An Equivalent Scheduling Strategy for Cyberspace Mimicry Defense Based on Security Priority
暂无分享,去创建一个
With the continuous development and popularization of network equipment and services, people's dependence on cyberspace is becoming stronger and stronger, and the importance of network security is becoming more and more prominent. Mimic defense is based on the system architecture of dynamic heterogeneous redundancy. Data is sent to multiple heterogeneous functional equivalents through the input agents, and then the response of heterogeneous functional equivalents is judged according to a certain arbitration policy by the output agent. The abnormal output of a functional equivalent can be effectively eliminated, enabling the system to achieve intrusion prevention against unknown system vulnerabilities or backdoors. This paper analyzes the effect of the isomorphism of functional equivalents on system security, and proposes a mimic method based on the equivalence of mimicry maximization. Experiments have shown that the effectiveness of security defense can be significantly improved.
[1] Zhang Yujia Zhang Zheng Wu Jiangxing Pang Jianmin. Applying a Combination of Mimic Defense and Software Diversity in the Software Security Industry , 2016 .
[2] Hu Hongchao,et al. Performance Evaluations on DHR for Cyberspace Mimic Defense , 2016 .
[3] Benoit Baudry,et al. The Multiple Facets of Software Diversity , 2014, ACM Comput. Surv..