摘要
拟态防御技术是解决现有网络环境“易攻难守”局面的有效手段,拟态防御技术通过提升系统的动态性、异构性和随机性来构建安全可靠的系统。异构执行体的调度是拟态防御的关键环节。已有的调度算法缺乏态势感知能力,只能按照已有策略对执行体进行调度,存在适用性差的问题。为此,提出了一种基于执行体防御能力的调度算法DCOE。DCOE基于经典的流量监测算法,识别出当前流量的威胁类型和威胁程度,并根据各执行体针对当前流量的防御能力动态地调整异构执行体的种类和数量。仿真实验表明,DCOE算法可以在减少对异构执行体调度次数的基础上降低系统的失效率和逃逸率,即在降低系统开销的前提下提升系统的防御水平,增加敌手的攻击难度。
Mimic defense technology is an effective means to solve the easy to attack but difficult to defend situation in existing network environment.Mimic defense technology builds a safe and reliable system by improving the dynamics,heterogeneity and randomness of the system.The scheduling of heterogeneous executive bodies is the key link of mimic defense.Existing scheduling algorithms lack of situational awareness and can only schedule the executor according to the existing strategy,which has the problem of poor applicability.For this reason,DCOE,a scheduling algorithm based on the comprehensive defense capability of the executive body is proposed.Based on the classic traffic monitoring algorithm,DCOE identifies the threat type and threat level of the current traffic,and dynamically adjusts the types and numbers of heterogeneous executives according to the defense capabilities of each executive against the current traffic.Simulation experiments show that,the DCOE algorithm can reduce the failure rate and escape rate of the system on the basis of reducing the number of scheduling heterogeneous executives,that is,improve the overall defense level of the system on the premise of reducing the system overhead,and increase the difficulty of the adversary’s attack.
作者
刘文贺
贾洪勇
潘云飞
LIU Wen-he;JIA Hong-yong;PAN Yun-fei(School of Cyber Science and Engineering,Zhengzhou University,Zhengzhou 450000,China)
出处
《计算机科学》
CSCD
北大核心
2022年第S02期690-695,共6页
Computer Science
基金
河南省科技攻关计划(192102210115)
郑州市协同创新重大专项(20XTZX-X010)
关键词
拟态防御
异构执行体
调度算法
执行体防御能力
仿真
Mimic defense
Heterogeneous executor
Scheduling algorithm
Executor defense ability
Simulation
