摘要
基于非相似余度架构(DRS)的网络空间安全技术是一种主动防御技术,其利用非相似性、冗余性等特性阻断或者扰乱网络攻击,以提高系统的可靠性和安全性。该文在研究异构性是如何提高系统的安全性的基础上,指出对异构性进行量化评估的重要性,将DRS的异构性定义为其执行体集的复杂性与差异性,并依此提出一种量化异构性的方法。实验结果表明,该方法可以将10个执行体集分为9类,而香浓-维纳指数、辛普森指数和Pielou指数只能分为4类。在理论上为DRS异构性量化评估提供了一种新方法,并为工程实现DRS系统提供了指导。
The Dissimilar Redundancy Structure (DRS) based cyberspace security technology is an active defense technology,which uses features such as dissimilarity and redundancy to block or disrupt network attacks to improve system reliability and security.By analyzing how heterogeneity can improve the security of the system,the importance of quantification of heterogeneity is pointed out and the heterogeneity of DRS is defined as the complexity and disparity of its execution set.A new method which is suitable for quantitative heterogeneity is also proposed.The experimental results show that this method can divide 10 execution sets into 9 categories,while the Shannon-Wiener index,Simpson index and Pielou index can only divide into 4 categories.This paper provides a new method to quantify the heterogeneity of DRS in theory,and provides guidance for engineering DRS systems.
作者
张杰鑫
庞建民
张铮
邰铭
刘浩
ZHANG Jiexin;PANG Jianmin;ZHANG Zheng;TAI Ming;LIU Hao(State Key Laboratory of Mathematical Engineering and Advanced Computing,Zhengzhou 450001,China)
出处
《电子与信息学报》
EI
CSCD
北大核心
2019年第7期1594-1600,共7页
Journal of Electronics & Information Technology
基金
国家自然科学基金(61472447)
国家重点研发计划(2016YFB0800104)
上海市科学技术委员会科研计划(16DZ1120502)~~
关键词
网络空间安全
漏洞
非相似余度
异构性
量化方法
Cyberspace security
Vulnerability
Dissimilar redundancy
Heterogeneity
Quantification method
