排序方式: 共有13条查询结果,搜索用时 0 毫秒
1.
2.
不同软件或执行过程通常存在不同的脆弱性,多样性技术基于该前提应用于系统的可靠性、安全性设计中,显著增强了系统的防御能力和入侵容忍能力,然而也存在系统代价高、复杂性高等不足。已有研究中出现了大量的多样性技术实现、系统设计以及相关的评估工作,覆盖范围广泛。针对主动防御领域内的多样性应用,围绕多样性应用性价比的问题,本文梳理了多样性研究中的典型工作和最新进展。首先对多样性综述研究工作进行了对比分析,讨论了多样性研究的主要内容和研究侧重点。其次对多样性概念进行了梳理,给出了时、空多样性的定义。再次,按照时空多样性的分类方法,对基于多样性的主动防御系统的架构和实现技术进行介绍,分析了时、空多样性系统的特点和实现方式。然后,对多样性度量和有效性评估方法进行了分类总结,分析了不同度量、评估方法的优势和不足。最后,提出了多样性技术的下一步研究方向。 相似文献
3.
Web服务器系统作为重要的服务承载和提供平台,面临的安全问题日益严重.已有的防御技术主要基于已知攻击方法或漏洞信息进行防御,导致难以很好地应对未知攻击的威胁,从而难以全面防护web服务器系统的安全.论文首先提出了攻击链模型,对已有技术的问题和不足进行了深入的分析.在此基础上,提出了基于“动态异构冗余”结构的拟态防御模型,并描述了拟态防御模型的防御原理和特点.基于拟态防御模型构建了拟态防御web服务器,介绍了其架构,分析了拟态原理在web服务器上的实现.安全性和性能测试结果显示拟态防御web服务器能够在较小开销的前提下,防御测试中的全部攻击类型,说明拟态防御web服务器能够有效提升系统安全性,验证了拟态防御技术的有效性和可行性.最后讨论了拟态防御技术今后的研究前景和挑战. 相似文献
4.
An effective hierarchical reliable belief propagation (HRBP) decoding algorithm is proposed according to the struc- tural characteristics of systematically constructed Gallager low-density parity-check (SCG-LDPC) codes. The novel decoding algorithm combines the layered iteration with the reliability judgment, and can greatly reduce the number of the variable nodes involved in the subsequent iteration process and accelerate the convergence rate. The result of simulation for SCG-LDPC(3969,3720) code shows that the novel HRBP decoding algorithm can greatly reduce the computing amount at the condition of ensuring the performance compared with the traditional belief propagation (BP) algorithm. The bit error rate (BER) of the HRBP algorithm is considerable at the threshold value of 15, but in the sub- sequent iteration process, the number of the variable nodes for the HRBP algorithm can be reduced by about 70% at the high signal-to-noise ratio (SNR) compared with the BP algorithm. When the threshold value is further increased, the HRBP algorithm will gradually degenerate into the layered-BP algorithm, but at the BER of 10-7 and the maximal iteration number of 30, the net coding gain (NCG) of the HRBP algorithm is 0.2 dB more than that of the BP algo- rithm, and the average iteration times can be reduced by about 40% at the high SNR. Therefore, the novel HRBP de- coding algorithm is more suitable for optical communication systems. 相似文献
5.
A novel QC-LDPC code based on the finite field multiplicative group for optical communications 总被引:1,自引:0,他引:1
A novel construction method of quasi-cyclic low-density parity-check(QC-LDPC) code is proposed based on the finite field multiplicative group,which has easier construction,more flexible code-length code-rate adjustment and lower encoding/decoding complexity.Moreover,a regular QC-LDPC(5334,4962) code is constructed.The simulation results show that the constructed QC-LDPC(5334,4962) code can gain better error correction performance under the condition of the additive white Gaussian noise(AWGN) channel with iterative decoding sum-product algorithm(SPA).At the bit error rate(BER) of 10-6,the net coding gain(NCG) of the constructed QC-LDPC(5334,4962) code is 1.8 dB,0.9 dB and 0.2 dB more than that of the classic RS(255,239) code in ITU-T G.975,the LDPC(32640,30592) code in ITU-T G.975.1 and the SCG-LDPC(3969,3720) code constructed by the random method,respectively.So it is more suitable for optical communication systems. 相似文献
6.
7.
8.
近年来,以内生安全为主要技术机制的多变体系统在防御零日漏洞攻击中表现出了巨大的潜力.但是现有研究很少涉及多样性和安全性之间的量化评估.对此,提出面向多变体系统的执行体多样性度量方法,该方法通过执行体属性和属性类型构建执行体属性矩阵,结合属性多样性和局部多样性综合评估执行体集的空间多样性,并针对矩阵参数及其多样性权重进行分析以达到系统最大多样化.构建了一个典型的多变体系统及零日攻击模型来评估该指标的有效性,评估结果表明,该多样性度量方法能有效衡量多变体系统中执行体间的异构性,并根据执行体异构性和系统攻击成功率的关系,间接评估出多变体系统的整体安全性.根据结论,该方法为构建更加多样化和安全的系统方面提供了一些指导. 相似文献
9.
A novel construction method of the check matrix for the regular low density parity check (LDPC) code is proposed. The novel regular systematically constructed Gallager (SCG)-LDPC(3969,3720) code with the code rate of 93.7% and the redundancy of 6.69% is constructed. The simulation results show that the net coding gain (NCG) and the distance from the Shannon limit of the novel SCG-LDPC(3969,3720) code can respectively be improved by about 1.93 dB and 0.98 dB at the bit error rate (BER) of 10-8, compared with those of the classic RS(255,239) code in ITU-T G.975 recommendation and the LDPC(32640,30592) code in ITU-T G.975.1 recommendation with the same code rate of 93.7% and the same redundancy of 6.69%. Therefore, the proposed novel regular SCG-LDPC(3969,3720) code has excellent performance, and is more suitable for high-speed long-haul optical transmission systems. 相似文献
10.
网络功能虚拟化(NFV)为服务链构建带来了灵活性与动态性,然而,软件化与虚拟化环境可能存在软件漏洞、后门等安全风险,对服务链(SC)的安全产生影响。为此,该文提出一种服务链上虚拟网络功能(VNF)调度方法。首先,为虚拟网络功能构建异构镜像池,避免利用共模漏洞的大范围攻击;随后,以特定周期选择服务链虚拟网络功能进行调度,加载异构镜像对该网络功能的执行实体进行替换;最后,考虑调度对网络功能性能的影响,应用斯坦科尔伯格博弈对攻防过程建模,以最优化防御者收益为目标求解服务链上各网络功能的调度概率。实验表明,该方法能够降低攻击者攻击成功率,同时将调度产生的开销控制在可接受范围内。 相似文献