摘要
随着云服务的应用范围越来越广,基于未知漏洞或后门的攻击成为制约云技术发展的主要安全威胁之一。基于拟态防御建立的拟态云服务通过降低漏洞的持续性暴露概率来保障安全性,当前已有研究提出的拟态调度算法缺乏对执行体自身安全性的考虑,并且无法兼顾动态性和异构性。针对此问题文章通过引入执行池的异构度和安全度定义,提出一种基于异构度和安全度的优先级调度算法,并引入结合时间片的动态调度策略。实验结果表明,文章所提算法具有较好的动态性,能够获得较优的调度效果,实现了动态性、异构性和安全性之间的平衡,并且时间复杂度较低。
As cloud services become more widely used,attacks based on unknown vulnerabilities or backdoors become their most significant security threat.Mimic cloud services based on mimic defense are established to secure them by reducing the probability of continuous exposure to vulnerabilities.However,the mimic scheduling algorithm proposed by current research lacks the consideration of executors’own security and cannot take into account dynamicity and heterogeneity.This paper proposed a priority scheduling algorithm based on heterogeneity and security degree by introducing the definition of heterogeneity and security degree of execution pool,and introduced a dynamic scheduling strategy combining time slices to solve the above problems.The experimental results show that the proposed algorithm has better dynamicity and can obtain better scheduling effect,achieving the balance between dynamicity,heterogeneity and security,and also has the advantages of low time complexity.
作者
王瑞民
省永续
宋伟
张建辉
WANG Ruimin;XING Yongxu;SONG Wei;ZHANG Jianhui(School of Computer and Artificial Intelligence,Zhengzhou University,Zhengzhou 450001,China;Henan Academy of Big Data of Zhengzhou University,Zhengzhou 450052,China;School of Cyber Science and Engineering,Zhengzhou University,Zhengzhou 450002,China;Songshan Laboratory,Zhengzhou 450001,China)
出处
《信息网络安全》
CSCD
北大核心
2023年第3期45-55,共11页
Netinfo Security
基金
国家自然科学基金[61872382]
国家电网有限公司总部科技项目[5700-202024176A-0-0-00]。
关键词
拟态防御
拟态云
异构度
安全度
优先级调度
mimic defense
mimic cloud
heterogeneity
security
priority scheduling
