[1] |
VOAS J , GHOSH A , CHARRON F ,et al. Reducing uncertainty about common-mode failures[C]// IEEE Symposium Software Reliability Engineering. 1997: 308-319.
|
[2] |
LEVITIN G . Optimal structure of fault-tolerant software systems[J]. Reliability Engineering & System Safety, 2005,89(3): 286-295.
|
[3] |
AROMS E . NIST special publication 800-94 guide to intrusion detection and prevention systems (IDPS)[M]. South Carolina: CreateSpacePress, 2012.
|
[4] |
SPITZNER L , . Honeypots:catching the insider threat[C]// IEEE Computer Security Applications Conference. 2003: 170-179.
|
[5] |
JANA S , PORTER D E , SHMATIKOV V . TxBox:building secure,efficient sandboxes with system transactions[C]// IEEE Symposium on Security and Privacy,IEEE Computer Society. 2011: 329-344.
|
[6] |
ZHUANG R , DELOACH S A , OU X . Towards a theory of moving target defense[C]// ACM Workshop on Moving Target Defense. 2014: 31-40.
|
[7] |
邬江兴 . 网络空间拟态防御研究[J]. 信息安全学报, 2016,1(4): 1-10.
|
|
WU J X . Research on cyber mimic defense[J]. Journal of Cyber Security, 2016,1(4): 1-10.
|
[8] |
MCKEOWN N , ANDERSON T . OpenFlow:enabling innovation in campus networks[J]. ACM Sigcomm Computer Communication Review, 2008,38(2): 69-74.
|
[9] |
COX B , EVANS D , FILIPI A ,et al. 2006.N-variant systems:a secretless framework for security through diversity[C]// Usenix Security Symposium. 2006:9.
|
[10] |
KC G S , KEROMYTIS A D , PREVELAKIS V . Countering code-injection attacks with instruction-set randomization[C]// ACM Conference on Computer and Communications Security. 2003: 272-280.
|
[11] |
HOMESCU A , BRUNTHALER S , LARSEN P ,et al. Librando:transparent code randomization for just-in-time compilers[C]// ACM Sigsac Conference on Computer & Communications Security. 2013: 993-1004.
|
[12] |
BHATKAR S , DUVARNEY D C , SEKAR R . Address obfuscation:an efficient approach to combat a board range of memory error exploits[C]// Conference on Usenix Security Symposium. 2003: 105-120.
|
[13] |
DUNLOP M , GROAT S , URBANSKI W ,et al. Mt6d:a moving target IPv6 defense[C]// IEEE Military Communications Conference. 2011: 1321-1326.
|
[14] |
JAFARIAN J H , AL-SHAER E , DUAN Q . An effective address mutation approach for disrupting reconnaissance attacks[J]. IEEE Transactions on Information Forensics and Security, 2015,10(12): 2562-2577.
|
[15] |
JAFARIAN J H , AL-SHAER E , DUAN Q . Adversary-aware IP address randomization for proactive agility against sophisticated attackers[C]// 2015 IEEE Conference on Computer Communications (Infocom). 2015: 738-746.
|
[16] |
MAYO J R , TORGERSON M D , WALKER A M ,et al. The theory of diversity and redundancy in information system security[R]. LDRD Final Report, 2010.
|
[17] |
王禛鹏, 扈红超, 程国振 . 一种基于拟态安全防御的 DNS 框架设计[J]. 电子学报.
|
|
WANG Z P , HU H C , CHENG G Z . A DNS architecture based on mimic security defense[J]. Chinese Journal of Electronics.
|
[18] |
HU H C , WANG Z P , CHENG G Z ,et al. MNOS:a mimic network operating system for software defined networks[J]. IET Information Security, 2017
|
[19] |
WANG H , SCHMITT J . Load balancing-towards balanced delay guarantees in NFV/SDN[C]//IEEE Conference on NFV-SDN 2016:240-245. IEEE Conference on NFV-SDN, 2016: 240-245.
|
[20] |
CASCONE C , SANVITO D , POLLINI L ,et al. Fast failure detection and recovery in SDN with stateful data plane[J]. International Journal of Network Management, 2016
|
[21] |
PANG J , XU G , FU X . SDN-based data center networking with collaboration of multipath TCP and segment routing[J]. IEEE Access, 2017,(99): 1-1.
|
[22] |
HAN W , ZHAO Z , AHN G J . HoneyMix:toward SDN-based intelligent honeynet[C]// ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization. 2016: 1-6.
|
[23] |
JAFARIAN J H , AL-SHAER E , DUAN Q . Openflow random host mutation:transparent moving target defense using software defined networking[C]// The Workshop on Hot Topics in Software Defined Networks. 2012: 127-132.
|
[24] |
GEMBER-JACOBSON A , VISWANATHAN R , PRAKASH C ,et al. OpenNF:enabling innovation in network function control[C]// ACM Conference on Sigcomm. 2015: 163-174.
|
[25] |
JAFARIAN J H , AL-SHAER E , DUAN Q . Adversary-aware IP address randomization for proactive agility against sophisticated attackers[C]// Computer Communications(IEEE Infocom). 2015:738746.
|
[26] |
PORRAS P , SHIN S , YEGNESWARAN V ,et al. A security enforcement kernel for OpenFlow networks[C]// The First Workshop on Hot Topics in Software Defined Networks. 2012: 121-126.
|
[27] |
CHEUNG S , FONG M , PORRAS P ,et al. Securing the software-defined network control layer[C]// Network and Distributed System Security Symposium. 2015.
|
[28] |
SHIN S , SONG Y , LEE T ,et al. Rosemary:a robust,secure,and high-performance network operating system[C]// 2014 ACM SIGSAC Conference on Computer and Communications Security. 2014: 78-89.
|
[29] |
BERDE P , HART J , HART J ,et al. ONOS:towards an open,distributed SDN OS[C]// The Workshop on Hot Topics in Software Defined Networking. 2010: 1-6.
|
[30] |
LI H , LI P , GUO S ,et al. Byzantine-resilient secure software defined networks with multiple controllers in cloud[J]. IEEE Transactions on Cloud Computing, 2015,2(4): 436-447.
|
[31] |
HU H C , WANG Z P , CHENG G Z ,et al. MNOS:a mimic network operating system for software defined networks[J]. IET Information Security, 2017.
|