引用本文
  • 郭威,邬江兴,张帆,沈剑良.基于自动机理论的网络攻防模型与安全性能分析[J].信息安全学报,2016,1(4):29-39    [点击复制]
  • GUO Wei,WU Jiangxing,ZHANG Fan,SHEN Jianliang.A Cyberspace Attack and Defense Model with Security Performance Analysis Based on Automata Theory[J].Journal of Cyber Security,2016,1(4):29-39   [点击复制]
【打印本页】 【下载PDF全文】 查看/发表评论下载PDF阅读器关闭

←前一篇|后一篇→

过刊浏览    高级检索

本文已被:浏览 6989次   下载 6738 本文二维码信息
码上扫一扫!
基于自动机理论的网络攻防模型与安全性能分析
郭威, 邬江兴, 张帆, 沈剑良
0
(国家数字交换系统工程技术研究中心 郑州 中国 450002)
摘要:
针对当前自动机模型对系统状态表达不完整,单一视角建模无法满足网络攻防行为刻画需求的问题,本文提出一种视角可变的变焦有限自动机(Zooming Finite Automata,ZFA)结构。ZFA使用完整的参量集合取值对状态进行标示,设置观测系数增强模型对于多角度分析系统行为过程的能力。结合ZFA结构给出了网络攻防模型和安全性能分析方法,分析揭示了传统安全手段的天然劣势以及移动目标防御技术的局限性。最后,讨论了网络空间拟态防御(Cyberspace Mimic Defense,CMD)技术中核心部件——异构执行体的实现结构,从理论上证明了构建“多参数”不确定性可获得超线性增益。
关键词:  网络空间安全  自动机  变焦  攻防模型  安全性能  网络空间拟态防御  多参数不确定性
DOI:10.19363/j.cnki.cn10-1380/tn.2016.04.003
投稿时间:2016-09-10修订日期:2016-09-30
基金项目:本课题得到国家自然科学基金面上项目网络空间拟态安全异构冗余机制研究(61572520)资助、国家自然科学基金创新研究群体项目(No.61521003)和国家重点研发计划项目(Nos.2016YFB0800100,2016YFB0800101)支持。
A Cyberspace Attack and Defense Model with Security Performance Analysis Based on Automata Theory
GUO Wei, WU Jiangxing, ZHANG Fan, SHEN Jianliang
(National Digital Switching System Engineering & Technological R&D Center, Zhengzhou 450002, China)
Abstract:
The incompletion of current automata model for system state expression and the singleness of angle on modeling cannot meet the requirement for characterization of cyberspace attack and defense. To address the problem, this paper proposes an angle-variable Zooming Finite Automaton (ZFA) structure. In ZFA, a complete set of parameters is used to identify the status of the state, and the observation coefficient it set up to enhance the ability of system analysis in a multi angle. The cyberspace attack and defense model and the security performance analysis method are given by means of the ZFA structure. The analysis reveals the natural disadvantage of the traditional security methods and the limitations of the moving target defense technology. Finally, the core components of the Cyberspace Mimic Defense (CMD) theory -- executive isomer architecture is discussed, and theoretically proved that the super linear growth of uncertainty can be obtained by construction at "Multi parameter".
Key words:  cyberspace security  automata  zooming  attack and defense model  security performance  cyberspace mimic defense  multi parameter