检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:马润年[1] 陈彤睿 王刚[1] 伍维甲[1] MA Run-nian;CHEN Tong-rui;WANG Gang;WII Wei-jia(school of Information and Navigation,Air force Engineering University ,Xi' an 110003,China)
机构地区:[1]空军工程大学信息与导航学院,西安710003
出 处:《火力与指挥控制》2019年第3期1-8,22,共9页Fire Control & Command Control
基 金:国家自然科学基金资助项目(61573017)
摘 要:针对隔离区网络防御在遭受持续攻击威胁时存在的问题,利用动态目标防御理论和技术,设计了面向隔离区异构平台的动态防御主动迁移策略。从分析隔离区平台动态防御原理入手,结合网络攻防特点,考虑平台暴露时间和随机迁移次序等因素,提出了面向隔离区的3类平台动态防御主动迁移策略,包括固定时间间隔-顺序平台选择策略、固定时间间隔-随机平台选择策略以及基于平台安全等级的可调时间间隔-随机平台选择策略,设计了策略评估指标和系统效能计算方法。仿真结果表明,主动迁移策略具有优异的安全防御性能,通过增加迁移次序的随机性和根据安全等级设置可调时间间隔,可以实现防御成本和收益的优化。Aiming at the proble m of the network defense under persistent threat in Demilitarized Zone(DMZ),the dynamic target defense theory and technology are introduced to design the dynamic defense active migration strategy for the heterogeneous platform. Starting with dynamic defense platform principle of DMZ and combining to the characteristics of cyber-attack and defense,there were three strategies designed based on platform exposure time and random migration. The first is sequential platform selection strategy with fixed time. The second is random platform selection strategy with fixed time,and the third is random platform selection strategy with adjustable time based on platform security level. The security evaluation index which is used to quantify strategy and calculation method of system performance was proposed. Simulation results showed that the active migration strategy had excellent security defense performance. By increasing the randomness of migration sequence and setting the adjustable time interval according to the security level,the defense cost and earning can be optimized.
分 类 号:TN915.08[电子电信—通信与信息系统]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.28