计算机科学 ›› 2021, Vol. 48 ›› Issue (8): 284-290.doi: 10.11896/jsjkx.200900059

• 信息安全 • 上一篇    下一篇

FAWA:一种异构执行体的负反馈动态调度算法

杨林, 王永杰, 张俊   

  1. 国防科技大学电子对抗学院 合肥230037;安徽省网络空间安全态势感知与评估重点实验室 合肥230037
  • 收稿日期:2020-09-07 修回日期:2020-10-29 发布日期:2021-08-10
  • 通讯作者: 王永杰(w_yong_j@189.cn)
  • 基金资助:
    国家自然科学基金(61802422)

FAWA:A Negative Feedback Dynamic Scheduling Algorithm for Heterogeneous Executor

YANG Lin, WANG Yong-jie, ZHANG Jun   

  1. College of Electromagnetic Countermeasure,National University of Defense Technology,Hefei 230037,China;Anhui Province Key Laboratory of Cyberspace Security Situation Awareness and Evaluation,Hefei 230037,China
  • Received:2020-09-07 Revised:2020-10-29 Published:2021-08-10
  • About author:YANG Lin,born in 1995,postgraduate,is a member of China Computer Federation.His main research interests include cyberspace security,network security situational awareness and swarm intelligence.(yanglin0815@nudt.edu.cn)WANG Yong-jie,born in 1974,Ph.D,associate professor.His main research interests include cyberspace security,risk assessment and information system modeling and simulation.
  • Supported by:
    National Natural Science Foundation of China(61802422).

摘要: 拟态防御作为一种新提出的网络防御方法,其不可预测的特性使其具有出色的防御效果。异构执行体是拟态防御中由各类防御策略构成的异构部件,拟态防御机制通过对异构执行体的动态调度来获得防御的动态性。传统的调度方法具有一定的局限性,针对这些局限性,综合考虑防御的全面性和历史防御成功率信息,提出了一种新的具有负反馈能力的动态调度算法FAWA,并设计了仿真碰撞实验来模拟网络攻防过程,并与其他调度方法的防御效果作对比。实验结果表明,在攻击方随机装载攻击载荷的场景下,FAWA算法的调度效果始终优于其他算法,能够很好地提高防御成功率;在攻击方同样采取负反馈装载的场景下,FAWA算法的调度效果优于完全随机算法、CRA算法和一些改进的动态人工加权算法,但弱于先进先出算法FIFO。另外,仿真实验通过对比攻击方两种载荷装载场景发现,在随机装载场景下,防御方的防御成功率更低,表明此时攻击方的成功率反而优于负反馈装载场景,这一结论说明攻击方也需要在网络攻防博弈中具备随机性和不可预测性,而不应被过度干扰和调整。

关键词: 动态调度策略, 仿真, 负反馈调度, 拟态防御, 异构执行体

Abstract: As a new cyber defense method,the mimic defense has an excellent defense effect due to its unpredictable characteristics.Heterogeneous executors are heterogeneous components composed of various defense strategies to mimic defense.The mimic defense mechanism obtains the dynamics of defense through the dynamic scheduling of heterogeneous executors.Traditional scheduling methods have certain limitations.Because of these limitations,comprehensively considering the comprehensiveness of defense and historical defense success rate information,a new dynamic scheduling algorithm FAWA with negative feedback capability is proposed,and simulation collision experiments are designed.The network attack and defense process are compared with the defense effects of other scheduling methods.The experimental results show that in the scenario where the attacker randomly loads the attack load,the scheduling effect of the FAWA algorithm is always better than other algorithms,which can well improve the defense success.In the scenario where the attacker also adopts negative feedback loading,the scheduling effect of the FAWA algorithm is better than that of the CRA algorithm and some improved dynamic artificial weighting algorithms but weaker than FIFO.Besides,the simulation experiment compares the two types of load loading scenarios of the attacker and finds that in the random loading scenario,the defender's defense success rate is lower,indicating that the attacker's success rate is better than the negative feedback loading scenario.This conclusion shows that the attack also needs to have randomness and unpredictability in the network attack and defense game,and should not be excessively interfered and adjusted.

Key words: Dynamic scheduling strategy, Heterogeneous executor, Mimic defense, Negative feedback scheduling, Simulation

中图分类号: 

  • TP393.08
[1]NITRD.Cybersecurity game-change research & developmentrecommendations[OL].http://www.nitrd.gov/pubs/CSIAI WG%20 Cybersecurity%20GameChange_RD%20Re-commendations 20100513.pdf,2014-03-21.
[2]ZHANG Z Y.Research on Dynamic Scheduling Strategy for Mimic Defense [D].Zhengzhou:Zhengzhou University,2018.
[3]ZHANG H,ZHENG K,WANG X,et al.Efficient Strategy Selection for Moving Target Defense Under Multiple Attacks [J].IEEE Access,2019,7:65982-65995.
[4]WANG H,JIA Q,FLECK D,et al.A moving target DDoS defense mechanism [J].Computer Communications,2014,46:10-21.
[5]TIAN J,TAN R,GUAN X,et al.Enhanced Hidden MovingTarget Defense in Smart Grids [J].IEEE Transactions on Smart Grid,2019,10(2):2208-2223.
[6]ZHANG Z,DENG R,YAU D K Y,et al.Analysis of Moving Target Defense Against False Data Injection Attacks on Power Grid [J].IEEE Transactions on Information Forensics and Security,2020,15:2320-2335.
[7]TIAN J,TAN R,GUAN X,et al.Moving Target Defense Approach to Detecting Stuxnet-Like Attacks [J].IEEE Transactions on Smart Grid,2020,11(1):291-300.
[8]XIONG X,YANG L,ZHAO G.Effectiveness Evaluation Model of Moving Target Defense Based on System Attack Surface [J].IEEE Access,2019,7:9998-10014.
[9]WU J X.Research on Cyber Mimic Defense [J].Journal of Cyber Security,2016,1(4):1-10.
[10]HU H C,CHEN F C,WANG Z P.Performance Evaluations on DHR for Cyberspace Mimic Defense [J].Journal of Cyber Security,2016,1(4):40-51.
[11]FAN Y W,ZHU W J,BAN S H,et al.Dynamic Heterogeneous and Redundancy Data Protection Architecture [J].Journal of Chinese Computer Systems,2019,40(9),1956-1961.
[12]WU Z Q,ZHANG F,GUO W,et al.A Mimic Arbitration Optimization Method Based on Heterogeneous Degree of Executors [J].Computer Engineering,2020,46(5),12-18.
[13]MA H L,YI P,JIANG Y M,et al.Dynamic Heterogeneous Redundancy based Router Architecture with Mimic Defenses [J].Journal of Cyber Security,2017,2(1):29-42.
[14]ZHANG J X,PANG J M,ZHANG Z,et al.Executors Scheduling Algorithm for Web Server with Mimic Structure [J].Computer Engineering,2019,45(8):14-21.
[15]LIU Q R,LIN S J,GU Z Y.Heterogeneous redundancies schedu-ling algorithm for mimic security defense[J].Journal on Communications,2018,39(7):188-198.
[16]LIU J,ZHANG H Q,LIU Y.Research on Optimal Selection of Moving Target Defense Policy Based on Dynamic Game with Incomplete Information [J].Acta Electronica Sinica,2018,46(1):82-89.
[17]CAI Y T,CHANG X L,SHI Y,et al.Analyzing Transient Effectiveness of Dynamic Platform Technique in Resisting Attacks [J].Journal of Cyber Security,2019,4(4):59-67.
[18]ZHANG X M,GU Z Y,WEI S,et al.Markov game modeling of mimic defense and defense strategy determination [J].Journal on Communications,2018,39(10):143-154.
[1] 郭拯危, 付泽文, 李宁, 白澜.
高分辨率斜视聚束SAR回波仿真加速算法研究
Study on Acceleration Algorithm for Raw Data Simulation of High Resolution Squint Spotlight SAR
计算机科学, 2022, 49(8): 178-183. https://doi.org/10.11896/jsjkx.210600066
[2] 李瑭, 秦小麟, 迟贺宇, 费珂.
面向多无人系统的安全协同模型
Secure Coordination Model for Multiple Unmanned Systems
计算机科学, 2022, 49(7): 332-339. https://doi.org/10.11896/jsjkx.210600107
[3] 张明新.
面向超大规模社会系统仿真的概念模型
Conceptual Model for Large-scale Social Simulation
计算机科学, 2022, 49(4): 16-24. https://doi.org/10.11896/jsjkx.210900136
[4] 杨林, 王永杰.
蚁群算法在动态网络持续性路径预测中的运用及仿真
Application and Simulation of Ant Colony Algorithm in Continuous Path Prediction of Dynamic Network
计算机科学, 2021, 48(6A): 485-490. https://doi.org/10.11896/jsjkx.200800132
[5] 骆菁菁, 唐卫贞, 丁继婷.
基于皮尔逊系数的管制仿真训练数据独立化与因子分析下的数据可视化研究
Research of ATC Simulator Training Values Independence Based on Pearson Correlation Coefficient and Study of Data Visualization Based on Factor Analysis
计算机科学, 2021, 48(6A): 623-628. https://doi.org/10.11896/jsjkx.210200021
[6] 程宇, 刘铁军, 唐元贵, 王健, 姜志斌, 祁胜.
基于UNITY3D的水下机器人视景仿真方法
Underwater Robert Visual Simulation Based on UNITY3D
计算机科学, 2021, 48(6A): 281-284. https://doi.org/10.11896/jsjkx.200700131
[7] 向昌盛, 陈志刚.
面向海量数据的网络流量混沌预测模型
Chaotic Prediction Model of Network Traffic for Massive Data
计算机科学, 2021, 48(5): 289-293. https://doi.org/10.11896/jsjkx.200400056
[8] 曾伟良, 韩宇, 何锦源, 吴淼森, 孙为军.
自动驾驶出租车动态合乘效益仿真分析
Simulation Analysis on Dynamic Ridesharing Efficiency of Shared Autonomous Taxi
计算机科学, 2021, 48(2): 257-263. https://doi.org/10.11896/jsjkx.200400008
[9] 蒋化南, 张帅, 林宇斐, 李豪.
基于MPI的分布式并行Gazebo仿真优化与测试
Simulation Optimization and Testing Based on Gazebo of MPI Distributed Parallelism
计算机科学, 2021, 48(11A): 672-677. https://doi.org/10.11896/jsjkx.210100109
[10] 郭聪蕊, 王珺, 封一鸣.
系统仿真可信度评估方法研究
Research on Method of Credibility Evaluation of System Simulation
计算机科学, 2020, 47(6A): 567-571. https://doi.org/10.11896/JsJkx.190700201
[11] 郑耿峰.
基于直觉模糊层次分析的特种设备事故应急预案评价
Emergency Plan Evaluation of Special Equipment Accident Based on Intuitionistic Fuzzy Analytic Hierarchy Process
计算机科学, 2020, 47(6A): 616-621. https://doi.org/10.11896/JsJkx.190600097
[12] 许子熙, 毛新军, 杨亦, 卢遥.
知识问答社区及其激励机制的建模与仿真分析
Modeling and Simulation of Q&A Community and Its Incentive Mechanism
计算机科学, 2020, 47(6): 32-37. https://doi.org/10.11896/jsjkx.191000088
[13] 钟圳伟,纪庆革.
考虑行人相对速度的改进社会力模型的验证与评估
Verification and Evaluation of Modified Social Force Model Considering Relative Velocity of Pedestrians
计算机科学, 2020, 47(2): 88-94. https://doi.org/10.11896/jsjkx.190500055
[14] 曾蕾, 李豪, 林宇斐, 张帅.
基于异步机制的Gazebo仿真优化研究
Study on Simulation Optimization of Gazebo Based on Asynchronous Mechanism
计算机科学, 2020, 47(11A): 593-598. https://doi.org/10.11896/jsjkx.200300131
[15] 谭思玚.
小型复合式无人机飞行控制律快速设计与验证
Fast Design and Verification of Flight Control Law for Small Compound UAV
计算机科学, 2020, 47(11A): 651-656. https://doi.org/10.11896/jsjkx.200100026
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!