A scenario-based method for dynamic scheduling of heterogeneous executives in mimetic web servers

A technology of dynamic scheduling and executive body, applied in the field of network security, can solve problems such as insufficient guarantee of executive body diversity, effective use of unfavorable mimic voting mechanism, and reduced system security.

Active Publication Date: 2020-12-15
上海拟态数据技术有限公司
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although this strategy can effectively realize the dynamic and random changes of the executive body, it cannot fully guarantee the diversity among the executive bodies, which is not conducive to the effective use of the mimic voting mechanism.
The above two strategies work well in an environment where the attack intensity of a single attack method is not high, but in the face of advanced persistent threats or coordinated attacks, it is easy for the attacker to figure out the rotation law, resulting in a decrease in system security

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A scenario-based method for dynamic scheduling of heterogeneous executives in mimetic web servers
  • A scenario-based method for dynamic scheduling of heterogeneous executives in mimetic web servers
  • A scenario-based method for dynamic scheduling of heterogeneous executives in mimetic web servers

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0043] figure 2 It is a schematic flow chart of a scenario-based method for dynamically scheduling heterogeneous executives of a mimetic web server provided by an embodiment of the present invention. Such as figure 2 As shown, the method includes the following steps:

[0044] S101. Calculate the overall difference value between the offline execution body and the online execution body;

[0045] S102. Count the attacker type set L and the attacker l's attack method strategy set N in the target scenario. l , get the attack probability table P of various types of attackers A ={p 1 ,p 2 ,...,p l}, where l∈L;

[0046] S103. Calculate the income value A of the attacker and the defender in various attack modes when the attacker l launches an attack on any executive body l and D l ;

[0047] S104. Map the Bayesian-Stackelberg game model to the mimic web server, and construct an objective function for solving the optimal scheduling strategy;

[0048] S105. Comparing the ove...

Embodiment 2

[0051] On the basis of the first embodiment above, the present invention provides another embodiment, and the specific process is as follows:

[0052] S201. Calculating the overall difference between the offline executive and the online executive mainly includes the following sub-steps:

[0053] S2011: Calculate the difference ω between the execution body i and the execution body j ij ;

[0054] ω ij =C ij *P (1)

[0055] Among them, C ij =[c 0 ,c 1 ,c 2 ,... c t ] represents the difference value of each layer of the software stack from executive i to executive j, P=[p 0 ,p 1 ,p 2 ,...p t ] T Represent the weighting coefficient of the difference value of each layer of the software stack, and t represents the number of software stack layers of each executive body in the executive body set C of the mimic web server;

[0056] Specifically, according to the common vulnerabilities of different software at each layer of the software stack of executive body i and execut...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a scenario-based method for dynamic scheduling of heterogeneous executive bodies of mimetic web servers. The method includes: calculating the overall difference value between the offline execution body and the online execution body; counting the type set L of the attacker and the attack method strategy set N of the attacker l in the target scene l , get the attack probability table P of various types of attackers A ={p 1 ,p 2 ,...,p l}; Calculate the income value A of the attacking and defending parties under various attack methods when the attacker l launches an attack on any executive body l and D l ; The Bayesian-Stackelberg game model is mapped to the mimic web server, and the objective function used to solve the optimal scheduling strategy is constructed; l and D l into the objective function to obtain the defender's optimal mixed strategy x. By constructing the objective function, the dynamic scheduling strategy of the mimic web server under different attack environments can be obtained, which can give full play to the diversity, randomness and dynamic advantages of the mimic defense, and effectively improve the security and resource utilization of the system.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a scenario-based method for dynamic scheduling of heterogeneous executive bodies of mimetic web servers. Background technique [0002] As the most important way of carrying and providing Internet services at present, web services are the starting point of most network attacks. The existence of vulnerabilities allows some people or groups to obtain important information with a small amount of resources, threatening the security of information infrastructure and public services. It even endangers network order and social stability. [0003] Mimic defense deploys heterogeneous software and hardware executives with the same function at different levels in web services, uses multiple heterogeneous executives to execute the same request and votes on the response results, and dynamically schedules executives through the feedback results of threat perception to increase security...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/08H04L29/06
CPCH04L63/1416H04L63/1433H04L63/1441H04L67/02H04L67/60
Inventor 张铮邬江兴杨文晗王立群李卫超
Owner 上海拟态数据技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products