摘要: |
网络空间的攻击和防御呈现不对称性,防御往往处于被动地位。基于软硬件多样性的主动防御技术试图改变攻防的不对称性,是当今网络空间防御技术的研究热点之一。本文介绍了基于多样性的主动防御所利用的主要技术手段,分析了入侵容忍、移动目标防御和拟态防御三种主动防御框架下的系统实现,并对比分析了三种主动防御技术的防御效果和优缺点,最后展望了基于软硬件多样性的主动防御技术的发展方向。 |
关键词: 主动防御 多样性 入侵容忍 移动目标防御 拟态防御 |
DOI:10.19363/j.cnki.cn10-1380/tn.2017.01.001 |
Received:September 26, 2016Revised:October 25, 2016 |
基金项目:本课题得到国家重点研发计划(2016YFB0800104),上海市科学技术委员会科研计划项目(14DZ1105300),国家自然科学基金(61572520)和国家自然科学基金创新研究群体项目(61521003)资助。 |
|
The Active Defense Technology Based on the Software/Hardware Diversity |
TONG Qing,ZHANG Zheng,WU Jiangxing |
State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, China;National Digital Switching System Engineering & Technological R & D Center, Zhengzhou 450002, China |
Abstract: |
There is an asymmetric phenomenon in the cyber security, where the defense is often passive while the attack is active. The technologies of active defense try to rebalance the situation in the attack-defense game, which has been a question of heat in the research of cyber defense technology. First, the methods based on the software/hardware diversity are introduced, and then three kind of active defense, including intrusion tolerance, moving target defense and mimic defense, are interpreted with several systems and architectures. And then, the defense effect, pros and cons of the active defense are compared and analyzed. Finally, the future work and research direction are discussed. |
Key words: Active defense diversity intrusion tolerance moving target defense mimic defense |