Quantification Method for Heterogeneity on Web Server with Mimic Construction

被引：0

作者：

Zhang J.-X. ^{[1
]}

Pang J.-M. ^{[1
]}

Zhang Z. ^{[1
]}

机构：

[1] State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou

来源：

Pang, Jian-Min (jianmin_pang@hotmail) | 1600年 / Chinese Academy of Sciences卷 / 31期

基金：

中国国家自然科学基金;

关键词：

Cyberspace security; Heterogeneity; Micmic defence; Quantification method; Web server;

D O I：

10.13328/j.cnki.jos.005615

中图分类号：

学科分类号：

摘要：

The Web server with mimic construction is a new Web security defense system based on the principle of mimic defence. It uses the heterogeneity, dynamics, redundancy, and other characteristics to block or disrupt network attacks to control the security risk of the system. This study analyzes how heterogeneity can improve the security of the Web server with mimic construction and points out the importance of quantification of heterogeneity. Based on the quantification methods of biodiversity, this study defines the heterogeneity of the Web servers with mimic construction as the complexity and disparity of its execution set, proposes a quantification method that is suitable for quantitative heterogeneity, and analyzes the factors that influence heterogeneity of the Web servers with mimic construction. This study provides a new method for quantitative assessment of mimic defence in theory, and provides guidance for choosing the redundancy, components, and execution in practice. The experimental results show that the proposed method is more suitable for quantifying the heterogeneity of Web server with mimic construction than the Shannon-Wiener index and Simpson index. © Copyright 2020, Institute of Software, the Chinese Academy of Sciences. All rights reserved.

引用

页码：564 / 577

页数：13

共 33 条

[1] Birman K.P., Schneider F.B., The monoculture risk put into context, Security & Privacy, 7, 1, pp. 14-17, (2009)
[2] Kewley D.L., Bouchard J.F., DARPA information assurance program dynamic defense experiment summary, IEEE Trans. on Systems, Man, and Cybernetics-Part A: Systems and Humans, 31, 4, pp. 331-336, (2001)
[3] Jajodia S., Ghosh A.K., Swarup V., Et al., Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats, (2011)
[4] Cai G.L., Wang B.S., Wang T.Z., Et al., Research and developmentof moving target defense technology, Journal of Computer Research and Development, 53, 5, pp. 968-987, (2016)
[5] Wu J.X., Meaning and vision of mimic computing and mimic security defense, Telecommunications Science, 30, 7, pp. 1-7, (2014)
[6] Wu J.X., Zhang F., Luo X.G., Mimic computing and mimic security defense, Communications of the CCF, 11, 1, pp. 8-14, (2015)
[7] Tong Q., Zhang Z., Zhang W.H., Wu J.X., Design and implementation of mimic defense Web server, Ruan Jian Xue Bao/Journal of Software, 28, 4, pp. 883-897, (2017)
[8] Zhang Z., Ma B.L., Wu J.X., The test and analysis of prototype of mimic defense in Web servers, Journal of Cyber Security, 2, 1, pp. 13-28, (2017)
[9] Shao C.S., Lou W., Yan L.M., Optimization of algorithm of similarity measurement in high-dimensional data, Computer Technology and Development, 21, 2, pp. 1-4, (2011)
[10] Mitra P., Murthy C.A., Pal S.K., Unsupervised feature selection using feature similarity, IEEE Trans. on Pattern Analysis & Machine Intelligence, 24, 3, pp. 301-312, (2002)

← 1 2 3 4 →