计算机科学 ›› 2022, Vol. 49 ›› Issue (11A): 211200296-6.doi: 10.11896/jsjkx.211200296
刘文贺, 贾洪勇, 潘云飞
LIU Wen-he, JIA Hong-yong, PAN Yun-fei
摘要: 拟态防御技术是解决现有网络环境“易攻难守”局面的有效手段,拟态防御技术通过提升系统的动态性、异构性和随机性来构建安全可靠的系统。异构执行体的调度是拟态防御的关键环节。已有的调度算法缺乏态势感知能力,只能按照已有策略对执行体进行调度,存在适用性差的问题。为此,提出了一种基于执行体防御能力的调度算法DCOE。DCOE基于经典的流量监测算法,识别出当前流量的威胁类型和威胁程度,并根据各执行体针对当前流量的防御能力动态地调整异构执行体的种类和数量。仿真实验表明,DCOE算法可以在减少对异构执行体调度次数的基础上降低系统的失效率和逃逸率,即在降低系统开销的前提下提升系统的防御水平,增加敌手的攻击难度。
中图分类号:
[1]National Science and Technology Council.“Trustworthy cyberspace:Strategic plan for the federal cybersecurity research and development program”[OL].https://www.nitrd.gov/SUBCOMMITTEE/csia/ed_Cybersecurity_RD_Strategic_Plan_2011.pdf. [2]SHI L Y,JIA C F,LYU S W.Research onendhopping for active network confrontation [J].Journal on Communications,2008(2):106-110. [3]WU J X.Research on Cyber Mimic Defense[J].Journal of Cyber Security,2016,1(4):1-10. [4]WU JX,LI J F,ZHANG F,et al.A heterogeneous redundancies scheduling equipment and method[P].China,CN106161417A,2016-11-23. [5]LIU Q R,LIN S J,GU Z Y.Heterogeneous redundancies scheduling algorithm for mimic security defense[J].Journal on Communications,2018,39(7):188-198. [6]PU LM,LIU S X,DING R H,et al.Heterogeneous executor scheduling algorithm for mimic cloud service[J].Journal on Communications,2020,41(3):17-24. [7]GAO Y,ZI C C,FENG S F,et al.Security Scheduling Algorithm for Web Gateways Based on Mimicry Defense Theory[J].Journal of Chinese Computer Systems,2021,42(9):1913-1919. [8]ZHU Z B,LIU Q R,LIU D P,et al.Research progress of mimic multi-execution scheduling algorithm[J].Journal on Communications,2021,42(5):179-190. [9]WEI S,YU H,GU Z Y,et al.Architecture of mimic securityprocessor for industry control syste[J].Journal of Cyber Security,2017,2(1):54-73. [10]LECUN Y,BOTTOU L,BENGIO Y,et al.Gradient basedlearning applied to document recognition[J].Proceedings of the IEEE,1998,86(11):2278-2324. [11]FIRST.Common vulnerability scoring system(Version-3.1)[EB/OL].(2019-01-01)[2021-03-16].https://www.first.org/cvss/calculator/3.1. [12]GHARIB A,SHARAFALDIN I,LASHKARI A H,et al.AnEvaluation Framework for Intrusion Detection Dataset [C]//2016 International Conference on Information Science and Security(ICISS).IEEE,2017. [13]LIU M J,WANG X F,HUANG Y L.Preprocessing in data mi-ning[J].Computer Science,2000,27(4):56-59. [14]HU H C,CHEN F C,WANG Z P.Performance evaluationsonDHR for cyberspace mimic defense[J].Journal of Cyber Security,2016,1(4):40-51. [15]WU J X.Robust control and endogenous safety[J].CivIntegration on Cyberspace,2018(3):23-27. |
[1] | 郭拯危, 付泽文, 李宁, 白澜. 高分辨率斜视聚束SAR回波仿真加速算法研究 Study on Acceleration Algorithm for Raw Data Simulation of High Resolution Squint Spotlight SAR 计算机科学, 2022, 49(8): 178-183. https://doi.org/10.11896/jsjkx.210600066 |
[2] | 李瑭, 秦小麟, 迟贺宇, 费珂. 面向多无人系统的安全协同模型 Secure Coordination Model for Multiple Unmanned Systems 计算机科学, 2022, 49(7): 332-339. https://doi.org/10.11896/jsjkx.210600107 |
[3] | 张明新. 面向超大规模社会系统仿真的概念模型 Conceptual Model for Large-scale Social Simulation 计算机科学, 2022, 49(4): 16-24. https://doi.org/10.11896/jsjkx.210900136 |
[4] | 杨林, 王永杰, 张俊. FAWA:一种异构执行体的负反馈动态调度算法 FAWA:A Negative Feedback Dynamic Scheduling Algorithm for Heterogeneous Executor 计算机科学, 2021, 48(8): 284-290. https://doi.org/10.11896/jsjkx.200900059 |
[5] | 程宇, 刘铁军, 唐元贵, 王健, 姜志斌, 祁胜. 基于UNITY3D的水下机器人视景仿真方法 Underwater Robert Visual Simulation Based on UNITY3D 计算机科学, 2021, 48(6A): 281-284. https://doi.org/10.11896/jsjkx.200700131 |
[6] | 杨林, 王永杰. 蚁群算法在动态网络持续性路径预测中的运用及仿真 Application and Simulation of Ant Colony Algorithm in Continuous Path Prediction of Dynamic Network 计算机科学, 2021, 48(6A): 485-490. https://doi.org/10.11896/jsjkx.200800132 |
[7] | 骆菁菁, 唐卫贞, 丁继婷. 基于皮尔逊系数的管制仿真训练数据独立化与因子分析下的数据可视化研究 Research of ATC Simulator Training Values Independence Based on Pearson Correlation Coefficient and Study of Data Visualization Based on Factor Analysis 计算机科学, 2021, 48(6A): 623-628. https://doi.org/10.11896/jsjkx.210200021 |
[8] | 向昌盛, 陈志刚. 面向海量数据的网络流量混沌预测模型 Chaotic Prediction Model of Network Traffic for Massive Data 计算机科学, 2021, 48(5): 289-293. https://doi.org/10.11896/jsjkx.200400056 |
[9] | 曾伟良, 韩宇, 何锦源, 吴淼森, 孙为军. 自动驾驶出租车动态合乘效益仿真分析 Simulation Analysis on Dynamic Ridesharing Efficiency of Shared Autonomous Taxi 计算机科学, 2021, 48(2): 257-263. https://doi.org/10.11896/jsjkx.200400008 |
[10] | 蒋化南, 张帅, 林宇斐, 李豪. 基于MPI的分布式并行Gazebo仿真优化与测试 Simulation Optimization and Testing Based on Gazebo of MPI Distributed Parallelism 计算机科学, 2021, 48(11A): 672-677. https://doi.org/10.11896/jsjkx.210100109 |
[11] | 庄奕, 杨家海. 限时点到多点跨数据中心传输的多源树调度算法 Multi-source Tree-based Scheduling Algorithm for Deadline-aware P2MP Inter-datacenter Transfers 计算机科学, 2020, 47(7): 213-219. https://doi.org/10.11896/jsjkx.200300069 |
[12] | 郭聪蕊, 王珺, 封一鸣. 系统仿真可信度评估方法研究 Research on Method of Credibility Evaluation of System Simulation 计算机科学, 2020, 47(6A): 567-571. https://doi.org/10.11896/JsJkx.190700201 |
[13] | 郑耿峰. 基于直觉模糊层次分析的特种设备事故应急预案评价 Emergency Plan Evaluation of Special Equipment Accident Based on Intuitionistic Fuzzy Analytic Hierarchy Process 计算机科学, 2020, 47(6A): 616-621. https://doi.org/10.11896/JsJkx.190600097 |
[14] | 许子熙, 毛新军, 杨亦, 卢遥. 知识问答社区及其激励机制的建模与仿真分析 Modeling and Simulation of Q&A Community and Its Incentive Mechanism 计算机科学, 2020, 47(6): 32-37. https://doi.org/10.11896/jsjkx.191000088 |
[15] | 钟圳伟,纪庆革. 考虑行人相对速度的改进社会力模型的验证与评估 Verification and Evaluation of Modified Social Force Model Considering Relative Velocity of Pedestrians 计算机科学, 2020, 47(2): 88-94. https://doi.org/10.11896/jsjkx.190500055 |
|