计算机科学 ›› 2021, Vol. 48 ›› Issue (8): 284-290.doi: 10.11896/jsjkx.200900059
杨林, 王永杰, 张俊
YANG Lin, WANG Yong-jie, ZHANG Jun
摘要: 拟态防御作为一种新提出的网络防御方法,其不可预测的特性使其具有出色的防御效果。异构执行体是拟态防御中由各类防御策略构成的异构部件,拟态防御机制通过对异构执行体的动态调度来获得防御的动态性。传统的调度方法具有一定的局限性,针对这些局限性,综合考虑防御的全面性和历史防御成功率信息,提出了一种新的具有负反馈能力的动态调度算法FAWA,并设计了仿真碰撞实验来模拟网络攻防过程,并与其他调度方法的防御效果作对比。实验结果表明,在攻击方随机装载攻击载荷的场景下,FAWA算法的调度效果始终优于其他算法,能够很好地提高防御成功率;在攻击方同样采取负反馈装载的场景下,FAWA算法的调度效果优于完全随机算法、CRA算法和一些改进的动态人工加权算法,但弱于先进先出算法FIFO。另外,仿真实验通过对比攻击方两种载荷装载场景发现,在随机装载场景下,防御方的防御成功率更低,表明此时攻击方的成功率反而优于负反馈装载场景,这一结论说明攻击方也需要在网络攻防博弈中具备随机性和不可预测性,而不应被过度干扰和调整。
中图分类号:
[1]NITRD.Cybersecurity game-change research & developmentrecommendations[OL].http://www.nitrd.gov/pubs/CSIAI WG%20 Cybersecurity%20GameChange_RD%20Re-commendations 20100513.pdf,2014-03-21. [2]ZHANG Z Y.Research on Dynamic Scheduling Strategy for Mimic Defense [D].Zhengzhou:Zhengzhou University,2018. [3]ZHANG H,ZHENG K,WANG X,et al.Efficient Strategy Selection for Moving Target Defense Under Multiple Attacks [J].IEEE Access,2019,7:65982-65995. [4]WANG H,JIA Q,FLECK D,et al.A moving target DDoS defense mechanism [J].Computer Communications,2014,46:10-21. [5]TIAN J,TAN R,GUAN X,et al.Enhanced Hidden MovingTarget Defense in Smart Grids [J].IEEE Transactions on Smart Grid,2019,10(2):2208-2223. [6]ZHANG Z,DENG R,YAU D K Y,et al.Analysis of Moving Target Defense Against False Data Injection Attacks on Power Grid [J].IEEE Transactions on Information Forensics and Security,2020,15:2320-2335. [7]TIAN J,TAN R,GUAN X,et al.Moving Target Defense Approach to Detecting Stuxnet-Like Attacks [J].IEEE Transactions on Smart Grid,2020,11(1):291-300. [8]XIONG X,YANG L,ZHAO G.Effectiveness Evaluation Model of Moving Target Defense Based on System Attack Surface [J].IEEE Access,2019,7:9998-10014. [9]WU J X.Research on Cyber Mimic Defense [J].Journal of Cyber Security,2016,1(4):1-10. [10]HU H C,CHEN F C,WANG Z P.Performance Evaluations on DHR for Cyberspace Mimic Defense [J].Journal of Cyber Security,2016,1(4):40-51. [11]FAN Y W,ZHU W J,BAN S H,et al.Dynamic Heterogeneous and Redundancy Data Protection Architecture [J].Journal of Chinese Computer Systems,2019,40(9),1956-1961. [12]WU Z Q,ZHANG F,GUO W,et al.A Mimic Arbitration Optimization Method Based on Heterogeneous Degree of Executors [J].Computer Engineering,2020,46(5),12-18. [13]MA H L,YI P,JIANG Y M,et al.Dynamic Heterogeneous Redundancy based Router Architecture with Mimic Defenses [J].Journal of Cyber Security,2017,2(1):29-42. [14]ZHANG J X,PANG J M,ZHANG Z,et al.Executors Scheduling Algorithm for Web Server with Mimic Structure [J].Computer Engineering,2019,45(8):14-21. [15]LIU Q R,LIN S J,GU Z Y.Heterogeneous redundancies schedu-ling algorithm for mimic security defense[J].Journal on Communications,2018,39(7):188-198. [16]LIU J,ZHANG H Q,LIU Y.Research on Optimal Selection of Moving Target Defense Policy Based on Dynamic Game with Incomplete Information [J].Acta Electronica Sinica,2018,46(1):82-89. [17]CAI Y T,CHANG X L,SHI Y,et al.Analyzing Transient Effectiveness of Dynamic Platform Technique in Resisting Attacks [J].Journal of Cyber Security,2019,4(4):59-67. [18]ZHANG X M,GU Z Y,WEI S,et al.Markov game modeling of mimic defense and defense strategy determination [J].Journal on Communications,2018,39(10):143-154. |
[1] | 郭拯危, 付泽文, 李宁, 白澜. 高分辨率斜视聚束SAR回波仿真加速算法研究 Study on Acceleration Algorithm for Raw Data Simulation of High Resolution Squint Spotlight SAR 计算机科学, 2022, 49(8): 178-183. https://doi.org/10.11896/jsjkx.210600066 |
[2] | 李瑭, 秦小麟, 迟贺宇, 费珂. 面向多无人系统的安全协同模型 Secure Coordination Model for Multiple Unmanned Systems 计算机科学, 2022, 49(7): 332-339. https://doi.org/10.11896/jsjkx.210600107 |
[3] | 张明新. 面向超大规模社会系统仿真的概念模型 Conceptual Model for Large-scale Social Simulation 计算机科学, 2022, 49(4): 16-24. https://doi.org/10.11896/jsjkx.210900136 |
[4] | 杨林, 王永杰. 蚁群算法在动态网络持续性路径预测中的运用及仿真 Application and Simulation of Ant Colony Algorithm in Continuous Path Prediction of Dynamic Network 计算机科学, 2021, 48(6A): 485-490. https://doi.org/10.11896/jsjkx.200800132 |
[5] | 骆菁菁, 唐卫贞, 丁继婷. 基于皮尔逊系数的管制仿真训练数据独立化与因子分析下的数据可视化研究 Research of ATC Simulator Training Values Independence Based on Pearson Correlation Coefficient and Study of Data Visualization Based on Factor Analysis 计算机科学, 2021, 48(6A): 623-628. https://doi.org/10.11896/jsjkx.210200021 |
[6] | 程宇, 刘铁军, 唐元贵, 王健, 姜志斌, 祁胜. 基于UNITY3D的水下机器人视景仿真方法 Underwater Robert Visual Simulation Based on UNITY3D 计算机科学, 2021, 48(6A): 281-284. https://doi.org/10.11896/jsjkx.200700131 |
[7] | 向昌盛, 陈志刚. 面向海量数据的网络流量混沌预测模型 Chaotic Prediction Model of Network Traffic for Massive Data 计算机科学, 2021, 48(5): 289-293. https://doi.org/10.11896/jsjkx.200400056 |
[8] | 曾伟良, 韩宇, 何锦源, 吴淼森, 孙为军. 自动驾驶出租车动态合乘效益仿真分析 Simulation Analysis on Dynamic Ridesharing Efficiency of Shared Autonomous Taxi 计算机科学, 2021, 48(2): 257-263. https://doi.org/10.11896/jsjkx.200400008 |
[9] | 蒋化南, 张帅, 林宇斐, 李豪. 基于MPI的分布式并行Gazebo仿真优化与测试 Simulation Optimization and Testing Based on Gazebo of MPI Distributed Parallelism 计算机科学, 2021, 48(11A): 672-677. https://doi.org/10.11896/jsjkx.210100109 |
[10] | 郭聪蕊, 王珺, 封一鸣. 系统仿真可信度评估方法研究 Research on Method of Credibility Evaluation of System Simulation 计算机科学, 2020, 47(6A): 567-571. https://doi.org/10.11896/JsJkx.190700201 |
[11] | 郑耿峰. 基于直觉模糊层次分析的特种设备事故应急预案评价 Emergency Plan Evaluation of Special Equipment Accident Based on Intuitionistic Fuzzy Analytic Hierarchy Process 计算机科学, 2020, 47(6A): 616-621. https://doi.org/10.11896/JsJkx.190600097 |
[12] | 许子熙, 毛新军, 杨亦, 卢遥. 知识问答社区及其激励机制的建模与仿真分析 Modeling and Simulation of Q&A Community and Its Incentive Mechanism 计算机科学, 2020, 47(6): 32-37. https://doi.org/10.11896/jsjkx.191000088 |
[13] | 钟圳伟,纪庆革. 考虑行人相对速度的改进社会力模型的验证与评估 Verification and Evaluation of Modified Social Force Model Considering Relative Velocity of Pedestrians 计算机科学, 2020, 47(2): 88-94. https://doi.org/10.11896/jsjkx.190500055 |
[14] | 曾蕾, 李豪, 林宇斐, 张帅. 基于异步机制的Gazebo仿真优化研究 Study on Simulation Optimization of Gazebo Based on Asynchronous Mechanism 计算机科学, 2020, 47(11A): 593-598. https://doi.org/10.11896/jsjkx.200300131 |
[15] | 谭思玚. 小型复合式无人机飞行控制律快速设计与验证 Fast Design and Verification of Flight Control Law for Small Compound UAV 计算机科学, 2020, 47(11A): 651-656. https://doi.org/10.11896/jsjkx.200100026 |
|