引用本文: |
-
仝青,郭云飞,霍树民,王亚文.面向主动防御的多样性研究进展[J].信息安全学报,2022,7(3):119-133 [点击复制]
- TONG Qing,GUO Yunfei,HUO Shumin,WANG Yawen.Research Advances of Diversity Facing the Active Defense[J].Journal of Cyber Security,2022,7(3):119-133 [点击复制]
|
|
摘要: |
不同软件或执行过程通常存在不同的脆弱性,多样性技术基于该前提应用于系统的可靠性、安全性设计中,显著增强了系统的防御能力和入侵容忍能力,然而也存在系统代价高、复杂性高等不足。已有研究中出现了大量的多样性技术实现、系统设计以及相关的评估工作,覆盖范围广泛。针对主动防御领域内的多样性应用,围绕多样性应用性价比的问题,本文梳理了多样性研究中的典型工作和最新进展。首先对多样性综述研究工作进行了对比分析,讨论了多样性研究的主要内容和研究侧重点。其次对多样性概念进行了梳理,给出了时、空多样性的定义。再次,按照时空多样性的分类方法,对基于多样性的主动防御系统的架构和实现技术进行介绍,分析了时、空多样性系统的特点和实现方式。然后,对多样性度量和有效性评估方法进行了分类总结,分析了不同度量、评估方法的优势和不足。最后,提出了多样性技术的下一步研究方向。 |
关键词: 多样性 主动防御 分类 度量 评估 |
DOI:10.19363/J.cnki.cn10-1380/tn.2022.05.08 |
投稿时间:2021-02-19修订日期:2021-04-15 |
基金项目:本课题得到国家自然科学基金(No.62072467),国家重点研发计划课题(No.2018YFB0804004),国家自然科学基金创新研究群体项目(No.61521003)资助。 |
|
Research Advances of Diversity Facing the Active Defense |
TONG Qing, GUO Yunfei, HUO Shumin, WANG Yawen
|
(Strategic Support Force Information Engineering University, Zhengzhou 450002, China) |
Abstract: |
Different software or execution processes usually have different vulnerabilities. Based on that premise, diversity technology is applied to the design of system reliability and security, which significantly enhances the defense capability and intrusion tolerance capability of systems. However, it also has the shortcomings of high cost and high complexity. There are a lot of diversity technology implementation, system design and related assessment work in the existing research, covering a wide range. Focusing on the diversity application in the field of the active defense and the cost performance of applying diversity, this paper reviews the typical work and the latest progress in diversity research. Firstly, the diversity review research work is compared and analyzed, and the main contents and emphases of diversity research are discussed. Secondly, the concept of diversity is combed, and the definitions of temporal and spatial diversity are given. Thirdly, according to the classification method of temporal and spatial diversity, the architecture and implementation technology of diversity based active defense system are introduced, and the characteristics and implementations of temporal and spatial diversity systems are analyzed. Then, the diversity measurement and effectiveness evaluation methods are classified and summarized, and the advantages and disadvantages of different measurement and evaluation methods are analyzed. Finally, the future research direction of diversity technology is proposed. |
Key words: diversity active defense classification metric evaluation |