Quantitative evaluations are of great importance in network security decision-making.In recent years,moving target defense(MTD)has appeared to be a promising defense approach that blocks asymmetrical advantage of atta...Quantitative evaluations are of great importance in network security decision-making.In recent years,moving target defense(MTD)has appeared to be a promising defense approach that blocks asymmetrical advantage of attackers and favors the defender-notwithstanding,it has a limited deployment due to its uncertain efficiency and effectiveness in defense.In that case,quantitative metrics and evaluations of MTD are essential to prove its capability and impulse its further research.This article presents a comprehensive survey on state-of-the-art quantitative evaluations.First,taxonomy of MTD techniques is stated according to the software stack model.Then,a concrete review and comparison on existing quantitative evaluations of MTD is presented.Finally,notice-worthy open issues regarding this topic are proposed along with the conclusions of previous studies.展开更多
As more and more large-scale scientific workflows are delivered to clouds,the business model of workflow-as-a-service is emerging.But there are many kinds of threats in the cloud environment,which can interrupt the ta...As more and more large-scale scientific workflows are delivered to clouds,the business model of workflow-as-a-service is emerging.But there are many kinds of threats in the cloud environment,which can interrupt the task execution and extend the workflow completion time.As an important QoS parameter,the workflow completion time is determined by the critical task path.Therefore,critical path redundancy method is proposed to create a redundant path having the interact parallel relationship with the critical path,which can provide the protection for the tasks in the critical path and reduce the probability of the critical path interruption.Computing instance allocation is an essential part of the cloud workflow execution,since only the tasks assigned the instance can begin execution.In order to further reduce the workflow completion time,computing instance allocation algorithm based on HEFT(heterogeneous earliest finish time)is proposed.The algorithm considers diverse task dependency relationships and takes full advantages of the critical path redundancy method,which can improve the efficiency of workflow execution.Experimental results demonstrate that the proposed method can effectively reduce the cloud workflow completion time under the task interruption.展开更多
The sixth-generation mobile communication(6G)networks will face more complex endogenous security problems,and it is urgent to propose new universal security theories and establish new practice norms to deal with the&#...The sixth-generation mobile communication(6G)networks will face more complex endogenous security problems,and it is urgent to propose new universal security theories and establish new practice norms to deal with theªunknown unknownºsecurity threats in cyberspace.This paper first expounds the new paradigm of cyberspace endogenous security and introduces the vision of 6G cyberspace security.Then,it analyzes the security problems faced by the 6G core network,wireless access network,and emerging associated technologies in detail,as well as the corresponding security technology development status and the integrated development of endogenous security and traditional security.Furthermore,this paper describes the relevant security theories and technical concepts under the guidance of the new paradigm of endogenous security.展开更多
基金The National Natural Science Foundation of China(No.61521003)The National Key R&D Program of China(No.2016YFB0800100,No.2016YFB0800101)+1 种基金The National Natural Science Foundation of China(No.61602509)The Key Technologies Research and Development Program of Henan Province(172102210615)
文摘Quantitative evaluations are of great importance in network security decision-making.In recent years,moving target defense(MTD)has appeared to be a promising defense approach that blocks asymmetrical advantage of attackers and favors the defender-notwithstanding,it has a limited deployment due to its uncertain efficiency and effectiveness in defense.In that case,quantitative metrics and evaluations of MTD are essential to prove its capability and impulse its further research.This article presents a comprehensive survey on state-of-the-art quantitative evaluations.First,taxonomy of MTD techniques is stated according to the software stack model.Then,a concrete review and comparison on existing quantitative evaluations of MTD is presented.Finally,notice-worthy open issues regarding this topic are proposed along with the conclusions of previous studies.
基金The National Key R&D Program of China(2018YFB0804004)The Foundation for Innovative Research Groups of the National Natural Science Foundation of China(61521003)。
文摘As more and more large-scale scientific workflows are delivered to clouds,the business model of workflow-as-a-service is emerging.But there are many kinds of threats in the cloud environment,which can interrupt the task execution and extend the workflow completion time.As an important QoS parameter,the workflow completion time is determined by the critical task path.Therefore,critical path redundancy method is proposed to create a redundant path having the interact parallel relationship with the critical path,which can provide the protection for the tasks in the critical path and reduce the probability of the critical path interruption.Computing instance allocation is an essential part of the cloud workflow execution,since only the tasks assigned the instance can begin execution.In order to further reduce the workflow completion time,computing instance allocation algorithm based on HEFT(heterogeneous earliest finish time)is proposed.The algorithm considers diverse task dependency relationships and takes full advantages of the critical path redundancy method,which can improve the efficiency of workflow execution.Experimental results demonstrate that the proposed method can effectively reduce the cloud workflow completion time under the task interruption.
基金the National Key Research and Development Program of China(Nos.2020YFB1806607 and 2022YFB2902202)the National Natural Science Foundation of China(Nos.61521003 and 61701538)。
文摘The sixth-generation mobile communication(6G)networks will face more complex endogenous security problems,and it is urgent to propose new universal security theories and establish new practice norms to deal with theªunknown unknownºsecurity threats in cyberspace.This paper first expounds the new paradigm of cyberspace endogenous security and introduces the vision of 6G cyberspace security.Then,it analyzes the security problems faced by the 6G core network,wireless access network,and emerging associated technologies in detail,as well as the corresponding security technology development status and the integrated development of endogenous security and traditional security.Furthermore,this paper describes the relevant security theories and technical concepts under the guidance of the new paradigm of endogenous security.
