Quantitative characterization method for potential threat degree of mimicry controller executor

Abstract

The invention discloses a quantitative characterization method for the potential threat degree of a mimicry controller executor. According to the method, the difference between each processing input of an executor and a multimode voter is recorded through a mimicry controller, the confidence coefficient of the executor is calculated, the confidence coefficient is updated and sorted after a periodof time, the executor with the lowest confidence coefficient is offline, and the executor is selected from offline candidate executors to be online. According to the method, the reliability of the mimicry controller is further improved through comprehensive consideration, the potential threat degree of an executor of the mimicry controller is quantitatively represented, the concept of confidence is introduced, and operation of the executor is reliably adjusted according to the confidence; under the condition of lack of an effective quantitative characterization method in the prior art, the robustness of the mimicry defense system is greatly improved under the condition of basically not changing software and hardware expenditures.

Description

technical field [0001] The invention belongs to the technical field of network security, in particular to the technical field of network security mimic defense, and particularly relates to a quantitative characterization method of the potential threat degree of a mimic controller executive body. Background technique [0002] With the continuous evolution of the Internet and the continuous evolution of attack technologies, network attacks present the characteristics of "concealment, coordination, and precision", and network security is in a situation of "easy to attack but difficult to defend". In order to completely change the traditional protection mode of passive response such as "blocking and killing", and form an active defense capability, mimic defense technology came into being. Mimic defense technology refers to an active defense technology based on the internal dynamic heterogeneous redundant structure of the system, which can deal with various unknown threats in cyb...

AI Technical Summary

Problems solved by technology

[0004] In the existing mimic defense system, there is no suitable quantitative characterization method for the potential threat level of the mimic controller executive body. At present, the main way to strengthen the correctness of the mimic controller is to manually judge the functionally equivalent redundant executive body , and then manually go online and offline the corresponding executives to improve the security of the entire mimic controller and ensure the robustness of the entire mimic defense system

However, this method has three shortcomings: first, it is difficult to accurately judge the potential threat level of functionally equivalent redundant execution bodies that have not been marked; second, it is labor-intensive and the detection cycle cannot be guaranteed; finally, manual judgment and manual online and offline Line executives are highly biased

Images