期刊文献+

面向进程多变体软件系统的攻击面定性建模分析

Qualitative modeling and analysis of attack surface for process multi-variant execution software system
下载PDF
导出
摘要 攻击面是衡量软件系统安全性的一个重要指标,采用攻击面描述可以通过集合的方式描述软件系统的安全性并对其进行度量。一般的攻击面模型基于I/O自动机模型对软件系统进行建模,其一般采用非冗余的架构,难以应用于类似多变体系统这类异构冗余的系统架构。Manadhatad等提出了一种在非相似余度系统中进行攻击面度量的方式,但其采用的系统架构表决粒度和表决方式与多变体系统不同,无法准确度量多变体系统的攻击面。因此,在传统攻击面模型基础上,结合多变体系统异构冗余架构的特点,对传统攻击面模型进行扩展,并构建多变体系统的攻击面模型;使用形式化方式表示多变体系统的攻击面,根据多变体系统在系统出口点处的表决机制对传统攻击面模型进行改进,以使其能解释多变体系统攻击面缩小的现象,通过该建模方式,能够说明采用多变体架构的多变体系统在运行过程中攻击面的变化。采用了两组多变体执行架构的软件系统进行实例分析,分别通过与未采用多变体架构的功能相同的软件系统在未受攻击和遭受攻击两种情境下进行攻击面的对比分析,体现多变体系统在攻击面上的变化。结合攻击面理论与多变体执行系统的特点提出了一种面向多变体执行系统的攻击面建模方法,目前可以定性分析多变体执行系统攻击面的变化,未来将在定量分析多变体执行系统攻击面的方向继续进行深入研究。 Attack surface is an important index to measure security of software system.The general attack surface model is based on the I/O automata model to model the software system,which generally uses a non-redundant architecture and it is difficult to apply to heterogeneous redundant system architectures such as multi variant systems.Manadhatad et al.proposed a method to measure the attack surface in a dissimilar redundancy system.However,the voting granularity and voting method of the system architecture adopted by Manadhatad are different from those of the multi-variant system,which cannot accurately measure the attack surface of the multi variant system.Therefore,based on the traditional attack surface model,combined with the characteristics of heterogeneous redundant architecture of multi variant systems,the traditional attack surface model was extended and the attack surface model of multivariant systems was constructed.The attack surface of the multi variant system was represented in a formal way,and the traditional attack surface model was improved according to the voting mechanism of the multi variant system at the exit point of the system,so that it can explain the phenomenon that the attack surface of the multi variant system shrinks.Through this modeling method,the change of the attack surface of the multi variant system adopting the multi variant architecture can be explained in the running process.Then,two groups of software systems with multi variant execution architecture were used as analyzing examples.The attack surface of the software systems with the same functions as those without multi variant architecture were compared and analyzed in two situations of being attacked and not being attacked,reflecting the changes of the multi variant system in the attack surface.Combining the attack surface theory and the characteristics of the multi variant execution system,an attack surface modeling method for the multi variant execution system was proposed.At present,the changes of the attack surface of the multi variant execution system can be qualitatively analyzed.In-depth research in the quantitative analysis of the attack surface of the multi variant execution system will be continually conducted.
作者 邢福康 张铮 隋然 曲晟 季新生 XING Fukang;ZHANG Zheng;SUI Ran;QU Sheng;JI Xinsheng(Information Engineering University,Zhengzhou 450001,China;Information Center of Logistics Support Department of Central Military Commission,Beijing 100089,China)
出处 《网络与信息安全学报》 2022年第5期121-128,共8页 Chinese Journal of Network and Information Security
基金 国家自然科学基金(61521003) 国家重点研发计划(2018YF0804003,2017YFB0803204)。
关键词 多变体 攻击面 攻击面度量 网络安全 multi-variant execution attack surface attack surface metric network security
  • 相关文献

参考文献7

二级参考文献39

共引文献106

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部