基于端信息自适应跳变的主动网络防御模型

刘江; 张红旗; 代向东; 王义功

doi:10.11999/JEIT150273

基于端信息自适应跳变的主动网络防御模型

doi: 10.11999/JEIT150273

基金项目:

国家863计划项目(2012AA012704)和郑州市科技领军人才项目(131PLJR644)

计量
- 文章访问数: 1475
- HTML全文浏览量: 120
- PDF下载量: 1043
- 被引次数: 0
出版历程
- 收稿日期: 2015-03-04
- 修回日期: 2015-05-25
- 刊出日期: 2015-11-19

A Proactive Network Defense Model Based on Selfadaptive End Hopping

Funds:

The National 863 Program of China (2012AA012704)

摘要

摘要: 端信息跳变是目前主动网络防御领域的研究热点之一。该文构建了固定策略下的定时隙端信息跳变模型，分析了固定跳变周期引起的防御收益下降和跳变边界数据包丢失造成的服务损失问题。提出了基于非广延熵和Sibson熵融合的实时网络异常度量算法，在此基础上设计了端信息跳变周期和跳变空间自调整策略，构建了主动网络防御模型，提高了防御收益。给出了基于网络时延预测的跳变周期拉伸策略，保证了跳变边界的服务质量。理论分析与仿真实验结果表明了所提模型在网络防御中的有效性和良好的服务性。
- 主动网络防御 /
- 端信息跳变 /
- 自适应调整
Abstract: End hopping technology is one of the hot research domains in the field of proactive network defense. An end hopping model based on fixed time slot under the fixed policy is established. The defense gains decline caused by fixed hopping period and the service loss caused by data packet loss on hopping boundary are analyzed. The real-time network anomaly assessment algorithm based on the fusion of nonextensive entropy and Sibson entropy is proposed. Then, the selfadaptive end hopping period and space policy based on the proposed algorithm are designed and the proactive network defense model is constructed which improves the defense gains. Furthermore, Hopping period stretching policy based on network delay prediction is proposed to ensure the service quality on hopping boundary. Theoretical analysis and simulation results show the effectiveness and good service of the proposed model in network defense.
- Proactive network defense /
- End hopping /
- Selfadaptive adjustment

HTML全文

参考文献(21)

Zhuang R, DeLoach S A, and Ou X. Towards a theory of moving target defense[C]. Proceedings of the First ACM Workshop on Moving Target Defense, Scottsdale, Arizona, 2014: 31-40.

Jajodia S and Sun K. MTD 2014: first ACM workshop on moving target defense[C]. Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, Arizona, 2014: 1550-1551.

Xu Jun, Guo Pin-yao, Zhao Ming-yi, et al.. Comparing different moving target defense techniques[C]. Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, Arizona, 2014: 97-107.

Wang H, Jia Q, Fleck D, et al.. A moving target DDoS defense mechanism[J]. Computer Communications, 2014, 46(3): 10-21.

Lee H C J and Thing V L L. Port hopping for resilient networks[C]. Proceedings of the 60th IEEE Vehicular Technology Conference, Washington, 2004: 3291-3295.

Atighetchi M, Pal P, Webber F, et al.. Adaptive use of network-centric mechanisms in cyber-defense[C]. Proceedings of the 6th IEEE International Symposium on Object-Oriented Real-Time Distributed Computing, Hokkaido, 2003: 183-192.

Sifalakis M, Schmid S, and Hutchison D. Network address hopping: a mechanism to enhance data protection for packet communications[C]. 2005 IEEE International Conference on Communications, Seoul, 2005: 1518-1523.

Antonatos S, Akritidis P, Markatos E P, et al.. Defending against hitlist worms using network address space randomization[J]. Computer Networks, 2007, 51(12): 3471-3490.

Badishi G, Herzberg A, and Keidar I. Keeping denial-of-service attackers in the dark[J]. IEEE Transactions on Dependable and Secure Computing, 2007, 4(3): 191-204.

Dunlop M, Groat S, Urbanski W, et al.. Mt6d: a moving target IPv6 defense[C]. The 2011 Military Communications Conference, Baltimore, Maryland, 2011: 1321-1326.

Hari K and Dohi T. Dependability modeling and analysis of random port hopping[C]. 2012 9th International Conference on Ubiquitous Intelligence Computing and 9th International Conference on Autonomic Trusted Computing, Fukuoka, 2012: 586-593.

Ellis J W. Method and system for securing data utilizing reconfigurable logic [P]. US, Patent 8127130, 2012-2-28.

Fu Z, Papatriantafilou M, and Tsigas P. Mitigating distributed denial of service attacks in multiparty applications in the presence of clock drifts[J]. IEEE Transactions on Dependable and Secure Computing, 2012, 9(3): 401-413.

石乐义, 贾春福, 吕述望. 基于端信息跳变的主动网络防护研究[J]. 通信学报, 2008, 29(2): 106-110.

Shi Le-yi, Jia Chun-fu, and L Shu-wang. Research on end hopping for active network confrontation[J]. Journal of Communications, 2008, 29(2): 106-110.

林楷, 贾春福, 石乐义. 分布式时间戳同步技术的改进[J]. 通信学报，2012, 33(10)：110-116.

Lin Kai, Jia Chun-fu, and Shi Le-yi. Improvement of distributed timestamp synchronization[J]. Journal of Communications, 2012, 33(10): 110-116.

赵春蕾. 端信息跳变系统自适应策略研究[D]. [博士论文], 南开大学, 2012.

Zhao Chun-lei. Research on adaptive strategies for end-hopping system[D]. [Ph.D. dissertation], Nankai University, 2012.

Yu S, Thapngam T, Liu J, et al.. Discriminating DDoS flows from flash crowds using information distance[C]. Proceedings of the third International Conference on Network and System Security, Piscataway, NJ, 2009: 351-356.

Cong S, Ge Y, Chen Q, et al.. DTHMM based delay modeling and prediction for networked control systems[J]. Journal of Systems Engineering and Electronics, 2010, 21(6): 1014-1024.

施引文献

资源附件(0)

访问统计