网络与信息安全学报 ›› 2021, Vol. 7 ›› Issue (1): 11-19.doi: 10.11959/j.issn.2096-109x.2021002

• 专题Ⅰ:新型网络安全架构与应用 • 上一篇    下一篇

基于仿生机理的内生安全防御体系研究

胡爱群1,1, 方兰婷1,1, 李涛1,1   

  1. 1 东南大学网络空间安全学院,江苏 南京 210096
    2 紫金山实验室,江苏 南京 211100
  • 修回日期:2020-07-03 出版日期:2021-02-15 发布日期:2021-02-01
  • 作者简介:胡爱群(1964- ),男,江苏如皋人,博士,东南大学教授、博士生导师,主要研究方向为网络与信息安全、移动通信安全技术。
    方兰婷(1990- ),女,安徽六安人,博士,东南大学讲师,主要研究方向为内生安全技术、数据挖掘技术、人工智能技术。
    李涛(1984- ),男,江苏镇江人,博士,东南大学讲师,主要研究方向为安全评估、移动终端防护。
  • 基金资助:
    国家自然科学基金(6162520);至善青年学者支持计划

Research on bionic mechanism based endogenous security defense system

Aiqun HU1,1, Lanting FANG1,1, Tao LI1,1   

  1. 1 School of Cyber Science and Engineering, Southeast University, Nanjing 210096, China
    2 Purple Mountain Laboratories, Nanjing 211100, China
  • Revised:2020-07-03 Online:2021-02-15 Published:2021-02-01
  • Supported by:
    The National Natural Science Foundation of China(6162520);Youth Scholar Program of SEU

摘要:

针对防火墙、入侵检测、防病毒等外壳式防御技术来不及检测、分析和过滤恶意流量,防御机制没有与网络设备的安全状态关联,导致安全效能低的问题,提出一种基于仿生机理的内生安全防御体系。模仿生物体的高效安全防御机理,在设计和建造信息系统时,将巨量安全机制部署进入网络的每一个安全部件中,通过网络互联将所有节点中的安全组件关联在一起,对网络进行全面、深度的安全态势感知和防御,并通过人工智能“大脑”不断地自主学习和演进,提升发现未知威胁和自动处理威胁的能力。通过构建全新的内生安全防御体系,将安全体系和信息系统高度融合,能够解决现有信息系统防御效率低、无法处理高速率数据、不能应对未知威胁等问题,使网络具有“与生俱来、自主成长”的安全防御能力,满足“业务高可用、安全高效率”的信息系统发展需求。

关键词: 内生安全, 防御机制, 仿生安全, 自主学习

Abstract:

Shell-based security defense technologies such as firewall, intrusion detection and anti-virus cannot be updated in a timely fashion upon identification of attacks.The security defense mechanism is not associated with the security status of network devices, resulting in low security performance.To solve the above problems, an endogenous security defense system based on the bionic security mechanism was proposed.Firstly, imitating the security defense mechanism of the organism, the endogenous security system integrated the security component with each other at the construction process.Secondly, the endogenous security associates all security components through network interconnection, and proposed a defense in depth and comprehensive approach to increase the security of a system.Finally, through the self-learning, endogenous security's ability of threat detection was continuous enhanced.By integrating the security system and information system, an endogenous security defense system was constructed.The endogenous security defense system can handle the challenges such as low defensive efficiency ratio, high-speed data processing, and unknown threats detection.The endogenous security system is an efficient security defense system of “innate growth and independent growth”.It meets the development needs of information systems with “high availability, security and high efficiency”.

Key words: endogenous security, defense mechanism, bionic security, independent learning

中图分类号: 

No Suggested Reading articles found!