PDF(297 KB)
Applying a Combination of Mimic Defense and Software Diversity in the Software Security Industry
Jianmin Pang, Yujia Zhang, Zheng Zhang, Jiangxing Wu
Strategic Study of CAE ›› 2016, Vol. 18 ›› Issue (6) : 74-78.
PDF(297 KB)
PDF(297 KB)
Applying a Combination of Mimic Defense and Software Diversity in the Software Security Industry
With the development of the Internet, the process of computer software globalization continues to push forward. For widely used software, anidentical binary code is installed on millions of computers; sometimes even hundreds of millions. This makes widespread exploitation easy and attractive for an attacker because the same attack vector is likely to succeed on a large number of targets. Traditional software security methods can only counter the threat temporarily, and cannot eliminate essential vulnerabilities. This paper proposes a scheme of combining software diversity with mimic defense in the software security industry.
software diversity / mimic defense / software security product
| [1] |
中国互联网络信息中心. 第38次中国互联网络发展状况统计报告 [EB/OL]. (2016-08-03)[2016-10-08]. http://www.cnnic.net.cn/hlwfzyj/hlwxzbg/hlwtjbg/201608/t20160803_54392.htm.
|
| [2] |
Symantec Corporation. Internet security threat report 2016 [R/OL]. (2016-04-01) [2016-10-08].
|
| [3] |
倪光南. 信息安全“本质”是自主可控[J]. 中国经济和信息化, 2013(5):18–19.
|
| [4] |
Cohen F B. Operating system protection through program evolu-分发器A B表决器用户输入程序输出C图 2 基于拟态防御的设计框架078专题研究 拟态防御技术结合软件多样化在软件安全产业中的应用tion [J]. Computers & Security, 1993, 12(6): 565–584.
|
| [5] |
邬江兴. 专题导读——拟态计算与拟态安全防御的原意和愿景[J]. 电信科学, 2014, 30(7): 1–7.
|
| [6] |
Jackson T, Salamat B, Homescu A, et al. Compiler-generated soft-ware diversity[M]//Jajodia S, Ghosh A K, Swarup V, et al. Moving Target Defense. New York: Springer, 2011: 77–98.
|
| [7] |
邬江兴. 网络空间拟态安全防御[J]. 保密科学技术, 2014, 10(1): 4–9.
|
/
| 〈 |
|
〉 |
AI Summary
