摘要
动态目标防御技术作为"改变游戏规则"的防御技术,在对抗高级持续威胁中提供了一种主动变换的防御方法。虽然已有部分动态防御技术成功应用,但针对其有效性评估的研究还停留在小范围、单层次的技术上,从而阻碍了多层次融合的动态防御技术应用于实际部署。该文针对以上问题,首先以系统角度扩展了攻击面定义,建立了系统攻击面及其变化的参数模型;在此基础上,提出了基于系统攻击面变化参数序列的评估模型,构建了攻击状态与系统攻击面变化参数之间的联系,解决了在较大规模网络拓扑下对多层次动态防御技术的有效性评估问题;最后以典型信息系统为案例,利用该模型评估了不同防御环境下动态目标防御技术的有效性,得到了直观且准确的结果,可以进一步指导动态目标防御技术效能优化问题和最优部署问题的研究。
Moving target defense(MTD)is a proactive method that protects against advanced persistent threats(APT)in cybersecurity.Although partial MT techniques have been employed in systems,there are no good effectiveness assessments,which hinders the use of multilayer MTD systems world-wide.This paper presents an MTD effectiveness evaluation method based on a system attack surface model with shifting parameters(SASSP)using an enlarged definition of the Attack Surface.The SASSP sequence is used in the MTD effectiveness assessment model to establish a relationship between the attacking states and the SASSP to evaluate the multi-layer MT techniques in larger topologies.A case study is given to illustrate the assessment effectiveness to guide the effectiveness and cost trade-off optimization of MTD systems.
作者
熊鑫立
赵光胜
徐伟光
李渤
XIONG Xinli;ZHAO Guangsheng;XU Weiguang;LI Bo(College of Command and Control Engineering,Army Engineering University of PLA,Nanjing 210007,China;College of Computer,National University of Defense Technology,Changsha 410073,China;College of Cyberspace Security,PLA Information Engineering University,Zhengzhou 450002,China)
出处
《清华大学学报(自然科学版)》
EI
CAS
CSCD
北大核心
2019年第4期276-283,共8页
Journal of Tsinghua University(Science and Technology)
关键词
系统攻击面
攻击面参数
动态目标防御
评估模型
system attack surface
attack surface parameters
moving target defense
assessment model
