摘要
动态异构冗余(Dynamic Heterogeneous Redundancy,DHR)模型的安全性分析是拟态防御的核心问题之一.本文针对DHR模型安全性量化分析问题提出了执行体-漏洞矩阵和服务体-漏洞矩阵模型,实现了DHR系统的形式化描述.提出了攻击序列法和服务体法的两种计算方法,从系统攻击成功率和被控制率对DHR系统进行安全性分析,推导出非合谋(合谋)盲攻击和非合谋(合谋)最优攻击4种场景下安全性指标的计算公式.通过仿真实验分析了DHR模型各因素对系统安全性的影响,给出了增强DHR系统安全性的具体建议.所提方法能用于DHR系统的安全性量化分析和比较,为DHR系统构建提供量化决策支撑.
The security analysis of the dynamic heterogeneous redundancy(DHR)system is one key issue of the cyber mimic defense.We propose the executor-vulnerability matrix(MEV)and the servant-vulnerability matrix(MSV)to achieve the formal representation of the DHR system.On this basis,the attack sequence method and the servant method are proposed to analyze DHR systems’security from the attack success rate and controlled time rate.we deduce the security index calculation under(non-)collusion blind attack and(non-)collusion optimal attack scenarios.Therefore,we analyze the influence of various factors on DHR security through simulation experiments.We give several suggestions to enhance the DHR system’s security.The proposed approach can be used to analyze DHR systems’security and assist in constructing DHR systems.
作者
郑秋华
胡程楠
崔婷婷
申延召
曾英佩
吴铤
ZHENG Qiu-hua;HU Cheng-nan;CUI Ting-ting;SHEN Yan-zhao;ZENG Ying-pei;WU Ting(School of Cyberspace Security,Hangzhou Dianzi University,Hangzhou,Zhejiang 310018,China;Hangzhou Innovation Institute,Beihang University,Hangzhou,Zhejiang 310051,China)
出处
《电子学报》
EI
CAS
CSCD
北大核心
2021年第8期1586-1598,共13页
Acta Electronica Sinica
基金
浙江省重点研发计划(No.2020C01078,No.2019C01012)。
关键词
拟态防御
动态异构冗余
安全性分析
漏洞矩阵
cyber mimic defense
dynamic heterogeneous redundancy
security analysis
vulnerability matrix
