向。 |
关键词: 多变体执行 安全防御 |
DOI:10.19363/J.cnki.cn10-1380/tn.2020.09.06 |
投稿时间:2019-09-12修订日期:2020-02-01 |
基金项目:本课题得到国家重点研发计划网络空间安全专项(No.2018YFB0804003,No.2017YFB0803204)资助。 |
|
A Survey on Multi-Variant Execution Security Defense Technology |
YAO Dong,ZHANG Zheng,ZHANG Gaofei,LIU Hao,PAN Chuanxing,WU Jiangxing |
State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, China;National Digital Switching System Engineering&Technological R&D Center, Zhengzhou 450002, China |
Abstract: |
The rapid development of software and information systems has brought many conveniences to people's lives, and at the same time, more security risks have come to us. Lawless elements can easily exploit ubiquitous networks and increasingly automated, low-threshold attack techniques to gain illicit benefits. Faced with this situation, the traditional passive security defense has become incapable, and the higher defense demand has promoted the continuous research of new active defense technologies in the security field. Among them, the moving target defense technology based on attack surface randomization perturbation and the multi-variant execution architecture technology based on heterogeneous redundancy idea have received extensive attention, and it is considered to be a security technology that may change the rules of cyberspace games, and is expected to change the offensive and defensive positions. This paper summarizes the research work of multi-variant execution architecture technology in security defense in recent years, and combs the key technology and evaluation system in this direction. On this basis, the effectiveness of multi-variant execution architecture in security defense is analyzed. Finally, we pointed out the current challenges and future research directions of multi-variant implementation architecture technology. |
Key words: multi-variant execution security defense |