基于红蓝对抗的拟态防御体系构建

Construction of mimic defense system based on red-blue confrontation

由于目前网络空间处于攻防不对等的态势,基于“已知风险”的防护体系已经无法满足日益严峻的攻击压力,需要构建一种可以对“未知风险”进行防护且有一定自适应能力的安全架构。本文通过将红蓝对抗经验引入到安全防护体系的建设中,以网站防护为例,构建基于拟态防御的安全架构模型,提出将自适应防护能力集合到安全工作中的方法,从而提高了信息系统对未知威胁攻击的防护能力。

Due to the situation of unequal attack and defense in the current cyberspace,the protection system based on"known risks"can no longer meet the increasingly severe attack pressure,so it is necessary to build a security architecture that can protect against"unknown risks"and has certain adaptive ability.This paper introduces red-blue experience into the construction of security protection system,takes website protection as an example,studies the construction of security architecture model based on mimicry defense,and proposes the method of integrating adaptive defense capabilities into security work,so as to improve the protection ability of information system against unknown threat attacks.