首页 | 本学科首页   官方微博 | 高级检索  
     

多变体执行安全防御技术研究综述
引用本文:姚东,张铮,张高斐,刘浩,潘传幸,邬江兴. 多变体执行安全防御技术研究综述[J]. 信息安全学报, 2020, 5(5): 77-94
作者姓名:姚东  张铮  张高斐  刘浩  潘传幸  邬江兴
作者单位:数学工程与先进计算国家重点实验室 郑州 中国 450001,数学工程与先进计算国家重点实验室 郑州 中国 450001,数学工程与先进计算国家重点实验室 郑州 中国 450001,数学工程与先进计算国家重点实验室 郑州 中国 450001,数学工程与先进计算国家重点实验室 郑州 中国 450001,国家数字交换系统工程技术研究中心 郑州 中国 450002
基金项目:本课题得到国家重点研发计划网络空间安全专项(No.2018YFB0804003,No.2017YFB0803204)资助。
摘    要:软件和信息系统的高速发展在给人们生活带来诸多便利的同时,也让更多的安全风险来到了我们身边,不法分子可以很方便的利用无处不在的网络和越来越自动化、低门槛的攻击技术去获得非法利益。面对这种现状,传统被动式的安全防御已显得力不从心,更高的防御需求,促进了安全领域不断研究新的主动防御技术。这其中,基于攻击面随机化扰动的移动目标防御技术和基于异构冗余思想的多变体执行架构技术受到了广泛的关注,被认为是有可能改变网络空间游戏规则的安全技术,有望改变攻防双方不平衡的地位。本文对近年来多变体执行架构技术在安全防御方面的研究工作进行归纳总结,梳理了该方向的关键技术及评价体系。在此基础上,分析了多变体执行架构在安全防御方面的有效性,最后指出多变体执行架构技术当前面临的挑战与未来的研究方向。

关 键 词:多变体执行  安全防御
收稿时间:2019-09-12
修稿时间:2020-02-01

A Survey on Multi-Variant Execution Security Defense Technology
YAO Dong,ZHANG Zheng,ZHANG Gaofei,LIU Hao,PAN Chuanxing and WU Jiangxing. A Survey on Multi-Variant Execution Security Defense Technology[J]. Journal of Cyber Security, 2020, 5(5): 77-94
Authors:YAO Dong  ZHANG Zheng  ZHANG Gaofei  LIU Hao  PAN Chuanxing  WU Jiangxing
Affiliation:State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, China,State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, China,State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, China,State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, China,State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, China and National Digital Switching System Engineering&Technological R&D Center, Zhengzhou 450002, China
Abstract:The rapid development of software and information systems has brought many conveniences to people''s lives, and at the same time, more security risks have come to us. Lawless elements can easily exploit ubiquitous networks and increasingly automated, low-threshold attack techniques to gain illicit benefits. Faced with this situation, the traditional passive security defense has become incapable, and the higher defense demand has promoted the continuous research of new active defense technologies in the security field. Among them, the moving target defense technology based on attack surface randomization perturbation and the multi-variant execution architecture technology based on heterogeneous redundancy idea have received extensive attention, and it is considered to be a security technology that may change the rules of cyberspace games, and is expected to change the offensive and defensive positions. This paper summarizes the research work of multi-variant execution architecture technology in security defense in recent years, and combs the key technology and evaluation system in this direction. On this basis, the effectiveness of multi-variant execution architecture in security defense is analyzed. Finally, we pointed out the current challenges and future research directions of multi-variant implementation architecture technology.
Keywords:multi-variant execution  security defense
点击此处可从《信息安全学报》浏览原始摘要信息
点击此处可从《信息安全学报》下载免费的PDF全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号