动目标防御机制

doi:10.3969/j.issn.1671-1122.2014.09.022

信息网络安全 ›› 2014, Vol. 14 ›› Issue (9): 98-100.doi: 10.3969/j.issn.1671-1122.2014.09.022

动目标防御机制

王东霞，冯学伟，赵刚

信息系统安全技术重点实验室，北京100101

收稿日期:2014-08-06 出版日期:2014-09-01
作者简介:王东霞（1974-），女，河南，研究员，博士，主要研究方向：信息系统安全;冯学伟（1985-），男，陕西，助理研究员，硕士，主要研究方向：网络安全;赵刚（1969-），男，河北，研究员，博士，主要研究方向：信息系统安全。
基金资助:
国家自然科学基金（ [61271252]）

Moving Target Defense Mechanisms

WANG Dong-xia, FENG Xue-wei, ZHAO Gang

Nation Key Laboratory of Science and Technology on Information System Security, Beijing 100101, China

Received:2014-08-06 Online:2014-09-01

摘要/Abstract

摘要： 动目标防御是安全领域的一个新探索，旨在通过动态变化增加攻击者的难度，从而提升系统的安全性。文章从对抗条件下实现安全的机理入手，分析了动目标防御的原理和有效性，建立了动目标防护技术体系，描述了不同层次和粒度的动目标防御机制，分析了实现动目标防御面临的问题和挑战。

关键词: 动目标防御, 攻击面, 多样化

Abstract: Moving Target Defense (MTD) is a new research theme to cyber security, which takes away the adversary’s advantage by dynamical variance to increase the security of the system. In this paper, the security principle under the counter conditions is proposed and the model and validity of MTD are analyzed. The MTD technology architecture is introduced to describe various MTD mechanisms in different levels. At last, the challenges to realize MTD are described.

Key words: moving target defense, attack surface, diversity

王东霞，冯学伟，赵刚. 动目标防御机制[J]. 信息网络安全, 2014, 14(9): 98-100.

WANG Dong-xia, FENG Xue-wei, ZHAO Gang. Moving Target Defense Mechanisms[J]. 信息网络安全, 2014, 14(9): 98-100.

参考文献

[1] Cybersecurity Game-Change Research & Development Recommendations. NITRD CSIA IWG[EB/OL]. http://www.nitrd.gov/pubs/CSIA_IWG_Cybersecurity_GameChange_RD_Recommendations_20100513.pdf.
[2] Pratyusa K.Manadhata, Jeannette M.Wing. A Formal Model for a System’s Attack Surface. S.Jajodia et al. (eds.). Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats[J]. Advances in Information Security 54,doi:10.1007/978-1-4614-0977-9_1, Springer Science+Business Media,LLC 2011. pp1-28.
[3] Shacham, H., Page, M., Pfaff, B. On the Effectiveness of Address-Space Randomization[C]. Proceedings of the 11th ACM conference on Computer and communications security, pp 298-307, 2004.
[4] Todd Jackson, Babak Salamat, Andrei Homescu, ea al. Compiler-Generated Software Diversity. S.Jajodia et al. (eds.). Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats[J]. Advances in Information Security 54,doi:10.1007/978-1-4614-0977-9_1, Springer Science+Business Media,LLC 2011. pp77-98.
[5] Mihai Christodorescu, Matthew Fredrikson, Somesh Jha, ea al. End-to-End Software Diversification of Internet Services. S.Jajodia et al. (eds.). Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats[J]. Advances in Information Security 54,doi:10.1007/978-1-4614-0977-9_1, Springer Science+Business Media,LLC 2011. pp117-130.
[6] Justin Yackoski, Harry Bullen, Xiang Yu, ea al. Applying Self-Shielding Dynamics to the Network Architecture. S.Jajodia et al. (eds.).Moving Target Defense II: Application of Game Theory and Adversarial Modeling[J]. Advances in Information Security 100,doi:10.1007/978-1-4614-5416-8_6, Springer Science+Business Media New York 2013. pp 97-116.

动目标防御机制

Moving Target Defense Mechanisms

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 1

编辑推荐

Metrics

本文评价