Journal Home Online First Current Issue Archive For Authors Journal Information 中文版

2016, Volume 18, Issue 6

Abstract

Keywords

Figures

References

Related Research

Back to Top

Strategic Study of CAE >> 2016, Volume 18, Issue 6 doi: 10.15302/J-SSCAE-2016.06.015

Applying a Combination of Mimic Defense and Software Diversity in the Software Security Industry

1. State Key Laboratory of Mathematical Engineering and Advanced Computing, The PLA Information Engineering University, Zhengzhou 450001, China;

2. National Digital Switching System Engineering & Technological R&D Center, The PLA Information Engineering University, Zhengzhou 450002, China

Funding project:中国工程院重大咨询项目“网络空间安全战略研究”(2015-ZD-10) Received: 2016-10-08 Revised: 2016-10-28 Available online: 2016-12-13 15:28:55.000
HTML104 PDF 45 Collect 0

Next Previous

Abstract

With the development of the Internet, the process of computer software globalization continues to push forward. For widely used software, anidentical binary code is installed on millions of computers; sometimes even hundreds of millions. This makes widespread exploitation easy and attractive for an attacker because the same attack vector is likely to succeed on a large number of targets. Traditional software security methods can only counter the threat temporarily, and cannot eliminate essential vulnerabilities. This paper proposes a scheme of combining software diversity with mimic defense in the software security industry.

Figures

Fig. 1.

Fig. 2.

References

[ 1 ] China Internet Network Information Center. The 38th statistical report on Internet development in China [EB/OL]. (2016-08-03) [2016-10-08]. http://www.cnnic.net.cn/hlwfzyj/hlwxzbg/hlwt-jbg/201608/t20160803_54392.htm. Chinese. link1

[ 2 ] Symantec Corporation. Internet security threat report 2016 [R/OL]. (2016-04-01) [2016-10-08]. link1

[ 3 ] Ni G N. The nature of information security: autonomous and con-trollable [J]. China Economy & Informatization, 2013 (5): 18–19. Chinese. link1

[ 4 ] Cohen F B. Operating system protection through program evolu-tion [J]. Computers & Security, 1993, 12 (6): 565–584. link1

[ 5 ] Wu J X. Meaning and vision of mimic computing and mimic secu-rity defense [J]. Telecommunications Science, 2014, 30 (7): 1–7. Chinese. link1

[ 6 ] Jackson T, Salamat B, Homescu A, et al. Compiler-generated software diversity [M]// Jajodia S, Ghosh A K, Swarup V, et al, ed-itors. Moving target defense: creating asymmetric uncertainty for cyber threats. New York: Springer, 2011: 77–98. link1

[ 7 ] Wu J X. Mimic security defense in cyber space [J]. Secrecy Sci-ence and Technology, 2014, 10 (1): 4–9. Chinese. link1

Related Research