摘要
针对网络空间中攻防博弈不对称的问题,拟态防御技术通过将动态性、随机性和多样性引入系统,从内生安全的角度构建安全可靠的系统。多模裁决机制是拟态防御系统中的关键机制之一,最常采用的裁决算法为大数判决,但由于算法的简单性,无法应对复杂场景。针对复杂环境下的多模裁决问题,提出了一种基于执行体安全性的智能仲裁算法,考虑了执行体自身的安全性度量及输出空间,使拟态防御系统能够应对更加复杂或威胁性更高的防御场景。仿真结果表明,相对于大数判决与基于最优安全度的判决算法,该算法能够显著提升多模裁决结果的准确性,有效提升拟态系统的安全性。
Aiming at the asymmetry problem of attack-defense game in cyber security,mimic defense introduces the dynamic,randomness,diversity into the system,constructing secure and reliable system from the perspective of built-in security.Multi-mode adjudication is one of the key mechanisms of mimic defense system.The most commonly used adjudication algorithm is majority judgment,however,due to its simplicity,it cannot handle complicated scenes.To address the multi-mode under complicated scene,this paper proposes an intelligent adjudication algorithm based on security of executors,which takes into consideration of the security measurement and output space of executor.The algorithm enhances the mimic defense system for more complex scenarios or more threatening defense scenarios.Simulation results indicate that the proposed algorithm can remarkably improve the accuracy of multi-mode adjudication compared with the majority judgment and adjudication based on best security measurement.The proposed method can improve system security effectively.
作者
李俊
王志浩
陈迎春
LI Jun;WANG Zhihao;CHEN Yingchun(No.30 Institute of CETC,Chengdu Sichuan 610041,China;University of Electronic Science and Technology of China,Chengdu Sichuan 611731,China)
出处
《通信技术》
2021年第4期929-937,共9页
Communications Technology
关键词
内生安全
拟态防御
多模裁决
漏洞分析
built-in security
mimic defense
multi-mode adjudication
vulnerability analysis
