摘要
目前,常规的信息系统主要实施静态、被动的网络空间安全防御,处于易攻难守的不利局面。移动目标防御(Moving Target Defense,MTD)作为一种动态、主动的防御技术,改变了传统网络安全防御的方式,其核心思想是防御者要不断改变系统的攻击面,以增加攻击者实施攻击的难度。简要介绍MTD常见实施原理,结合主流安全评估技术分析MTD安全评估问题及其难点,特别是在安全建模、安全目标和安全评估方法等方面,指出了其所面临的新的难题和挑战,重点就安全建模和评估方法方面论述并总结了现有MTD安全评估研究进展。最后,指出了MTD安全评估技术未来的重点研究方向。
At present, the conventional information system mainly implements static and passive cyberspace security defense, and thus is in an unfavorable situation of easy to attack and hard to keep. As a dynamic and active defense technology, mobile target defense changes the way of traditional network security defense. The core idea is that the defender should constantly change the attack surface of the system so as to increase the attacker's difficulty in carrying out the attack. The common implementation principles of MTD are briefly introduced, and the problems and difficulties of MTD security assessment are analyzed in combination with the mainstream security assessment technology. And the new problems and challenges are pointed out particularly in the aspects of security modeling, safety goals and safety assessment methods. Meanwhile the research progress of existing MTD security assessment is discussed and summarized from the aspects of security modeling and evaluation methods. Finally, the key research direction of MTD security assessment technology is given.
作者
张莹
张保稳
ZHANG Ying;ZHANG Bao-wen(Shanghai Jiao Tong University School of Cyber Security, Shanghai 200240, China;Shanghai Key Laboratory of Integrated Administration Technologies for Information Security, Shanghai 200240, China)
出处
《通信技术》
2018年第1期1-6,共6页
Communications Technology
基金
科技部国家重点研发计划(No.2016YFB0800100
No.2016YFB0800105)
国家自然科学地区科学基金项目(No.61562004)~~
关键词
移动攻击面
移动目标防御
网络空间安全
安全评估
moving attack surface
moving target defense
cyberspace security
security assessment
