网络与信息安全学报 ›› 2018, Vol. 4 ›› Issue (1): 15-25.doi: 10.11959/j.issn.2096-109x.2018008

• 学术论文 • 上一篇    下一篇

AMTD:一种适应性移动目标防御方法

刘丹军(),蔡桂林,王宝生   

  1. 国防科技大学计算机学院,湖南 长沙 410005
  • 修回日期:2018-01-04 出版日期:2018-01-01 发布日期:2018-02-09
  • 作者简介:刘丹军(1994-),男,湖北潜江人,国防科技大学硕士生,主要研究方向为网络安全、二进制安全。|蔡桂林(1982-),女,湖北浠水人,博士,主要研究方向为网络安全、移动目标防御。|王宝生(1970-),男,河北黄骅人,博士,国防科技大学研究员,主要研究方向为网络与信息安全。
  • 基金资助:
    国家重点研发计划基金资助项目(2017YFB0802301);国家自然科学基金资助项目(61472437)

AMTD:a way of adaptive moving target defense

Danjun LIU(),Guilin CAI,Baosheng WANG   

  1. Computer College,National University of Defense Technology,Changsha 410005,China
  • Revised:2018-01-04 Online:2018-01-01 Published:2018-02-09
  • Supported by:
    The National Key Research and Development Program of China(2017YFB0802301);The National Natural Science Foundation of China(61472437)

摘要:

MTD是通过动态移动目标的攻击面来改变攻击和防御不对称状态的一种新方式。MTD变换频率对于系统可用性、安全性和防御成本之间的权衡至关重要。但目前的变换频率通常根据管理者的经验确定,缺乏理论基础,无法达到可用性-安全性成本之间的权衡。为应对这一挑战,提出了适应性移动目标防御框架(AMTD),在确保系统可用的前提下,以最低的成本获取最大的系统安全性。AMTD的适应性体现在2 方面:一是防御模式的适应性,通过提出一种自适应转换策略,提供由安全警报触发的反应性防御和定时器到期事件触发的主动防御;二是变换频率的适应性,通过建立数学模型获得最优的变换频率。采取4个系列的模拟实验验证该解决方案的有效性。

关键词: 移动目标防御, 适应性防御, 框架

Abstract:

Moving target defense is a new way to change the asymmetry state between attack and defense,by dynamically moving target’s attacking surface.Frequency conversion of MTD is of great importance for the weighing between usability,security and defense cost.Nowadays,however,frequency conversion is usually determined by manager’s experience,which cannot create a balance between usability and security cost for the lack of theory basis.An adaptive moving target defense framework(AMTD)was proposed.AMTD can maximize system security at the lowest cost while ensuring that the system is available.The adaptability of AMTD has two modes.Firstly,the defense mode,it contains an adaptive conversion strategy to provide reacting defense triggered by security alerts and active defense triggered by timer expiration events.The other mode is the frequency conversion,which obtain the optimal conversion frequency by establishing mathematical models.Four series of simulation experiments were taken to verify the effectiveness of the solution.

Key words: moving target defense, adaptive defense, framework

中图分类号: 

No Suggested Reading articles found!