Junning QIN, Jiajia HAN, Sheng ZHOU, et al. Modeling of the mimic defense based on heterogeneous redundancy[J]. Telecommunications science, 2020, 36(5): 31-38.
DOI:
Junning QIN, Jiajia HAN, Sheng ZHOU, et al. Modeling of the mimic defense based on heterogeneous redundancy[J]. Telecommunications science, 2020, 36(5): 31-38. DOI: 10.11959/j.issn.1000-0801.2020143.
Modeling of the mimic defense based on heterogeneous redundancy
The unbalanced development status of network security was introduced.The main hazards and the mechanism model of penetration testing were described
and the inherent shortcomings of many existing traditional defense methods were analyzed.However
new method of the mimic defense model makes the attack information obtained invalid by dynamically selecting the executive set and adaptively changing the system composition.The same attack mode is difficult to be maintained or reproduced.Based on the attack chain model
the traditional defensetechnology and mimic defense technology were analyzed and compared
and it was demonstrated that it had a protective role in multiple stages of the attack chain.Finally
the effectiveness and superiority of the mimic defense was verified by experiments
and the model was summarized and prospected.
关键词
Keywords
references
SUBRAHMANIAN V S , OVEKGONN M , DUMITRAS T , et al . The global cyber-vulnerability report [J ] . Springer Int’l Publishing , 2015 ( 10 ): 33 - 64 .
China Information Technology Security Evaluation Center . China national vulnerability database of information security [EB ] . 2015 .
XU H , CHEN X , ZHOU J , et al . Research on basic problems of cognitive network intrusion prevention [C ] // Proceedings of 9th International Conference on Computational Intelligence and Security (CIS) . Piscataway:IEEE Press , 2013 : 514 - 517 .
CHUNG C J , KHATKAR P , XING T , et al . NICE:network intrusion detection and countermeasure selection in virtual network systems [J ] . IEEE Transaction on Dependable and Secure Computing , 2013 , 10 ( 4 ): 198 - 211 .
MADA B B , GOSEVAP K , VAIDYANATHAN K , et al . A method for modeling and quantifying the security attributes of intrusion tolerant systems [J ] . Performance Evaluation , 2004 , 56 ( 14 ): 167 - 186 .
WU J X . Research on cyberspace mimic defense [J ] . Journal of Information Security , 2016 , 1 ( 4 ): 1 - 10 .
WU J X . The original intention and vision of mimic computing and mimic security defense [J ] . Telecommunications Science , 2014 , 30 ( 7 ): 2 - 7 .
National Science and Technology Council . Trustworthy cyberspace:strategic plan for the federal cybersecurity research and development program [EB ] . 2011 .
VOAS J , GHOSH A , CHARRON F , et al . Reducing uncertainty about common-mode failures [C ] // Proceedings of IEEE Symposium on Software Reliability Engineering (SRE’ 97) . Piscataway:IEEE Press , 1997 : 308 - 319 .
LECITIN G . Optimal structure of fault-tolerant software systems [J ] . Reliability Engineering & System Safety , 2005 , 8 ( 3 ): 286 - 295 .
LIU C , LI C Q , QIU G W . Research on intruder countermeasures based on CobaltStrike and office vulnerabilities [J ] . Cyberspace Security , 2018 ( 1 ): 56 - 61 .