检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:Wang Shuo Chu Jiang Pei Qingqi Shao Feng Yuan Shuai Zhong Xiaoge
机构地区:[1]State Key Laboratory of Astronautic Dynamics,Xi’an Satellite Control Center,Xi’an 710043,China [2]State Key Laboratory of Integrated Services Networks,Xidian University,Xi’an 710071,China [3]Shaanxi Key Laboratory of Blockchain and Secure Computing,Xidian University,Xi’an 710071,China
出 处:《China Communications》2024年第7期212-223,共12页中国通信(英文版)
基 金:supported by the National Key Research and Development Program of China(No.2016YFB0800601);the Key Program of NSFC-Tongyong Union Foundation(No.U1636209);the National Natural Science Foundation of China(61602358);the Key Research and Development Programs of Shaanxi(No.2019ZDLGY13-04,No.2019ZDLGY13-07)。
摘 要:The static and predictable characteristics of cyber systems give attackers an asymmetric advantage in gathering useful information and launching attacks.To reverse this asymmetric advantage,a new defense idea,called Moving Target Defense(MTD),has been proposed to provide additional selectable measures to complement traditional defense.However,MTD is unable to defeat the sophisticated attacker with fingerprint tracking ability.To overcome this limitation,we go one step beyond and show that the combination of MTD and Deception-based Cyber Defense(DCD)can achieve higher performance than either of them.In particular,we first introduce and formalize a novel attacker model named Scan and Foothold Attack(SFA)based on cyber kill chain.Afterwards,we develop probabilistic models for SFA defenses to provide a deeper analysis of the theoretical effect under different defense strategies.These models quantify attack success probability and the probability that the attacker will be deceived under various conditions,such as the size of address space,and the number of hosts,attack analysis time.Finally,the experimental results show that the actual defense effect of each strategy almost perfectly follows its probabilistic model.Also,the defense strategy of combining address mutation and fingerprint camouflage can achieve a better defense effect than the single address mutation.
关 键 词:address mutation deception defense fingerprint camouflage moving target defense probabilistic model
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.13