摘要
分析表明,拟态主动防御技术未来将广泛应用于军用、民用等领域以实现未知漏洞、未知后门的防御。其中,多模裁决是拟态主动防御中的核心模块,决定着主动防御应用的输出结果。一旦多模裁决模块受到恶意篡改等攻击行为,将影响应用的正常运行。因此,保障多模裁决模块的安全性具有重要的现实意义。针对恶意数据注入攻击,研究多模裁决中的恶意数据注入攻击及其防御方法,考虑一种包含多个子裁决器的分布式多模裁决模型,基于共识完成多模裁决。子裁决器通过不断与邻居子裁决器交换信息来完成全局裁决。站在攻击者角度,阐述一种随机性恶意数据注入攻击并分析其攻击影响,在防御者角度,提出了一种基于自适应门限的多模裁决方法以防御随机性恶意数据注入攻击,同时通过切断受恶意数据感染的子裁决器,有效阻断恶意数据的传播。
The analysis shows that the active cyberspace mimic defense technology will be widely used in military,civil and other fields in the future to achieve the defense of unknown vulnerabilities and unknown backdoors.Among them,multi-mode decision is the core module of pseudo active defense,which determines the output of active defense applications.Once the multi-mode decision module is subjected to malicious tampering and other attacks,the normal operation of the application will be affected.Therefore,it is of great practical significance to ensure the security of multi-mode decision module.For the malicious data injection attack,the malicious data injection attack and its defense methods in multi-mode adjudication are studied.A distributed multi-mode adjudication model including multiple sub adjudicators is considered to complete multi-mode adjudication based on consensus.The sub adjudicator completes the global decision by continuously exchanging information with the neighboring sub adjudicators.From the attacker’s point of view,a random malicious data injection attack is described and its impact is analyzed.From the defender’s point of view,a multi-mode decision method based on adaptive threshold is proposed to defend against random malicious data injection attacks.At the same time,the propagation of malicious data is effectively blocked by cutting off the sub decision makers infected by malicious data.
作者
宋歌
杨哲明
周豪睿
杨柳
叶婷婷
SONG Ge;YANG Zheming;ZHOU Haorui;YANG Liu;YE Tingting(Zhejiang Energy Group Co.,Ltd.,Zhejiang 310032,China;Zhejiang Zheneng Natural Gas Operation Co,Ltd.,Zhejiang 310035,China;Zhejiang Zheneng Technology Research Institute Co.,Ltd.,Zhejiang 311100,China;Institute of Advanced Technology,Zhejiang University,Zhejiang 310027,China)
出处
《电子技术(上海)》
2022年第6期38-41,共4页
Electronic Technology
基金
浙能集团科技资助项目(ZNKJ-2019-092)。
关键词
计算机工程
主动防御
多模裁决
恶意数据注入攻击
computer engineering
active defense
multi-mode decision
malicious data injection attack