PDF(2489 KB)
从自卫到护卫:新时期网络安全保障体系构建与发展建议
田志宏, 方滨兴, 廖清, 孙彦斌, 王晔, 杨旭, 冯纪元
中国工程科学 ›› 2023, Vol. 25 ›› Issue (6) : 96-105.
PDF(2489 KB)
PDF(2489 KB)
从自卫到护卫:新时期网络安全保障体系构建与发展建议
Cybersecurity Assurance System in the New Era and Development Suggestions Thereof: From Self-Defense to Guard
随着网络攻防技术的快速发展,网络安全保障体系面临诸多挑战,研究新型网络安全保障体系成为推进我国信息化发展的迫切需要,对进一步提升网络安全性、可用性具有重要意义。本文梳理了我国以“自卫模式”为主的网络安全保障体系的运行现状;分析了当前体系面临的“捕不全”“拦不住”“看不清”和“抓不住”四大安全问题;提出了以近身蜜点、前置蜜庭、网关蜜阵、外溢蜜洞的“四蜜”威胁感知体系为代表的“护卫模式”网络安全保障体系,包括纵深威胁感知的蜜点技术、攻击观测和判别的蜜庭技术、协同联动的蜜阵技术和网络威慑与攻击绘制的蜜洞技术等重点发展的技术任务,以及“蜜点”加持的网络安全保险产业任务。研究建议,探索“护卫模式”网络安全保障机制,全面提升国家网络安全防护水平;探索“护卫模式”安全防护技术研究和应用,实现新旧安全防护技术的融合统一;探索面向“护卫模式”的网络安全人才培养新模式,培育创新实践型网络人才,为新时期我国网络安全保障体系研究提供参考。
The rapid development of network attack and defense technologies has posed various challenges to current cybersecurity assurance systems. Therefore, studying a new cybersecurity assurance system has become an urgent need to promote the development of information technologies and is of strategic significance for strengthening the network security and availability in China. This study summarizes the operation status of and major security challenges faced by China’s current cybersecurity guarantee system that features a self-defense mode. A cybersecurity guarantee system based on a guard mode and its key technical tasks are proposed. Specifically, the tasks include honey point technology based on deep threat perception, honey court technology based on attack observation and discrimination, honey matrix technology based on collaborative linkage, and honey hole technology based on attack deterrence and mapping. Furthermore, we propose the following suggestions: (1) exploring the cybersecurity assurance mechanisms based on the guard mode to comprehensively improving the cybersecurity protection level of China; (2) exploring the research and application of security protection technologies based on the guard mode and achieving the integration of existing and new security protection technologies; (3) exploring a new talent-training model to cultivate innovative and practical professionals in the cybersecurity field.
网络安全 / 保障体系 / 威胁攻击 / 主动防御 / 护卫模式
cybersecurity / assurance system / threat / active defense / guard mode
| [1] |
贾焰, 方滨兴, 李爱平, 等. 基于人工智能的网络空间安全防御战略研究 [J]. 中国工程科学, 2021, 23(3): 98‒105.
|
| [2] |
Wu J X. Cyberspace endogenous safety and security [J]. Engineering, 2022, 15: 179‒185.
|
| [3] |
方滨兴, 时金桥, 王忠儒, 等. 人工智能赋能网络攻击的安全威胁及应对策略 [J]. 中国工程科学, 2021, 23(3): 60‒66.
|
| [4] |
王秋华, 吴国华, 魏东晓, 等. 工业互联网安全产业发展态势及路径研究 [J]. 中国工程科学, 2021, 23(2): 46‒55.
|
| [5] |
Jiang Z M, Tang Z F, Zhang P, et al. Programmable adaptive security scanning for networked microgrids [J]. Engineering, 2021, 7(8): 1087‒1100.
|
| [6] |
马娟, 于广琛, 柯皓仁, 等. 工业互联网设备的网络安全管理与防护研究 [J]. 中国工程科学, 2021, 23(2): 81‒87.
|
| [7] |
安天研究院. 美国网络空间攻击与主动防御能力解析——美国网络空间安全主动防御体系 [J]. 网信军民融合, 2018 (2): 50‒51.
|
| [8] |
Bertino E. Zero trust architecture: Does it help? [J]. IEEE Security & Privacy, 2021, 19(5): 95‒96.
|
| [9] |
He Y H, Huang D C, Chen L, et al. A survey on zero trust architecture: Challenges and future trends [J]. Wireless Communications and Mobile Computing, 2022, 2022: 6476274.
|
| [10] |
斯雪明, 王伟, 曾俊杰, 等. 拟态防御基础理论研究综述 [J]. 中国工程科学, 2016, 18(6): 62‒68.
|
| [11] |
罗兴国, 仝青, 张铮, 等. 拟态防御技术 [J]. 中国工程科学, 2016, 18(6): 69‒73.
|
| [12] |
Wang Y W, Wu J X, Guo Y F, et al. Scientific workflow execution system based on mimic defense in the cloud environment [J]. Frontiers of Information Technology & Electronic Engineering, 2018, 19(12): 1522‒1536.
|
| [13] |
Sepczuk M. Dynamic web application firewall detection supported by cyber mimic defense approach [J]. Journal of Network and Computer Applications, 2023, 213: 103596.
|
| [14] |
Srinivasa S, Pedersen J M, Vasilomanolakis E. Towards systematic honeytoken fingerprinting [C]. Merkez: The 13th International Conference on Security of Information and Networks, 2020.
|
| [15] |
Zhang L, Thing V L L. Three decades of deception techniques in active cyber defense: retrospect and outlook [J]. Computers & Security, 2021, 106: 102288.
|
| [16] |
Osman A, Bruckner P, Salah H, et al. Sandnet: Towards high quality of deception in container-based microservice architectures [C]. Shanghai: IEEE International Conference on Communications, 2019.
|
| [17] |
Qin X S, Jiang F, Cen M C, et al. Hybrid cyber defense strategies using honey-X: A survey [J]. Computer Networks, 2023, 230: 109776.
|
| [18] |
Rauti S. A survey on countermeasures against man-in-the-browser attacks [C]. Bhopal: 19th International Conference on Hybrid Intelligent Systems, 2019.
|
| [19] |
Amouei M, Rezvani M, Fateh M. RAT: Reinforcement-learning-driven and adaptive testing for vulnerability discovery in web application firewalls [J]. IEEE Transactions on Dependable and Secure Computing, 2022, 19(5): 3371‒3386.
|
| [20] |
Takahashi H, Ahmad H F, Mori K. Application for autonomous decentralized multi layers cache system to web application firewall [C]. Tokyo: The Tenth International Symposium on Autonomous Decentralized Systems, 2011.
|
| [21] |
李雪, 唐文, 张华. 一种新的Web应用防火墙的自学习模型 [J]. 小型微型计算机系统, 2014, 35(3): 483‒487.
|
| [22] |
李莉, 翟征德. 一种基于Web应用防火墙的主动安全加固方案 [J]. 计算机工程与应用, 2011, 47(25): 104‒106.
|
| [23] |
Bayazeed A, Khorzom K, Aljnidi M. A survey of self-coordination in self-organizing network [J]. Computer Networks, 2021, 196: 108222.
|
| [24] |
王瑶, 艾中良, 张先国. 基于蜜标和蜜罐的追踪溯源技术研究与实现 [J]. 信息技术, 2018 (3): 108‒112.
|
| [25] |
Zhao S Q, Lu Z, Wang C. Measurement integrity attacks against network tomography: Feasibility and defense [J]. IEEE Transactions on Dependable and Secure Computing, 2021, 18(6): 2617‒2630.
|
| [26] |
姜建国, 王继志, 孔斌, 等. 网络攻击源追踪技术研究综述 [J]. 信息安全学报, 2018, 3(1): 111‒131.
|
/
| 〈 |
|
〉 |
