Please wait a minute...
FITEE
Front. Inform. Technol. Electron. Eng.  2016, Vol. 17 Issue (11): 1122-1153    DOI: 10.1631/FITEE.1601321
    
移动目标防御:现状及特征
Gui-lin CAI, Bao-sheng WANG, Wei HU, Tian-zuo WANG
College of Computer, National University of Defense Technology, Changsha 410073, China
Moving target defense: state of the art and characteristics
Gui-lin CAI, Bao-sheng WANG, Wei HU, Tian-zuo WANG
College of Computer, National University of Defense Technology, Changsha 410073, China
 全文: PDF 
摘要: 概要:易攻难守是当前网络安全研究面临的核心问题,而移动目标防御(Moving target defense, MTD)为解决这一问题提供了一种全新思路。当前已有涉及MTD多个方面的大量研究被提出。然而,目前尚缺乏对MTD的综合性分析和研究。本文的主要目的是对该研究领域的已有成果进行系统性的介绍、分类和总结。我们首先提出了一个新的安全模型来描述MTD的引入对传统防御模式和安全模型的影响,同时还提出了一个功能和移动模型,为从不同方面理解已有的MTD研究提供了一个全新的视角。然后,我们分别对MTD的三个子领域(MTD机理研究、MTD策略研究、MTD评估研究)中的大量文献进行详细描述,以展示MTD领域的发展现状。尤其是在MTD策略子领域,我们对一些能保证这些策略正常有效运行的共有特征进行了识别和提取,并总结了创建这些特征的方式和方法。我们还依据MTD策略的特定目标将已有研究分为三种类型,并总结了创建每种类型策略的充要条件,这些充要条件是前面所总结的特征中的一个或多个。最后,我们对该领域的未来研究方向进行了探讨。
关键词: 移动目标防御安全模型功能和移动模型特征    
Abstract: Moving target defense (MTD) has emerged as one of the game-changing themes to alter the asymmetric situation between attacks and defenses in cyber-security. Numerous related works involving several facets of MTD have been published. However, comprehensive analyses and research on MTD are still absent. In this paper, we present a survey on MTD technologies to scientifically and systematically introduce, categorize, and summarize the existing research works in this field. First, a new security model is introduced to describe the changes in the traditional defense paradigm and security model caused by the introduction of MTD. A function-and-movement model is provided to give a panoramic overview on different perspectives for understanding the existing MTD research works. Then a systematic interpretation of published literature is presented to describe the state of the art of the three main areas in the MTD field, namely, MTD theory, MTD strategy, and MTD evaluation. Specifically, in the area of MTD strategy, the common characteristics shared by the MTD strategies to improve system security and effectiveness are identified and extrapolated. Thereafter, the methods to implement these characteristics are concluded. Moreover, the MTD strategies are classified into three types according to their specific goals, and the necessary and sufficient conditions of each type to create effective MTD strategies are then summarized, which are typically one or more of the aforementioned characteristics. Finally, we provide a number of observations for the future direction in this field, which can be helpful for subsequent researchers.
Key words: Moving target defense    Security model    Function-and-movement model    Characteristics
收稿日期: 2016-06-11 出版日期: 2016-11-07
CLC:  TP393  
服务  
把本文推荐给朋友
加入引用管理器
E-mail Alert
RSS
作者相关文章  
Gui-lin CAI
Bao-sheng WANG
Wei HU
Tian-zuo WANG

引用本文:

Gui-lin CAI, Bao-sheng WANG, Wei HU, Tian-zuo WANG. Moving target defense: state of the art and characteristics. Front. Inform. Technol. Electron. Eng., 2016, 17(11): 1122-1153.

链接本文:

http://www.zjujournals.com/xueshu/fitee/CN/10.1631/FITEE.1601321        http://www.zjujournals.com/xueshu/fitee/CN/Y2016/V17/I11/1122

[1] Rong-Feng Zhang , Ting Deng , Gui-Hong Wang , Jing-Lun Shi , Quan-Sheng Guan . 基于可靠特征点分配算法的鲁棒性跟踪框架[J]. Frontiers of Information Technology & Electronic Engineering, 2017, 18(4): 545-558.
[2] Shahab Pourtalebi, Imre Horváth. 用于定义系统表现特征的基因型与表型仓库数据库的信息图式构造方法[J]. Front. Inform. Technol. Electron. Eng., 2016, 17(9): 862-884.
[3] Guang-hui Song, Xiao-gang Jin, Gen-lang Chen, Yan Nie. 基于两级层次特征学习的图像分类方法[J]. Front. Inform. Technol. Electron. Eng., 2016, 17(9): 897-906.
[4] Xiao-hu Ma, Meng Yang, Zhao Zhang. 局部不相关的局部判别嵌入人脸识别算法[J]. Front. Inform. Technol. Electron. Eng., 2016, 17(3): 212-223.
[5] Yong Ding, Nan Li, Yang Zhao, Kai Huang. 基于核空间非线性特征提取的图像质量评价方法[J]. Front. Inform. Technol. Electron. Eng., 2016, 17(10): 1008-1017.
[6] Hong Yin, Shu-qiang Yang, Xiao-qian Zhu, Shao-dong Ma, Lu-min Zhang. 基于趋势特征的时间序列符号化方法[J]. Front. Inform. Technol. Electron. Eng., 2015, 16(9): 744-758.
[7] Zheng-wei Huang, Wen-tao Xue, Qi-rong Mao. 基于无监督特征学习的语音情感识别方法[J]. Front. Inform. Technol. Electron. Eng., 2015, 16(5): 358-366.
[8] Rong Zou, Zhen-ying Xu, Jin-yang Li, Fu-qiang Zhou. 铁路货车闸瓦钎故障的实时监控[J]. Front. Inform. Technol. Electron. Eng., 2015, 16(3): 191-204.
[9] Wei Lu, Zhi-yu Xiang, Ji-lin Liu. 基于在线建立与匹配压缩全景路标的增强型视觉里程计[J]. Front. Inform. Technol. Electron. Eng., 2015, 16(2): 152-165.
[10] Yong-wei Miao, Fei-xia Hu, Min-yan Chen, Zhen Liu, Hua-hao Shou. 视觉显著性引导的特征敏感形状简化[J]. Front. Inform. Technol. Electron. Eng., 2014, 15(9): 744-753.
[11] Feng-fei Zhao, Zheng Qin, Zhuo Shao, Jun Fang, Bo-yan Ren. 用于在线值函数近似的贪婪特征替换方法[J]. Front. Inform. Technol. Electron. Eng., 2014, 15(3): 223-231.
[12] Li Chen, Ying-chun Yang, Zhao-hui Wu. 用于情感说话人识别的精细失真特征检测与修正[J]. Front. Inform. Technol. Electron. Eng., 2014, 15(10): 903-916.