Strategic Study of CAE >> 2016, Volume 18, Issue 6 doi: 10.15302/J-SSCAE-2016.06.014
Mimic Defense Technology
1. National Digital Switching System Engineering & Technological R&D Center, The PLA Information Engineering University, Zhengzhou 450002, China;
2. State Key Laboratory of Mathematical Engineering and Advanced Computing, The PLA Information Engineering University, Zhengzhou 450001, China
Next Previous
Abstract
Cybersecurity is in an unbalanced situation: It is easy to attack cybersecurity but difficult to defend it. Active defense technology is a new direction in cybersecurity research that has attracted more and more attention. This paper summarizes the development of active defense via the introduction of intrusion tolerance technology and moving target defense technology. We then introduce the theory, implementation, and testing of mimic defense. By comparing mimic defense with intrusion tolerance and moving target defense, we propose a research direction and a key point in the cybersecurity rebalancing strategy in order to provide a reference for the development of national cybersecurity.
References
[ 1 ] Kenkre P S, Pai A, Colaco L. Real time intrusion detection and prevention system [C]// Satapathy S C, Biswal B N, Udgata S K, et al, editors. Proceedings of the 3rd international conference on 075Strategic Study of CAE 2016 Vol. 18 No. 6frontiers of intelligent computing: theory and applications (FICTA) 2014. link1
[ 2 ] Wu J X. Mimic security defense in cyber space [J]. Secrecy Sci-ence and Technology, 2014, 10 (1): 4–9.
[ 3 ] Powell D, Stroud R. Project IST-1999-11583 malicious- and acci-dental-fault tolerance for internet applications: conceptual model and architecture of MAFTIA [R]. Newcastle: University of New-castle upon Tyne, 2003.
[ 4 ] Jajodia S, Ghosh A K, Swarup V, et al, editors. Moving target de-fense: Creating asymmetric uncertainty for cyber threats [M]. New York: Springer, 2011. link1
[ 5 ] Gupta V, Lam V, Ramasamy HG V, et al. Dependability and per-formance evaluation of intrusion-tolerant server architectures [M]. Berlin: Springer, 2003. link1
[ 6 ] Wang F, Jou F, Gong F, et al. SITAR: A scalable intrusion-tolerant architecture for distributed services[C]// Proceedings of the 2001 IEEE— workshop on information assurance and security. New York: United States Military Academy, 2003. link1
[ 7 ] Malkhi D, Reiter M. Byzantine quorum systems [J]. Distributed Computing, 1998, 11 (4): 203–213. link1
[ 8 ] Kewley D L, Bouchard J F. DARPA information assurance pro-gram dynamic defense experiment summary [J]. IEEE Transac-tions on Systems, Man, and Cybernetics. Part A, Systems and Humans, 2001, 31 (4): 331–336. link1
[ 9 ] Okhravi H, Hobson T, Bigelow D, et al. Finding focus in the blur of moving-target techniques [J]. IEEE Security & Privacy, 2014, 12 (2): 16–26. link1