| 摘要: |
| 当前传统网络的攻击面存在静态性和同构性,随着高级可持续性威胁(Advanced Persistent Threat, APT)的持续爆发, 以“筑高墙、堵漏洞、打补丁”为基础的被动防御思路,致使“攻防不对称”的安全态势进一步凸显。通过攻击面混淆技术,防御方动态调整攻击面位置,增强攻击面的欺骗性,成为学术界提升网络主动防御能力的重要手段。因此有必要关注基于攻击面混淆构建网络主动防御能力的研究成果与发展趋势。本文首先对攻击面、网络攻击面和网络攻击面混淆等概念进行阐述。然后将网络攻击面混淆技术归纳为攻击面动态转移、欺骗攻击面模拟以及欺骗动态转移三类,并对各类混淆方法的研究状况、进展进行了总结和归纳,同时综述了攻击攻击面混淆技术的评估评价方法。最后展望了攻击面混淆技术未来的研究方向。 |
| 关键词: 攻击面 攻击面转移 攻击面模拟 移动目标防御 欺骗防御 |
| DOI:10.19363/J.cnki.cn10-1380/tn.2025.04.18 |
| 投稿时间:2024-04-09修订日期:2024-06-18 |
| 基金项目: |
|
| A Survey of Research on Attack Surface Obfuscation for Network Active Defense |
|
xuguokun
|
| (institute of information engineering,cas) |
| Abstract: |
| The current attack surface of traditional networks has static and isomorphic characteristics. With the continuous outbreak of Advanced Persistent Threat (APT), the passive defense strategy based on "building high walls, plugging vulnerabilities, and patching" has further highlighted the security situation of "asymmetric attack and defense". Using the attack surface obfuscation technology, the defenders dynamically adjusts the position of the attack surface to enhance its deceptive nature, which has become an important method for the academic community to enhance the network""s active defense capabilities. Therefore, it is necessary to pay attention to the research results and development trends of constructing network active defense capabilities based on attack surface obfuscation. This paper first elaborates on the concepts of attack surface, network attack surface, and network attack surface obfuscation. Then, the network attack surface obfuscation technology is classified into three categories: attack surface dynamic transfer, deception attack surface simulation, and deception dynamic transfer. The research status and progress of various obfuscation methods are analyzed and summarized, and the evaluation methods of attack surface obfuscation technology are also summarized. Finally, the future research directions of attack surface obfuscation technology were discussed. |
| Key words: attack surface attack surface transfer attack surface simulation moving target defense deception defense |
