摘要
网络级移动目标防御技术是应对诸如泛洪攻击等攻击手段的有效方式。但现有网络级移动目标防御系统多采用单一静态中央控制器,这种集中式的管理架构易带来单点故障以及数据不可信等风险。针对上述问题,本文提出一种基于区块链的网络级移动目标防御方案,通过PoW共识机制实现中央控制器的动态切换,解决集中式中央控制器带来的单点故障问题并提高其健壮性。此外,基于区块链所构建的分布式可信网络环境,在动态中央控制器中引入负载均衡与容灾备份机制,使得网络级移动目标防御系统具有良好的高并发服务请求能力以及遭遇致命网络攻击后的服务快速恢复能力。本文设计并实现了基于区块链的网络级移动目标防御原型系统并进行充分的性能测试实验。实验结果表明系统具有良好的可用性和鲁棒性。
The network-level moving target defense is an effective approach to deal with the cyber attacks,like flooding attack.However,the existing network-level moving target defense systems mostly adopt the static central controller.This kind of centralized management architecture is prone to risks such as single point of failure or untrusted data.To address the above problems,this paper proposes a scheme of network-level moving target defense system based on blockchain,which realizes dynamically switching the central controller through the PoW consensus mechanism and overcomes the single point of failure of it and improves its robustness.In addition,based on the distributed trusted network environment constructed by blockchain,this paper establishes load balancing mechanism and disaster-tolerant backup mechanism for the dynamic central controller,making the system have good performance in dealing with the high concurrent service requests and recovering quickly from paralysis.Finally,this paper designs and implements the prototype system of network-level moving target defense system based on blockchain.The test results show that the designed system has good availability and robustness.
作者
段鹏飞
兰茹
DUAN Peng-fei;LAN Ru(College of Oceanography & Space Informatics, China University of Petroleum(East China), Qingdao 266580, China)
出处
《计算机与现代化》
2021年第8期121-126,共6页
Computer and Modernization
基金
山东省自然科学基金资助项目(ZR2019MF034)
国家自然科学基金资助项目(61772551)。
关键词
移动目标防御
区块链
去中心化
负载均衡
容灾备份
moving target defense
blockchain
decentralization
load balancing
disaster-tolerant backup
