摘要: |
针对传统防御技术难以应对未知特征和未知缺陷的攻击,近年来,工业界和学术界尝试发展能够“改变游戏规则”的创新性防御技术。网络空间拟态防御(CMD:Cyberspace Mimic Defense)以动态异构冗余(DHR:Dynamical Heterogeneous Redundant)作为核心架构技术。针对信息系统保护的元功能,采用非相似余度设计方法构造多个功能等价的异构执行体;在系统运行期间,动态调度元功能的不同异构执行体在线运行,以阻断攻击者的攻击过程;同时,利用多模判决机制对多个异构执行体的输出结果进行判决,以检测是否发生攻击。本文针对DHR模型的若干问题进行了探讨,给出了一种理论分析方法,并进行了实验仿真,理论分析和仿真结果表明,DHR能够大幅提升攻击者攻击难度,增强信息系统的安全性。 |
关键词: 动态异构余度 动态调度 异构性 冗余性 |
DOI:10.19363/j.cnki.cn10-1380/tn.2016.04.004 |
Received:September 13, 2016Revised:September 23, 2016 |
基金项目:本课题得到中国博士后基金项目(No.44603)、国家自然科学基金项目(No.61309020)、国家自然科学基金创新研究群体项目(No.61521003)和国家重点研发计划项目(Nos.2016YFB0800100,2016YFB0800101)资助。 |
|
Performance Evaluations on DHR for Cyberspace Mimic Defense |
HU Hongchao,CHEN Fucai,WANG Zhenpeng |
National Digital Switching System Engineering & Technological R&D Center, Zhengzhou 450002, China |
Abstract: |
In recent years, both academia and industry have tried to develop innovative defense technologies, since existing defense technologies are difficult to deal with the attacks employing unknown security flaws or backdoors. Starting from analyzing the root causes of security problems in cyberspace, that is, 1) security flaws (holes and the back doors) in information systems are universal; 2) current cyberspace elements are static and homogeneous, as a result, the security flaws can be widely adopted; 3) existing techniques are difficult to check and remove security flaws. Due to this, professor Wu Jiangxing proposed a novel defense framework, namely cyberspace mimic defense (CMD), to defense network attacks employing unknown security flaws by introducing dynamical dissimilarity redundancy mechanism (DHR: dynamical heterogeneous redundant). DHR constructs several functionally equivalent variants for the meta function to be protected, dynamically schedules several variants to run in parallel to block the attacking process. At the same time, it uses multimode decision mechanism to decide which outputs of the running variants are correct and whether attacks have occurred. This paper mainly focuses on the evaluation issue of DHR, and analyzes its performance with a theoretical model. Simulations results show that DHR can significantly improve the security performance of information systems. |
Key words: Dynamical, heterogeneous and redundant dynamical scheduling heterogeneity redundancy |