Please wait a minute...
浙江大学学报(工学版)
浙江大学学报(工学版)  2025, Vol. 59 Issue (10): 2195-2204    DOI: 10.3785/j.issn.1008-973X.2025.10.020
信息与通信工程     
分布式拟态裁决模型与架构设计
余新胜1(),罗论涵1,张帆2,张波3,朱丹江1,解维1
1. 中国电子科技集团公司第三十二研究所,上海 201808
2. 国家数字交换系统工程技术研究中心,河南 郑州 450002
3. 中国电力科学研究院有限公司,北京 100192
Distributed mimic decision model and framework design
Xinsheng YU1(),Lunhan LUO1,Fan ZHANG2,Bo ZHANG3,Danjiang ZHU1,Wei XIE1
1. The 32nd Research Institute of China Electronics Technology Group Corporation, Shanghai 201808, China
2. National Digital Switching System Engineering & Technological R&D Center, Zhengzhou 450002, China
3. China Electric Power Research Institute, Beijing 100192, China
 全文: PDF(1001 KB)   HTML
摘要:

单裁决器拟态防御架构根据执行体数量预设裁决算法,导致执行体数量无法弹性伸缩,为此提出分布式拟态裁决模型,将执行体值裁决转变为多层级联逻辑运算的拓扑结构规划问题. 所提模型支持自定义数量的执行体与故障容许度,动态调整逻辑运算级联拓扑,解耦执行体数量与裁决算法的强一致性关系,移除根据执行体数量预设裁决算法的前提条件. 设计针对高安全、高鲁棒系统的分布式拟态裁决架构,定量分析执行体数量、容许度与级联逻辑运算迭代层数的关系. 在仿真实验中,对比单裁决器拟态裁决架构、经典三模冗余投票模型、分布式拟态裁决架构的裁决能力与裁决效率. 验证结果表明,分布式拟态裁决架构的裁决效率高,具有灵活的扩展性.
关键词: 拟态防御单裁决器分布式拟态裁决三模冗余投票模型级联拓扑故障容许度    
Abstract:

A mimic defense framework with a single decision unit presupposes decision algorithms based on the number of executors, which makes the number of executors unadjustable. A distributed mimic decision model was proposed, transforming the design of the output values comparing algorithm into the multi-hierarchy linked logic arithmetic topology planning. Any number of executors or fault-tolerance executor customization was supported, and the cascading topology of the logic arithmetic was adjusted dynamically. The imposed consistency between the number of executors and the decision algorithm was decoupled, and the prerequisite of the decision algorithm according to the number of executors was removed. A distributed mimic decision framework for high-security systems and high-robustness systems was designed, and the relationship between the number of executors, the tolerance and the number of iterative layers of cascading topology was quantitatively analyzed. In the simulation experiments, the capability and efficiency were compared among a mimic decision framework with a single unit, a classical triple modular redundancy voting model and the distributed mimic decision framework. Results show that the distributed mimic decision framework is efficient in decision-making and has flexible scalability.
Key words: mimic defense    single decision unit    distributed mimic decision    triple modular redundancy voting model    cascading topology    fault tolerance
收稿日期: 2024-09-13 出版日期: 2025-10-27
CLC:  TN 915.08  
基金资助: 国家重点研发计划资助项目(2022YFB3104300).
作者简介: 余新胜(1979—),男,研究员,硕士,从事网络安全与先进计算架构研究. orcid.org/0009-0009-4692-5803. E-mail:yuxsheng_23@163.com
服务  
把本文推荐给朋友
加入引用管理器
E-mail Alert
作者相关文章  
余新胜
罗论涵
张帆
张波
朱丹江
解维

引用本文:

余新胜,罗论涵,张帆,张波,朱丹江,解维. 分布式拟态裁决模型与架构设计[J]. 浙江大学学报(工学版), 2025, 59(10): 2195-2204.

Xinsheng YU,Lunhan LUO,Fan ZHANG,Bo ZHANG,Danjiang ZHU,Wei XIE. Distributed mimic decision model and framework design. Journal of ZheJiang University (Engineering Science), 2025, 59(10): 2195-2204.

链接本文:

https://www.zjujournals.com/eng/CN/10.3785/j.issn.1008-973X.2025.10.020        https://www.zjujournals.com/eng/CN/Y2025/V59/I10/2195

图 1  N模裁决模型
图 2  N–1模裁决模型
图 3  经典三模冗余投票模型
A,B,CA&BA&CB&CAB|AC|BC
1,1,11111
1,1,01001
1,0,10101
0,1,10011
1,0,00000
表 1  经典三模冗余投票模型取值
图 4  分布式拟态裁决模型
图 5  四冗余的高安全信息系统的拟态裁决架构
图 6  四冗余信息系统裁决器的裁决内容
图 7  裁决层2的级联拓扑架构
图 8  改进裁决层2运算效率的级联拓扑架构
图 9  裁决层2逻辑运算判定单元(四冗余、故障容许度为1的信息系统)
图 10  裁决层2逻辑运算判定单元(n冗余、故障容许度为r的信息系统)
图 11  高鲁棒信息系统的拟态裁决架构(四冗余、故障容许度为1的信息系统)
图 12  不同拟态裁决架构的示意图(三冗余、故障容许度为0的信息系统)
图 13  不同拟态裁决架构的裁决间隔(三冗余、故障容许度为0的信息系统)
架构裁决结果
第1组第2组第3组第4组第5组
单裁决器安全风险风险风险风险
三模投票安全风险风险风险风险
高安全裁决安全风险风险风险风险
表 2  不同拟态裁决架构的裁决结果(三冗余、故障容许度为0的信息系统)
图 14  不同拟态裁决架构的示意图(四冗余、故障容许度为1的信息系统)
图 15  不同拟态裁决架构的裁决间隔(四冗余、故障容许度为1的信息系统)
架构裁决结果
第1组第2组第3组第4组第5组
单裁决器安全安全安全风险风险
高安全裁决安全安全安全风险风险
表 3  不同拟态裁决架构的裁决结果(四冗余、故障容许度为1的信息系统)
图 16  不同拟态裁决架构的裁决间隔(五冗余、故障容许度为2的信息系统)
nrt/μs
52130
61160
72201
83240
94260
101276
152281
203296
表 4  分布式拟态裁决架构的裁决间隔(n执行体、r容许度的信息系统)
1 邬江兴 网络空间拟态安全防御[J]. 保密科学技术, 2014, (10): 4- 9
WU Jiangxing Cyber mimic defense[J]. Secrecy Science and Technology, 2014, (10): 4- 9
2 罗兴国, 仝青, 张铮, 等 拟态防御技术[J]. 中国工程科学, 2016, 18 (6): 69- 73
LUO Xingguo, TONG Qing, ZHANG Zheng, et al Mimic defense technology[J]. Strategic Study of CAE, 2016, 18 (6): 69- 73
doi: 10.15302/J-SSCAE-2016.06.014
3 邬江兴 网络空间拟态防御研究[J]. 信息安全学报, 2016, 1 (4): 1- 10
WU Jiangxing Research on cyber mimic defense[J]. Journal of Cyber Security, 2016, 1 (4): 1- 10
4 仝青, 张铮, 邬江兴 基于软硬件多样性的主动防御技术[J]. 信息安全学报, 2017, 2 (1): 1- 12
TONG Qing, ZHANG Zheng, WU Jiangxing The active defense technology based on the software/hardware diversity[J]. Journal of Cyber Security, 2017, 2 (1): 1- 12
5 LEVITIN G Optimal structure of fault-tolerant software systems[J]. Reliability Engineering and System Safety, 2005, 89 (3): 286- 295
doi: 10.1016/j.ress.2004.09.001
6 LATIF-SHABGAHI G, BENNETT S. Adaptive majority voter: a novel voting algorithm for real-time fault-tolerant control systems [C]// Proceedings 25th EUROMICRO Conference. Milan: IEEE, 1999: 113–120.
7 CONITZER V, SANDHOLM T. Common voting rules as maximum likelihood estimators [C]// Proceedings of the Twenty-First Conference on Uncertainty in Artificial Intelligence. Edinburgh: ACM, 2005: 145–152.
8 杨晓晗, 程国振, 刘文彦, 等 基于深度学习的拟态裁决方法研究[J]. 通信学报, 2024, 45 (2): 79- 89
YANG Xiaohan, CHENG Guozhen, LIU Wenyan, et al Research on mimic decision method based on deep learning[J]. Journal on Communications, 2024, 45 (2): 79- 89
doi: 10.11959/j.issn.1000-436x.2024047
9 高振斌, 贾广瑞, 张文建, 等 基于异常值的拟态裁决优化方法[J]. 计算机应用研究, 2021, 38 (7): 2066- 2071
GAO Zhenbin, JIA Guangrui, ZHANG Wenjian, et al Mimic ruling optimization method based on executive outliers[J]. Application Research of Computers, 2021, 38 (7): 2066- 2071
10 LATIF-SHABGAHI G, BASS J M, BENNETT S. History-based weighted average voter: a novel software voting algorithm for fault-tolerant computer systems [C]// Proceedings Ninth Euromicro Workshop on Parallel and Distributed Processing. Mantova: IEEE, 2001: 402–409.
11 武兆琪, 张帆, 郭威, 等 一种基于执行体异构度的拟态裁决优化方法[J]. 计算机工程, 2020, 46 (5): 12- 18
WU Zhaoqi, ZHANG Fan, GUO Wei, et al A mimic arbitration optimization method based on heterogeneous degree of executors[J]. Computer Engineering, 2020, 46 (5): 12- 18
12 宋克, 欧阳玲, 张文建, 等 一种软硬件协同的拟态调度裁决器设计方法[J]. 信息工程大学学报, 2020, 21 (5): 593- 600
SONG Ke, OUYANG Ling, ZHANG Wenjian, et al Design method of mimic scheduling adjudicator based on hardware and software collaboration[J]. Journal of Information Engineering University, 2020, 21 (5): 593- 600
13 普黎明, 柏溢, 游伟, 等 面向拟态云服务的异构执行体输出裁决方法[J]. 信息工程大学学报, 2020, 21 (3): 344- 351
PU Liming, BAI Yi, YOU Wei, et al Heterogeneous executors output decision method for mimic cloud service[J]. Journal of Information Engineering University, 2020, 21 (3): 344- 351
doi: 10.3969/j.issn.1671-0673.2020.03.015
14 FAZLALI M, MOAZEZI-EFTEKHAR S, DEHSHIBI M M, et al. Raft consensus algorithm: an effective substitute for Paxos in high throughput P2P-based systems [EB/OL]. (2019–11–04)[2024–08–01]. https://arxiv.org/pdf/1911.01231.
15 DHARMAWARDENA P K, WANG Z Cluster head selection based routing protocol for VANET using bully algorithm and Lamport timestamp[J]. International Journal of Computer Theory and Engineering, 2017, 9 (3): 218- 222
doi: 10.7763/IJCTE.2017.V9.1141
16 RAMANI S, JHAVERI R H ML-based delay attack detection and isolation for fault-tolerant software-defined industrial networks[J]. Sensors, 2022, 22 (18): 6958
doi: 10.3390/s22186958
17 KOTACHI S, SATO T, SHINKUMA R, et al. Fault-tolerant controller placement model by distributing switch load among multiple controllers in software-defined network [J]. IEICE Transactions on Communications, 2022, E105. B(5): 533–544.
18 NODA S, SATO T, OKI E. Fault-tolerant controller placement model based on load-dependent sojourn time in software-defined network [C]// Proceedings of the IEEE 8th International Conference on Network Softwarization. Milan: IEEE, 2022: 393–401.
19 KILLI B P R, RAO S V Towards improving resilience of controller placement with minimum backup capacity in software defined networks[J]. Computer Networks, 2019, 149: 102- 114
doi: 10.1016/j.comnet.2018.11.027
20 SRIDHARAN V, GURUSAMY M, TRUONG-HUU T On multiple controller mapping in software defined networks with resilience constraints[J]. IEEE Communications Letters, 2017, 21 (8): 1763- 1766
doi: 10.1109/LCOMM.2017.2696006
No related articles found!