计算机科学

计算机科学 ›› 2022, Vol. 49 ›› Issue (11A): 211200296-6.doi: 10.11896/jsjkx.211200296

• 信息安全 • 上一篇    下一篇

基于执行体防御能力的拟态防火墙执行体调度算法

刘文贺, 贾洪勇, 潘云飞   

  1. 郑州大学网络空间安全学院 郑州 450000
  • 出版日期:2022-11-10 发布日期:2022-11-21
  • 通讯作者: 刘文贺(liuwh9907@163.com)
  • 基金资助:
    河南省科技攻关计划(192102210115);郑州市协同创新重大专项(20XTZX-X010)

Mimic Firewall Executor Scheduling Algorithm Based on Executor Defense Ability

LIU Wen-he, JIA Hong-yong, PAN Yun-fei   

  1. School of Cyber Science and Engineering,Zhengzhou University,Zhengzhou 450000,China
  • Online:2022-11-10 Published:2022-11-21
  • About author:LIU Wen-he,born in 1999,postgra-duate.His main research interests include cyber security and mimic defense.
  • Supported by:
    Science and Technology Research Plan of Henan Province(192102210115) and Collaborative Innovation Major Project of Zhengzhou City(20XTZX-X010).

PDF (PC)

382

摘要: 拟态防御技术是解决现有网络环境“易攻难守”局面的有效手段,拟态防御技术通过提升系统的动态性、异构性和随机性来构建安全可靠的系统。异构执行体的调度是拟态防御的关键环节。已有的调度算法缺乏态势感知能力,只能按照已有策略对执行体进行调度,存在适用性差的问题。为此,提出了一种基于执行体防御能力的调度算法DCOE。DCOE基于经典的流量监测算法,识别出当前流量的威胁类型和威胁程度,并根据各执行体针对当前流量的防御能力动态地调整异构执行体的种类和数量。仿真实验表明,DCOE算法可以在减少对异构执行体调度次数的基础上降低系统的失效率和逃逸率,即在降低系统开销的前提下提升系统的防御水平,增加敌手的攻击难度。

关键词: 拟态防御, 异构执行体, 调度算法, 执行体防御能力, 仿真

Abstract: Mimic defense technology is an effective means to solve the easy to attack but difficult to defend situation in existing network environment.Mimic defense technology builds a safe and reliable system by improving the dynamics,heterogeneity and randomness of the system.The scheduling of heterogeneous executive bodies is the key link of mimic defense.Existing scheduling algorithms lack of situational awareness and can only schedule the executor according to the existing strategy,which has the problem of poor applicability.For this reason,DCOE,a scheduling algorithm based on the comprehensive defense capability of the executive body is proposed.Based on the classic traffic monitoring algorithm,DCOE identifies the threat type and threat level of the current traffic,and dynamically adjusts the types and numbers of heterogeneous executives according to the defense capabilities of each executive against the current traffic.Simulation experiments show that,the DCOE algorithm can reduce the failure rate and escape rate of the system on the basis of reducing the number of scheduling heterogeneous executives,that is,improve the overall defense level of the system on the premise of reducing the system overhead,and increase the difficulty of the adversary’s attack.

Key words: Mimic defense, Heterogeneous executor, Scheduling algorithm, Executor defense ability, Simulation

中图分类号: 

  • TP393.08
[1]National Science and Technology Council.“Trustworthy cyberspace:Strategic plan for the federal cybersecurity research and development program”[OL].https://www.nitrd.gov/SUBCOMMITTEE/csia/ed_Cybersecurity_RD_Strategic_Plan_2011.pdf.
[2]SHI L Y,JIA C F,LYU S W.Research onendhopping for active network confrontation [J].Journal on Communications,2008(2):106-110.
[3]WU J X.Research on Cyber Mimic Defense[J].Journal of Cyber Security,2016,1(4):1-10.
[4]WU JX,LI J F,ZHANG F,et al.A heterogeneous redundancies scheduling equipment and method[P].China,CN106161417A,2016-11-23.
[5]LIU Q R,LIN S J,GU Z Y.Heterogeneous redundancies scheduling algorithm for mimic security defense[J].Journal on Communications,2018,39(7):188-198.
[6]PU LM,LIU S X,DING R H,et al.Heterogeneous executor scheduling algorithm for mimic cloud service[J].Journal on Communications,2020,41(3):17-24.
[7]GAO Y,ZI C C,FENG S F,et al.Security Scheduling Algorithm for Web Gateways Based on Mimicry Defense Theory[J].Journal of Chinese Computer Systems,2021,42(9):1913-1919.
[8]ZHU Z B,LIU Q R,LIU D P,et al.Research progress of mimic multi-execution scheduling algorithm[J].Journal on Communications,2021,42(5):179-190.
[9]WEI S,YU H,GU Z Y,et al.Architecture of mimic securityprocessor for industry control syste[J].Journal of Cyber Security,2017,2(1):54-73.
[10]LECUN Y,BOTTOU L,BENGIO Y,et al.Gradient basedlearning applied to document recognition[J].Proceedings of the IEEE,1998,86(11):2278-2324.
[11]FIRST.Common vulnerability scoring system(Version-3.1)[EB/OL].(2019-01-01)[2021-03-16].https://www.first.org/cvss/calculator/3.1.
[12]GHARIB A,SHARAFALDIN I,LASHKARI A H,et al.AnEvaluation Framework for Intrusion Detection Dataset [C]//2016 International Conference on Information Science and Security(ICISS).IEEE,2017.
[13]LIU M J,WANG X F,HUANG Y L.Preprocessing in data mi-ning[J].Computer Science,2000,27(4):56-59.
[14]HU H C,CHEN F C,WANG Z P.Performance evaluationsonDHR for cyberspace mimic defense[J].Journal of Cyber Security,2016,1(4):40-51.
[15]WU J X.Robust control and endogenous safety[J].CivIntegration on Cyberspace,2018(3):23-27.
[1] 郭拯危, 付泽文, 李宁, 白澜.
高分辨率斜视聚束SAR回波仿真加速算法研究
Study on Acceleration Algorithm for Raw Data Simulation of High Resolution Squint Spotlight SAR
计算机科学, 2022, 49(8): 178-183. https://doi.org/10.11896/jsjkx.210600066
[2] 李瑭, 秦小麟, 迟贺宇, 费珂.
面向多无人系统的安全协同模型
Secure Coordination Model for Multiple Unmanned Systems
计算机科学, 2022, 49(7): 332-339. https://doi.org/10.11896/jsjkx.210600107
[3] 张明新.
面向超大规模社会系统仿真的概念模型
Conceptual Model for Large-scale Social Simulation
计算机科学, 2022, 49(4): 16-24. https://doi.org/10.11896/jsjkx.210900136
[4] 杨林, 王永杰, 张俊.
FAWA:一种异构执行体的负反馈动态调度算法
FAWA:A Negative Feedback Dynamic Scheduling Algorithm for Heterogeneous Executor
计算机科学, 2021, 48(8): 284-290. https://doi.org/10.11896/jsjkx.200900059
[5] 程宇, 刘铁军, 唐元贵, 王健, 姜志斌, 祁胜.
基于UNITY3D的水下机器人视景仿真方法
Underwater Robert Visual Simulation Based on UNITY3D
计算机科学, 2021, 48(6A): 281-284. https://doi.org/10.11896/jsjkx.200700131
[6] 杨林, 王永杰.
蚁群算法在动态网络持续性路径预测中的运用及仿真
Application and Simulation of Ant Colony Algorithm in Continuous Path Prediction of Dynamic Network
计算机科学, 2021, 48(6A): 485-490. https://doi.org/10.11896/jsjkx.200800132
[7] 骆菁菁, 唐卫贞, 丁继婷.
基于皮尔逊系数的管制仿真训练数据独立化与因子分析下的数据可视化研究
Research of ATC Simulator Training Values Independence Based on Pearson Correlation Coefficient and Study of Data Visualization Based on Factor Analysis
计算机科学, 2021, 48(6A): 623-628. https://doi.org/10.11896/jsjkx.210200021
[8] 向昌盛, 陈志刚.
面向海量数据的网络流量混沌预测模型
Chaotic Prediction Model of Network Traffic for Massive Data
计算机科学, 2021, 48(5): 289-293. https://doi.org/10.11896/jsjkx.200400056
[9] 曾伟良, 韩宇, 何锦源, 吴淼森, 孙为军.
自动驾驶出租车动态合乘效益仿真分析
Simulation Analysis on Dynamic Ridesharing Efficiency of Shared Autonomous Taxi
计算机科学, 2021, 48(2): 257-263. https://doi.org/10.11896/jsjkx.200400008
[10] 蒋化南, 张帅, 林宇斐, 李豪.
基于MPI的分布式并行Gazebo仿真优化与测试
Simulation Optimization and Testing Based on Gazebo of MPI Distributed Parallelism
计算机科学, 2021, 48(11A): 672-677. https://doi.org/10.11896/jsjkx.210100109
[11] 庄奕, 杨家海.
限时点到多点跨数据中心传输的多源树调度算法
Multi-source Tree-based Scheduling Algorithm for Deadline-aware P2MP Inter-datacenter Transfers
计算机科学, 2020, 47(7): 213-219. https://doi.org/10.11896/jsjkx.200300069
[12] 郭聪蕊, 王珺, 封一鸣.
系统仿真可信度评估方法研究
Research on Method of Credibility Evaluation of System Simulation
计算机科学, 2020, 47(6A): 567-571. https://doi.org/10.11896/JsJkx.190700201
[13] 郑耿峰.
基于直觉模糊层次分析的特种设备事故应急预案评价
Emergency Plan Evaluation of Special Equipment Accident Based on Intuitionistic Fuzzy Analytic Hierarchy Process
计算机科学, 2020, 47(6A): 616-621. https://doi.org/10.11896/JsJkx.190600097
[14] 许子熙, 毛新军, 杨亦, 卢遥.
知识问答社区及其激励机制的建模与仿真分析
Modeling and Simulation of Q&A Community and Its Incentive Mechanism
计算机科学, 2020, 47(6): 32-37. https://doi.org/10.11896/jsjkx.191000088
[15] 钟圳伟,纪庆革.
考虑行人相对速度的改进社会力模型的验证与评估
Verification and Evaluation of Modified Social Force Model Considering Relative Velocity of Pedestrians
计算机科学, 2020, 47(2): 88-94. https://doi.org/10.11896/jsjkx.190500055
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发