Cybersecurity Assurance System in the New Era and Development Suggestions Thereof: From Self-Defense to Guard

Zhihong Tian; Binxing , Liao Qing Fang; Yanbin Sun; Ye Wang; Xu Yang; Jiyuan Feng

doi:10.15302/J-SSCAE-2023.06.007

PDF(2489 KB)

Strategic Study of CAE ›› 2023, Vol. 25 ›› Issue (6) : 96-105. DOI: 10.15302/J-SSCAE-2023.06.007

Cyberspace Security Technology System and Risk Response

Cybersecurity Assurance System in the New Era and Development Suggestions Thereof: From Self-Defense to Guard

Author information +

History +

Abstract

The rapid development of network attack and defense technologies has posed various challenges to current cybersecurity assurance systems. Therefore, studying a new cybersecurity assurance system has become an urgent need to promote the development of information technologies and is of strategic significance for strengthening the network security and availability in China. This study summarizes the operation status of and major security challenges faced by China’s current cybersecurity guarantee system that features a self-defense mode. A cybersecurity guarantee system based on a guard mode and its key technical tasks are proposed. Specifically, the tasks include honey point technology based on deep threat perception, honey court technology based on attack observation and discrimination, honey matrix technology based on collaborative linkage, and honey hole technology based on attack deterrence and mapping. Furthermore, we propose the following suggestions: (1) exploring the cybersecurity assurance mechanisms based on the guard mode to comprehensively improving the cybersecurity protection level of China; (2) exploring the research and application of security protection technologies based on the guard mode and achieving the integration of existing and new security protection technologies; (3) exploring a new talent-training model to cultivate innovative and practical professionals in the cybersecurity field.

Keywords

cybersecurity / assurance system / threat / active defense / guard mode

Cite this article

EndNote

Ris (Procite)

Bibtex

Download citation ▾

Zhihong Tian, Binxing , Liao Qing Fang, Yanbin Sun, Ye Wang, Xu Yang, Jiyuan Feng. Cybersecurity Assurance System in the New Era and Development Suggestions Thereof: From Self-Defense to Guard. Strategic Study of CAE, 2023, 25(6): 96‒105 https://doi.org/10.15302/J-SSCAE-2023.06.007

References

Publishing order | Descend order by publishing year | Descend order by cited within

[1]	贾焰, 方滨兴, 李爱平, 等‍‍. 基于人工智能的网络空间安全防御战略研究 [J]‍. 中国工程科学, 2021, 23(3): 98‒105‍.

[2]	Wu J X‍. Cyberspace endogenous safety and security [J]‍. Engineering, 2022, 15: 179‒185‍.

[3]	方滨兴, 时金桥, 王忠儒, 等‍. 人工智能赋能网络攻击的安全威胁及应对策略 [J]‍. 中国工程科学, 2021, 23(3): 60‒66‍.

[4]	王秋华, 吴国华, 魏东晓, 等‍. 工业互联网安全产业发展态势及路径研究 [J]‍. 中国工程科学, 2021, 23(2): 46‒55‍.

[5]	Jiang Z M, Tang Z F, Zhang P, et al‍. Programmable adaptive security scanning for networked microgrids [J]‍. Engineering, 2021, 7(8): 1087‒1100‍.

[6]	马娟, 于广琛, 柯皓仁, 等‍. 工业互联网设备的网络安全管理与防护研究 [J]‍. 中国工程科学, 2021, 23(2): 81‒87‍.

[7]	安天研究院‍. 美国网络空间攻击与主动防御能力解析——美国网络空间安全主动防御体系 [J]‍. 网信军民融合, 2018 (2): 50‒51‍.

[8]	Bertino E‍. Zero trust architecture: Does it help? [J]‍. IEEE Security & Privacy, 2021, 19(5): 95‒96‍.

[9]	He Y H, Huang D C, Chen L, et al‍. A survey on zero trust architecture: Challenges and future trends [J]‍. Wireless Communications and Mobile Computing, 2022, 2022: 6476274‍.

[10]	斯雪明, 王伟, 曾俊杰, 等‍. 拟态防御基础理论研究综述 [J]‍. 中国工程科学, 2016, 18(6): 62‒68‍.

[11]	罗兴国, 仝青, 张铮, 等‍. 拟态防御技术 [J]‍. 中国工程科学, 2016, 18(6): 69‒73‍.

[12]	Wang Y W, Wu J X, Guo Y F, et al‍. Scientific workflow execution system based on mimic defense in the cloud environment [J]‍. Frontiers of Information Technology & Electronic Engineering, 2018, 19(12): 1522‒1536‍.

[13]	Sepczuk M‍. Dynamic web application firewall detection supported by cyber mimic defense approach [J]‍. Journal of Network and Computer Applications, 2023, 213: 103596‍.

[14]	Srinivasa S, Pedersen J M, Vasilomanolakis E‍. Towards systematic honeytoken fingerprinting [C]‍. Merkez: The 13th International Conference on Security of Information and Networks, 2020.

[15]	Zhang L, Thing V L L‍. Three decades of deception techniques in active cyber defense: retrospect and outlook [J]‍. Computers & Security, 2021, 106: 102288‍.

[16]	Osman A, Bruckner P, Salah H, et al‍. Sandnet: Towards high quality of deception in container-based microservice architectures [C]‍. Shanghai: IEEE International Conference on Communications, 2019‍.

[17]	Qin X S, Jiang F, Cen M C, et al‍. Hybrid cyber defense strategies using honey-X: A survey [J]‍. Computer Networks, 2023, 230: 109776‍.

[18]	Rauti S‍. A survey on countermeasures against man-in-the-browser attacks [C]‍. Bhopal: 19th International Conference on Hybrid Intelligent Systems, 2019‍.

[19]	Amouei M, Rezvani M, Fateh M‍. RAT: Reinforcement-learning-driven and adaptive testing for vulnerability discovery in web application firewalls [J]‍. IEEE Transactions on Dependable and Secure Computing, 2022, 19(5): 3371‒3386‍.

[20]	Takahashi H, Ahmad H F, Mori K‍. Application for autonomous decentralized multi layers cache system to web application firewall [C]‍. Tokyo: The Tenth International Symposium on Autonomous Decentralized Systems, 2011‍.

[21]	李雪, 唐文, 张华‍. 一种新的Web应用防火墙的自学习模型 [J]‍. 小型微型计算机系统, 2014, 35(3): 483‒487‍.

[22]	李莉, 翟征德‍. 一种基于Web应用防火墙的主动安全加固方案 [J]‍. 计算机工程与应用, 2011, 47(25): 104‒106‍.

[23]	Bayazeed A, Khorzom K, Aljnidi M‍. A survey of self-coordination in self-organizing network [J]‍. Computer Networks, 2021, 196: 108222‍.

[24]	王瑶, 艾中良, 张先国‍. 基于蜜标和蜜罐的追踪溯源技术研究与实现 [J]‍. 信息技术, 2018 (3): 108‒112‍.

[25]	Zhao S Q, Lu Z, Wang C‍. Measurement integrity attacks against network tomography: Feasibility and defense [J]‍. IEEE Transactions on Dependable and Secure Computing, 2021, 18(6): 2617‒2630‍.