基于脆弱性变换的网络动态防御有效性分析方法
|
摘要
有效性分析对合理制订最优网络动态防御策略至关重要.首先利用随机抽样模型从脆弱性变换角度给出入侵成功概率计算公式,用于刻画变换空间、变换周期及脆弱性数量对网络入侵过程的影响;然后针对单、多脆弱性变换两种情况,分别给出相应的入侵成功概率极限定理并予以证明,同时给出两种情况下的最优变换空间计算方法;仿真结果表明,增大单条入侵路径上依次攻击的脆弱性数量、减小变换周期可持续提高网络动态防御有效性,而增大变换空间初始可以提升网络动态防御有效性,但是由于入侵成功概率会随变换空间的持续增大而逐渐收敛,在入侵成功概率收敛时,有效性无法持续提高.
Effectiveness analysis is critical for making optimal network dynamic defense( NDD) strategies. Firstly,the attack success probability formula is derived by constructing the random sampling model from the perspective of vulnerability mutation,which can depict the influence caused by the mutation space,the mutation period and the number of vulnerabilities on the process of network attack. Then,two limit theorems of attack success probability are given and proved in single and multiple vulnerabilities cases respectively,and the calculating methods of optimal mutation space are given according to the two theorems. The simulation results showthat the NDD's effectiveness improves with the mutation period reducing and the number of vulnerability attacked successively on a single attack path growing,meanwhile,although enlarging the mutation space is beneficial to improving the NDD's effectiveness in the beginning,the attack success probability would converge with the persistent enlargement of mutation space,which limits the continuous improvement of NDD's effectiveness.
Effectiveness analysis is critical for making optimal network dynamic defense( NDD) strategies. Firstly,the attack success probability formula is derived by constructing the random sampling model from the perspective of vulnerability mutation,which can depict the influence caused by the mutation space,the mutation period and the number of vulnerabilities on the process of network attack. Then,two limit theorems of attack success probability are given and proved in single and multiple vulnerabilities cases respectively,and the calculating methods of optimal mutation space are given according to the two theorems. The simulation results showthat the NDD's effectiveness improves with the mutation period reducing and the number of vulnerability attacked successively on a single attack path growing,meanwhile,although enlarging the mutation space is beneficial to improving the NDD's effectiveness in the beginning,the attack success probability would converge with the persistent enlargement of mutation space,which limits the continuous improvement of NDD's effectiveness.
引文
[1]蔡桂林,王宝生,王天佐,等.移动目标防御技术研究进展[J].计算机研究与发展,2016,53(5):968-987.CAI Gui-lin,WANG Bao-sheng,WANG Tian-zuo,et al.Research and development of moving target defense technology[J]. Journal of Computer Research and Development,2016,53(5):968-987.(in Chinese)
[2]邬江兴.拟态计算与拟态安全防御的原意和愿景[J].电信科学,2014,30(7):1-7.WU Jiang-xing. M eaning and vision of mimic computing and mimic security defense[J]. Telecommunications Science,2014,30(7):1-7.(in Chinese)
[3]ESKRIDGE T C,CARVALHO M M,STONER E,et al.VINE-A cyber emulation environment for M TD experimentation[A]. George C. Proceedings of the Second ACM Workshop on M oving Target Defense[C]. Denver,Colorado,USA:ACM,2015. 43-47.
[4]ZAFFARANO K,TAYLOR J,HAMILTON S. A quantitative framework for moving target defense effectiveness evaluation[A]. George C. Proceedings of the Second ACM Workshop on M oving Target Defense[C]. Denver,Colorado,USA:ACM,2015. 3-10.
[5] OKHRAVI H,RIORDAN J,CARTER K. Quantitative evaluation of dynamic platform techniques as a defensive mechanism[A]. Research in Attacks,Intrusions and Defenses[C]. NewYork:Springer,2014. 405-425.
[6]ZHUANG R,DELOACH S A,OU X. A model for analyzing the effect of moving target defenses on enterprise networks[A]. Robert K A. Cyber and Information Security Research Conference[C]. Oak Ridge,TN,USA:ACM,2014. 73-76.
[7]雷程,马多贺,张红旗,等.基于变点检测的网络移动目标防御效能评估方法[J].通信学报,2017,38(1):126-140.LEI Cheng,M A Duo-he,ZHANG Hong-qi,et,al. Performance assessment approach based on change-point detection for network moving target defense[J]. Journal on Communications,2017,38(1):126-140.(in Chinese)
[8]HAMLET J R,LAMB C C. Dependency graph analysis and moving target defense selection[A]. Peng Liu. Proceedings of the 2016 ACM Workshop on M oving Target Defense[C]. Vienna,Austria:ACM,2016. 105-116.
[9]CARTER K M,RIORDAN J F,OKHRAVI H. A game theoretic approach to strategy determination for dynamic platform defenses[A]. Sushil J. Proceedings of the First ACM Workshop on M oving Target Defense[C]. Scottsdale,Arizona,USA:ACM,2014. 21-30.
[10]HODA M,SAEED V,WILLIAM K,et al. Markov modeling of moving target defense games[A]. Peng Liu. Proceedings of the 2016 ACM Workshop on M oving Target Defense[C]. Vienna,Austria:ACM,2016. 81-92.
[11] MASON W,SRIDHAR V,MASSIMILIANO A,et al.M oving target defense against DDoS attacks:an empirical game-theoretic analysis[A]. Peng Liu. Proceedings of the2016 ACM Workshop on M oving Target Defense[C].Vienna,Austria:ACM,2016. 93-104.
[12]CARROLL T E,CROUSE M,FULP E W,et al. Analysis of network address shuffling as a moving target defense[A]. Abbas J. IEEE International Conference on Communications[C]. Sydney,Australia:IEEE,2014. 701-706.
[13] LUO Y B,WANG B S,CAI G L. Effectiveness of port hopping as a moving target defense[A]. Yong-ik Y. International Conference on Security Technology[C]. Hainan,China:IEEE,2014. 7-10.
[14]程叶霞,姜文,薛质,等.基于攻击图模型的多目标网络安全评估研究[J].计算机研究与发展,2012,49:23-31.CHENG Ye-xia,JIANG Wen,XUE Zhi,et al. M ulti-objective network security evaluation based on attack graph model[J]. Journal of Computer Research and Development,2012,49:23-31.(in Chinese)
[15] SUSHIL J,ANUP K G,VIPIN S,et al. Moving Target Defense-Creating Asymmetric Uncertainty for Cyber Threats[M] NewYork:Springer,2011. 117-151.
[16]陈锋,张怡,苏金树,等.攻击图的两种形式化分析[J].软件学报,2010,21(4):838-848.CHEN Feng,ZHANG Yi,SU Jin-shu,et all. Two formal analyses of attack graphs[J]. Journal of Software,2010,21(4):838-848.(in Chinese)
[2]邬江兴.拟态计算与拟态安全防御的原意和愿景[J].电信科学,2014,30(7):1-7.WU Jiang-xing. M eaning and vision of mimic computing and mimic security defense[J]. Telecommunications Science,2014,30(7):1-7.(in Chinese)
[3]ESKRIDGE T C,CARVALHO M M,STONER E,et al.VINE-A cyber emulation environment for M TD experimentation[A]. George C. Proceedings of the Second ACM Workshop on M oving Target Defense[C]. Denver,Colorado,USA:ACM,2015. 43-47.
[4]ZAFFARANO K,TAYLOR J,HAMILTON S. A quantitative framework for moving target defense effectiveness evaluation[A]. George C. Proceedings of the Second ACM Workshop on M oving Target Defense[C]. Denver,Colorado,USA:ACM,2015. 3-10.
[5] OKHRAVI H,RIORDAN J,CARTER K. Quantitative evaluation of dynamic platform techniques as a defensive mechanism[A]. Research in Attacks,Intrusions and Defenses[C]. NewYork:Springer,2014. 405-425.
[6]ZHUANG R,DELOACH S A,OU X. A model for analyzing the effect of moving target defenses on enterprise networks[A]. Robert K A. Cyber and Information Security Research Conference[C]. Oak Ridge,TN,USA:ACM,2014. 73-76.
[7]雷程,马多贺,张红旗,等.基于变点检测的网络移动目标防御效能评估方法[J].通信学报,2017,38(1):126-140.LEI Cheng,M A Duo-he,ZHANG Hong-qi,et,al. Performance assessment approach based on change-point detection for network moving target defense[J]. Journal on Communications,2017,38(1):126-140.(in Chinese)
[8]HAMLET J R,LAMB C C. Dependency graph analysis and moving target defense selection[A]. Peng Liu. Proceedings of the 2016 ACM Workshop on M oving Target Defense[C]. Vienna,Austria:ACM,2016. 105-116.
[9]CARTER K M,RIORDAN J F,OKHRAVI H. A game theoretic approach to strategy determination for dynamic platform defenses[A]. Sushil J. Proceedings of the First ACM Workshop on M oving Target Defense[C]. Scottsdale,Arizona,USA:ACM,2014. 21-30.
[10]HODA M,SAEED V,WILLIAM K,et al. Markov modeling of moving target defense games[A]. Peng Liu. Proceedings of the 2016 ACM Workshop on M oving Target Defense[C]. Vienna,Austria:ACM,2016. 81-92.
[11] MASON W,SRIDHAR V,MASSIMILIANO A,et al.M oving target defense against DDoS attacks:an empirical game-theoretic analysis[A]. Peng Liu. Proceedings of the2016 ACM Workshop on M oving Target Defense[C].Vienna,Austria:ACM,2016. 93-104.
[12]CARROLL T E,CROUSE M,FULP E W,et al. Analysis of network address shuffling as a moving target defense[A]. Abbas J. IEEE International Conference on Communications[C]. Sydney,Australia:IEEE,2014. 701-706.
[13] LUO Y B,WANG B S,CAI G L. Effectiveness of port hopping as a moving target defense[A]. Yong-ik Y. International Conference on Security Technology[C]. Hainan,China:IEEE,2014. 7-10.
[14]程叶霞,姜文,薛质,等.基于攻击图模型的多目标网络安全评估研究[J].计算机研究与发展,2012,49:23-31.CHENG Ye-xia,JIANG Wen,XUE Zhi,et al. M ulti-objective network security evaluation based on attack graph model[J]. Journal of Computer Research and Development,2012,49:23-31.(in Chinese)
[15] SUSHIL J,ANUP K G,VIPIN S,et al. Moving Target Defense-Creating Asymmetric Uncertainty for Cyber Threats[M] NewYork:Springer,2011. 117-151.
[16]陈锋,张怡,苏金树,等.攻击图的两种形式化分析[J].软件学报,2010,21(4):838-848.CHEN Feng,ZHANG Yi,SU Jin-shu,et all. Two formal analyses of attack graphs[J]. Journal of Software,2010,21(4):838-848.(in Chinese)