摘要
为了解决多样性系统在单一多样性策略下存在防御能力、防御代价和服务质量难以兼顾的问题,首先基于调度异构性、执行体安全性和空间多样性度量方法构造不同安全等级下的调度对象选择序列;然后根据对威胁环境的粗粒度评估,综合决策调度时机以及调度对象。通过在云环境下实现时空多样性Web服务系统,对所提调度策略进行攻防实验测试,并与已有调度策略进行了对比。结果显示,所提调度策略在可接受的防御代价增长范围内,显著提高了系统的防御能力,同时维持了较高的服务质量。
To solve the problem that a diversity system is difficult to take defense capability,defense cost and quality of service into account at the same time under a single diversity strategy,firstly,the scheduling object selecting sequences under different security levels were constructed based on the measurement of scheduling heterogeneity,executor security and spatial diversity.Then,according to the coarse-grained evaluation of threat environment,the scheduling time and scheduling object were determined comprehensively.Through the realization of the spatio-temporal diversity Web server system in a cloud environment,the proposed scheduling strategy was tested with attack and defense experiments and compared with the existing scheduling strategies.The results show that the proposed scheduling strategy improves the defense capability significantly and maintains a high quality of service within the acceptable defense cost increasing range.
作者
仝青
郭云飞
霍树民
王亚文
蔄羽佳
张凯
TONG Qing;GUO Yunfei;HUO Shumin;WANG Yawen;MAN Yujia;ZHANG Kai(Institute of Information Technology,Information Engineering University,Zhengzhou 450001,China;32066 Army of PLA,Kunming 652200,China;31401 Army of PLA,Rizhao 276800,China)
出处
《通信学报》
EI
CSCD
北大核心
2021年第7期12-24,共13页
Journal on Communications
基金
国家自然科学基金资助项目(No.62072467,No.61521003)
国家重点研发计划基金资助项目(No.2018YFB0804004)。
关键词
多样性
主动防御
自适应性
调度策略
攻防实验
diversity
active defense
self-adaptability
scheduling strategy
attack and defense experiment
