基于信息熵的分布式Web服务移动目标防御方案

Distributed Web Service Moving Target Defense Scheme Based on Information Entropy

移动目标防御技术是为了改变传统静态防御的被动性所提出的一种主动防御技术,通过动态地变换系统中的各个攻击面来增加攻击者攻击的成本,实现主动防御。变换方式以及变换频率是移动目标防御系统的关键,目前移动目标防御系统的变换方式以及变换频率通常是管理者根据经验去设定,无法达到安全性和成本之间平衡的局面。针对这个问题,提出基于信息熵的分布式Web服务移动目标防御方案,方案通过信息熵的思想对异常流量进行识别和检测,进而根据检测结果来实时动态选取异构的变换模式以达到最大收益。进一步针对Web服务的防御策略进行研究设计。实验结果表明,该方案对网络状态识别和预测具有较高的准确性,并且多样化的变换策略能够有效抵御不同的攻击类型,增强了系统通信安全性及服务过程中的抗攻击能力。

The moving target defense technology is an active defense technology proposed to change the passiveness of the traditional static defense technology,which dynamically transforms each attack surface in the system to increase the cost of the attackers and achieve active defense.The transformation mode and the transformation frequency are key factors of the moving target defense system.At present,the transformation mode and transformation frequency of the moving target defense system are usually set manually by administrators according to their experience,and cannot achieve a balance between security and cost.Aiming at this problem,a distributed Web service moving target defense scheme based on information entropy is proposed.The scheme identifies and detects abnormal flow through information entropy theory,and then dynamically selects heterogeneous transform modes in real time according to the detection result to achieve maximum benefits.Then further research and design can be done according to the defense strategy of Web services.The experiment shows that the proposed scheme has high accuracy for network state recognition and prediction,and the diversified transformation strategy can effectively resist different kind of attacks,which enhances the system communication security and anti-attack capability in the service process.