This paper puts forward the plan on constructing information security attack and defense platform based on cloud computing and virtualization, provides the hardware topology structure of the platform and technical fra...This paper puts forward the plan on constructing information security attack and defense platform based on cloud computing and virtualization, provides the hardware topology structure of the platform and technical framework of the system and the experimental process and technical principle of the platform. The experiment platform can provide more than 20 attack classes. Using the virtualization technology can build hypothesized target of various types in the laboratory and diversified network structure to carry out attack and defense experiment.展开更多
Cyber security lacks comprehensive theoretical guidance. General security theory, as a set of basic security theory concepts, is intended to guide cyber security and all the other security work. The general theory of ...Cyber security lacks comprehensive theoretical guidance. General security theory, as a set of basic security theory concepts, is intended to guide cyber security and all the other security work. The general theory of security aims to unify the main branches of cyber security and establish a unified basic theory. This paper proposal an overview on the general theory of security, which is devoted to constructing a comprehensive model of network security. The hierarchical structure of the meridian-collateral tree is described. Shannon information theory is employed to build a cyberspace security model. Some central concepts of security, i.e., the attack and defense, are discussed and several general theorems on security are presented.展开更多
This article is focused on analyzing the key technologies of new malicious code and corresponding defensive measures in the large-scale communication networks. Based on description of the concepts and development of t...This article is focused on analyzing the key technologies of new malicious code and corresponding defensive measures in the large-scale communication networks. Based on description of the concepts and development of the malicious code, the article introduces the anti-analysis technology, splitting and inserting technology, hiding technology, polymorph virus technology, and auto production technology of the malicious code trends with intelligence, diversity and integration. Following that, it summarizes the security vulnerabilities of communication networks from four related layers aspects, according to the mechanisms of malicious code in the communication networks. Finally, it proposes rapid response disposition of malicious code attacks from four correlated steps: building up the network node monitoring system, suspicious code feature automation analysis and extraction, rapid active malicious code response technique for unknown malicious code, and malicious code attack immunity technique. As a result, it actively defenses against the unknown malicious code attacks and enhances the security performance of communication networks.展开更多
The construction of an integrated solution for cyberspace defense with dynamic, flexible, and intelligent features is a new idea. To solve the problem whereby traditional static protection methods cannot respond to va...The construction of an integrated solution for cyberspace defense with dynamic, flexible, and intelligent features is a new idea. To solve the problem whereby traditional static protection methods cannot respond to various network attacks or security demands in an adversarial network environment in time, and to form a complete integrated solution from “threat discovery” to “decision-making generation,” we propose an ontology-based security model, Onto CSD, for an integrated solution of cyberspace defense that uses Web ontology language(OWL) to represent the ontology classes and relationships of threat monitoring, decision-making, response, and defense in cyberspace, and uses semantic Web rule language(SWRL) to design the defensive reasoning rules. Onto CSD can discover potential relationships among network attacks, vulnerabilities, the security state, and defense strategies. Further, an artificial intelligence(AI) expert system based on case-based reasoning(CBR) is used to quickly generate a detailed and comprehensive decision-making scheme. Finally, through Kendall ' s coefficient of concordance(W) and four experimental cases in a typical computer network defense(CND) system, which reasons on represented facts and the ontology, Onto CSD ' s consistency and its feasibility to solve the issues in the field of cyberspace defense are validated. Onto CSD supports automatic association and reasoning, and provides an integrated solution framework of cyberspace defense.展开更多
文摘This paper puts forward the plan on constructing information security attack and defense platform based on cloud computing and virtualization, provides the hardware topology structure of the platform and technical framework of the system and the experimental process and technical principle of the platform. The experiment platform can provide more than 20 attack classes. Using the virtualization technology can build hypothesized target of various types in the laboratory and diversified network structure to carry out attack and defense experiment.
基金supported by the National Key R&D Program of China (2016YFF0204001)the National Key Technology Support Program (2015BAH08F02)+3 种基金the CCF-Venustech Hongyan Research Initiative (2016-009)the PAPD fundthe CICAEET fundthe Guizhou Provincial Key Laboratory of Public Big Data Program
文摘Cyber security lacks comprehensive theoretical guidance. General security theory, as a set of basic security theory concepts, is intended to guide cyber security and all the other security work. The general theory of security aims to unify the main branches of cyber security and establish a unified basic theory. This paper proposal an overview on the general theory of security, which is devoted to constructing a comprehensive model of network security. The hierarchical structure of the meridian-collateral tree is described. Shannon information theory is employed to build a cyberspace security model. Some central concepts of security, i.e., the attack and defense, are discussed and several general theorems on security are presented.
基金supported by the National Natural Science Foundation of China (60973139,60773041)the Natural Science Foundation of Jiangsu Province (BK2008451)+4 种基金the Hi-Tech Research and Development Program of China (2007AA01Z404,2007AA01Z478)Foundation of National Laboratory for Modern Communications (9140C1105040805)the Postdoctoral Foundation (0801019C,20090451240,20090451241)the Science & Technology Innovation Fund for Higher Education Institutions of Jiangsu Province (CX08B-085Z,CX08B-086Z)the Six Kinds of Top Talent of Jiangsu Province (2008118)
文摘This article is focused on analyzing the key technologies of new malicious code and corresponding defensive measures in the large-scale communication networks. Based on description of the concepts and development of the malicious code, the article introduces the anti-analysis technology, splitting and inserting technology, hiding technology, polymorph virus technology, and auto production technology of the malicious code trends with intelligence, diversity and integration. Following that, it summarizes the security vulnerabilities of communication networks from four related layers aspects, according to the mechanisms of malicious code in the communication networks. Finally, it proposes rapid response disposition of malicious code attacks from four correlated steps: building up the network node monitoring system, suspicious code feature automation analysis and extraction, rapid active malicious code response technique for unknown malicious code, and malicious code attack immunity technique. As a result, it actively defenses against the unknown malicious code attacks and enhances the security performance of communication networks.
文摘The construction of an integrated solution for cyberspace defense with dynamic, flexible, and intelligent features is a new idea. To solve the problem whereby traditional static protection methods cannot respond to various network attacks or security demands in an adversarial network environment in time, and to form a complete integrated solution from “threat discovery” to “decision-making generation,” we propose an ontology-based security model, Onto CSD, for an integrated solution of cyberspace defense that uses Web ontology language(OWL) to represent the ontology classes and relationships of threat monitoring, decision-making, response, and defense in cyberspace, and uses semantic Web rule language(SWRL) to design the defensive reasoning rules. Onto CSD can discover potential relationships among network attacks, vulnerabilities, the security state, and defense strategies. Further, an artificial intelligence(AI) expert system based on case-based reasoning(CBR) is used to quickly generate a detailed and comprehensive decision-making scheme. Finally, through Kendall ' s coefficient of concordance(W) and four experimental cases in a typical computer network defense(CND) system, which reasons on represented facts and the ontology, Onto CSD ' s consistency and its feasibility to solve the issues in the field of cyberspace defense are validated. Onto CSD supports automatic association and reasoning, and provides an integrated solution framework of cyberspace defense.
