基于软硬件多样性的主动防御技术.PDF

第2 卷 第1 期 信 息 安 全 学 报 Vol. 2 No. 1 2017 年1 月 Journal of Cyber Security January, 2017 基于软硬件多样性的主动防御技术 1 1 2 仝 青 , 张 铮 , 邬江兴 1 数学工程与先进计算国家重点实验室 郑州 中国450001 2 国家数字交换系统工程技术研究中心 郑州 中国450002 摘要 网络空间的攻击和防御呈现不对称性, 防御往往处于被动地位。基于软硬件多样性的主动防御技术试图改变攻防的不对 称性, 是当今网络空间防御技术的研究热点之一。本文介绍了基于多样性的主动防御所利用的主要技术手段, 分析了入侵容忍、 移动目标防御和拟态防御三种主动防御框架下的系统实现, 并对比分析了三种主动防御技术的防御效果和优缺点, 最后展望了 基于软硬件多样性的主动防御技术的发展方向。 关键词 主动防御; 多样性; 入侵容忍; 移动目标防御; 拟态防御 中图法分类号 TP309 DOI 号 10.19363/10-1380/tn.2017.01.001 The Active Defense Technology Based on the Software/Hardware Diversity 1 1 2 TONG Qing , ZHANG Zheng , WU Jiangxing 1 State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, China 2 National Digital Switching System Engineering Technological RD Center, Zhengzhou 450002, China Abstract There is an asymmetric phenomenon in the cyber security, where the defense is often passive while the attack is active. The technologies of active defense try to rebalance the situation in the attack-defense game, which has been a question of heat in the research of cyber defense technology. First, the methods based on the software/hardware diversity are introduced, and then three kind of active defense, including intrusion tolerance, moving target defense and mimic de- fense, are interpreted with several systems and architectures. And then, the defense effect, pros and cons of the active de- fense are compared and analyzed. Finally, the future work and