摘要: |
路由器是网络中的核心基础设备,但其面对基于漏洞和后门的攻击时却缺少有效的防御手段。拟态防御机制作为一种创新的主动防御方法引入到路由器的设计架构中,构建了路由器拟态防御原理验证系统。结合拟态防御机制的特性和路由器的特点,提出了针对路由器拟态防御原理验证系统的测试方法,并按照测试方法对该系统进行了全面测试,包括基础性能测试,拟态防御机制测试以及防御效果测试。测试结果表明,路由器拟态防御原理验证系统能在不影响路由器基本功能和性能指标的前提下实现了拟态防御机制,拟态防御机制能够改变固有漏洞或者后门的呈现性质,扰乱漏洞或后门的可锁定性与攻击链路通达性,大幅增加系统视在漏洞或后门的可利用难度。 |
关键词: 路由器 拟态防御 测试方法 漏洞 后门 |
DOI:10.19363/j.cnki.cn10-1380/tn.2017.01.004 |
Received:September 20, 2016Revised:November 03, 2016 |
基金项目:本课题得到国家自然科学基金创新研究群体项目(No.61521003)和国家重点研发计划(2016YFB0800100,2016YFB0800103)资助。 |
|
Tests and Analyses for Mimic Defense Ability of Routers |
MA Hailong,JIANG Yiming,BAI Bing,ZHANG Jianhui |
Institute of Information Technology, PLA Information Engineering University, Zhengzhou 450000, China |
Abstract: |
Routers are core devices in networks, but are still in lack of effective defense method against vulnerability-based and backdoor-based attacks. Therefore, the mimic defense mechanism, which is an implementation of innovative active defense theory, is employed into the architecture design of routers. Based on this mechanism, a "Verification System for the Mimic Defense Theory of Routers" is designed. With the characteristic of mimic defense mechanism and routers, a test method to evaluate the "Verification System for the Mimic Defense Theory of Routers" is proposed and implemented which include basic performance test, mimic defense mechanism test and defense effect test. Test results show that with no influence on basic performance, the "Verification System for the Mimic Defense Theory of Routers" could implement the mimic defense mechanism. What's more, it could also change the presentation of backdoor and vulnerability, disturb the locking process of backdoor or vulnerability attack and the accessibility of attack link, and significantly increase the difficulty of backdoor or vulnerability exploitation. |
Key words: router mimic defense test method vulnerability backdoor |