计算机科学 ›› 2018, Vol. 45 ›› Issue (9): 183-186.doi: 10.11896/j.issn.1002-137X.2018.09.030
王伟, 杨本朝, 李光松, 斯雪明
WANG Wei, YANG Ben-chao, LI Guang-song, SI Xue-ming
摘要: 随着互联网技术的发展和普及,漏洞和后门已经成为导致网络安全问题的主要因素。冗余技术可以很好地解决系统的可靠性问题。受拟态防御思想的启发,分析了异构冗余技术对基于漏洞和后门的网络攻击进行安全防御的有效性。在一些假设前提下,以系统攻击成功率表征系统的安全性,建立了基于马尔科夫过程的异构冗余系统的安全性评估数学模型,给出了系统攻击成功率的表达式。最后对3模异构冗余系统进行了求解和分析,计算结果与直观预期相符。
中图分类号:
[1]吴世忠,郭涛,董国伟,等.软件漏洞分析技术[M].北京:科学出版社,2014. [2]WU J X.Meaning and Vision of Mimic Computing and Mimic Security Defense[J].Telecommunications Science,2014,30(7):2-7.(in Chinese) 邬江兴.拟态计算与拟态安全防御的原意和愿景[J].电信科学,2014,30(7):2-7. [3]WU J X.Mimic Security Defense in Cyber Space[J].Secrecy Science and Technology,2014(10):4-9.(in Chinese) 邬江兴.网络空间拟态安全防御[J].保密科学技术,2014(10):4-9. [4]WU J X.Research on Cyber Mimic Defense[J].Journal of Cyber Security,2016,1(4):1-10.(in Chinese) 邬江兴.网络空间拟态防御研究[J].信息安全学报,2016,1(4):1-10. [5]MARVIN R.System Reliability Theory:Models,Statistical Me-thods,and Applications(Second Edition)[M].Beijing:National Defend Industry Press,2011.(in Chinese) MARVIN R.系统可靠性理论:模型、统计方法及应用(第2版)[M].北京:国防工业出版社,2011. [6]SUN H Y,LIU B,CAO X L.Research on reliability and security of vote redundancy system[J].Journal of Electronic Measurement and Instrument,2011,25(7):661-664.(in Chinese) 孙怀义,刘斌,曹晓莉.表决冗余系统可靠性与安全性研究[J].电子测量与仪器学报,2011,25(7):661-664. [7]LI C Y,CHEN X,YI X S,et al.Analysis of k—out-of-n:G systems subject to common cause failures based on Markov process[J].Systems Engineering and Electronics,2009,31(11):2789-2792.(in Chinese) 李春洋,陈循,易晓山,等.基于马尔可夫过程的k/n(G)系统共因失效分析[J].系统工程与电子技术,2009,31(11):2789-2792. [8]LIU Y,LI R Z,ZHANG G B.Reliability analysis of k/n(G) Markov system with non-homogenous units[J].Journal of Huazhong University of Science and Technology(Natural Science Edition),2015,43(3):17-21.(in Chinese) 刘英,李荣祖,张根保.非同型单元k/n(G)马尔可夫系统可靠性分析[J].华中科技大学学报(自然科学版),2015,43(3):17-21. [9]YIN L H,FANG B X.Security Attributes Analysis for Intrusion Tolerant Systems[J].Chinese Journal of Computers,2006,29(8):1505-1512.(in Chinese) 殷丽华,方滨兴.入侵容忍系统安全属性分析[J].计算机学报,2006,29(8):1505-1512. [10]MADAN B B,GOSEVA-POPSTOJANOVA K,VAIDYANAT-HAN K,et al.A method for modeling and quantifying the securi-ty attributes of intrusion tolerant systems [J].Performance Evaluation,2004,56(1-4):167-186. [11]ZANG H W,HAN W,GAO D Y.Dissimilar redundancy computer system and reliability analysis[J].Journal of Harbin Institute of Technology,2008,40(3):492-494.(in Chinese) 臧红伟,韩炜,高德远.非相似余度计算机系统及其可靠性分析[J].哈尔滨工业大学学报,2008,40(3):492-494. [12]YE Y,XU X S,JIA Y,et al.An Attack Graph-Based Probabilistic Computing Approach of Network Security[J].Chinese Journal of Computers,2010,33(10):1987-1996.(in Chinese) 叶云,徐锡山,贾焰,等.基于攻击图的网络安全概率计算方法[J].计算机学报,2010,33(10):1987-1996. |
[1] | 杨林, 王永杰, 张俊. FAWA:一种异构执行体的负反馈动态调度算法 FAWA:A Negative Feedback Dynamic Scheduling Algorithm for Heterogeneous Executor 计算机科学, 2021, 48(8): 284-290. https://doi.org/10.11896/jsjkx.200900059 |
[2] | 贾志淳, 李想, 于湛麟, 卢元, 邢星. 基于二阶隐马尔科夫模型的云服务QoS满意度预测 QoS Satisfaction Prediction of Cloud Service Based on Second Order Hidden Markov Model 计算机科学, 2019, 46(9): 321-324. https://doi.org/10.11896/j.issn.1002-137X.2019.09.049 |
[3] | 郭佳. 基于改进的人工神经网络对存储系统性能进行预测的方法 Method of Predicting Performance of Storage System Based on Improved Artificial Neural Network 计算机科学, 2019, 46(6A): 52-55. |
[4] | 黎海雪, 林海涛, 陈津. 单帧图像超分辨中的自适应正则约束算法 Self-adapting Regular Constraint Algorithm in Super-resolution of Single-frame Images 计算机科学, 2019, 46(6A): 200-204. |
[5] | 赵新伟, 刘伟. 一种基于节点状态的MANET路由发现和建立策略 MANET Routing Discovery and Establishment Strategy Based on Node State 计算机科学, 2019, 46(6): 112-117. https://doi.org/10.11896/j.issn.1002-137X.2019.06.016 |
[6] | 王正宁, 周阳, 吕侠, 曾凡伟, 张翔, 张锋军. 一种基于2D和3D联合信息的改进MDP跟踪算法 Improved MDP Tracking Method by Combining 2D and 3D Information 计算机科学, 2019, 46(3): 97-102. https://doi.org/10.11896/j.issn.1002-137X.2019.03.013 |
[7] | 王雪健, 赵国磊, 常朝稳, 王瑞云. 信息流格模型的非法流分析 Illegal Flow Analysis for Lattice Model of Information Flow 计算机科学, 2019, 46(2): 139-144. https://doi.org/10.11896/j.issn.1002-137X.2019.02.022 |
[8] | 常啸林, 樊永文, 朱维军, 刘洋. 基于拟态防御的管理信息系统 Management Information System Based on Mimic Defense 计算机科学, 2019, 46(11A): 438-441. |
[9] | 张杰鑫, 庞建民, 张铮, 邰铭, 刘浩. 拟态构造Web服务器的服务质量量化方法 QoS Quantification Method for Web Server with Mimic Construction 计算机科学, 2019, 46(11): 109-118. https://doi.org/10.11896/jsjkx.181001922 |
[10] | 吴建伟, 李艳玲, 张辉, 臧翰林. 基于密度聚类的HMM协作频谱预测算法 HMM Cooperative Spectrum Prediction Algorithm Based on Density Clustering 计算机科学, 2018, 45(9): 129-134. https://doi.org/10.11896/j.issn.1002-137X.2018.09.020 |
[11] | 罗霄阳,霍宏涛,王梦思,陈亚飞. 基于多残差马尔科夫模型的图像拼接检测 Passive Image-splicing Detection Based on Multi-residual Markov Model 计算机科学, 2018, 45(4): 173-177. https://doi.org/10.11896/j.issn.1002-137X.2018.04.029 |
[12] | 毛莺池,陈杨. 不确定性车辆路口的轨迹预测 Uncertain Vehicle Intersection Trajectory Prediction 计算机科学, 2018, 45(3): 235-240. https://doi.org/10.11896/j.issn.1002-137X.2018.03.037 |
[13] | 张宇嘉,庞建民,张铮,邬江兴. 基于软件多样化的拟态安全防御策略 Mimic Security Defence Strategy Based on Software Diversity 计算机科学, 2018, 45(2): 215-221. https://doi.org/10.11896/j.issn.1002-137X.2018.02.037 |
[14] | 张绮曼, 张颖. 无线传感器网络中蒙特卡洛定位算法的研究 Study on Monte Carlo Location Algorithm in Wireless Sensor Networks 计算机科学, 2018, 45(12): 77-80. https://doi.org/10.11896/j.issn.1002-137X.2018.12.011 |
[15] | 张林姿, 贾传亮. 基于拓扑路径的网络演化传播机制研究 Study of Propagation Mechanism in Networks Based on Topological Path 计算机科学, 2018, 45(11A): 308-314. |
|