Journal on Communications ›› 2021, Vol. 42 ›› Issue (3): 122-134.doi: 10.11959/j.issn.1000-436x.2021022

• Papers • Previous Articles     Next Articles

Defense-enhanced dynamic heterogeneous redundancy architecture based on executor partition

Ting WU1,2, Chengnan HU1, Qingnan CHEN1, Anbang CHEN1, Qiuhua ZHENG1   

  1. 1 School of Cyberspace Security, Hangzhou Dianzi University, Hangzhou 310018, China
    2 Hangzhou Innovation Institute, Beihang University, Hangzhou 310051, China
  • Revised:2020-12-30 Online:2021-03-25 Published:2021-03-01
  • Supported by:
    Zhejiang Province Key Research and Development Program(2020C01078);Zhejiang Province Key Research and Development Program(2019C01012);Zhejiang Province Key Research and Development Program(2017C01062)

Abstract:

Aiming at the security problem when servants are faced with common vulnerabilities, an improved DHR architecture called IDHR was proposed.On the basis of DHR, an executor-partition module that divided the executor-set to several executor pools by the heterogeneity among the executors was introduced to improve the heterogeneity among the executor pools.Moreover, the scheduling algorithm was improved by choosing executor pools randomly at first, and then choosing the executors from these pools randomly.Finally, through two experimental schemes of random simulation and Web server emulation, the security evaluation of the proposed IDHR architecture was carried out from two aspects of attack success rate and control rate.Experimental results show that the security of the IDHR architecture, especially when the common vulnerability is unknown, is significantly better than the traditional DHR architecture.

Key words: mimic defense, mimic system architecture, dynamic heterogeneous redundancy, security analysis

CLC Number: 

No Suggested Reading articles found!