Dynamic heterogeneous redundant system security analysis method and device aiming at black box condition
A technology of dynamic heterogeneous and redundant systems, applied in transmission systems, electrical components, etc., can solve the problems of cumbersome implementation, difficult security indicators, DHR system DHR model security, etc.
Inactive Publication Date: 2021-12-10
HANGZHOU DIANZI UNIV
View PDF3 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
The current probability-based methods are limited to the single attack success rate and multi-step attack success rate analysis based on a single attack. In reality, most network attacks are attacked by multiple attackers at the same time, and security indicators such as the single attack success rate are difficult to achieve. It is used to guide the construction of DHR system and compare the security of different DHR models
Automata-based analysis methods and Markov-based methods are cumbersome to implement due to the need for a large number of expert manual operations
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0056] The present invention will be further described in detail below in conjunction with the accompanying drawings and specific examples.
[0057] The black box security analysis method that the present invention proposes is the system based on above-mentioned model construction, and the attacker does not understand the internal structure of the system under the black box test simultaneously, assumes that the attacker adopts a blind attack strategy (the attacker selects the attack sequence pair with equal probability) system attack).
[0058] The DHR system model involved in the present invention is a typical IPO (InProcess Out) model, as figure 1 As shown, it includes building blocks, scheduling modules, input modules, processing modules and output modules.
[0059] (1) Building modules, responsible for selecting components from heterogeneous functional component sets to construct the execution body set of the system, where m is the number of system execution bodies, and e...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a dynamic heterogeneous redundant system security analysis method and device aiming at a black box condition. The method comprises the following steps: constructing an executor-vulnerability matrix and a service body-vulnerability matrix; calculating a system attack success rate and a system control rate during non-collusion blind attacks and collusion blind attacks of multiple attackers, and finally performing security analysis on the current DHR system according to the system attack success rate and the system control rate. According to the method, the success rate and the control rate of multiple attacks under the collusion and non-collusion conditions of multiple attackers can be calculated, and compared with an existing analysis method based on a single attack of a single attacker, the safety of the DHR system can be represented more comprehensively and fully.
Description
technical field [0001] The invention belongs to the technical field of cyberspace security, and relates to a security analysis method for a dynamic heterogeneous redundant system aimed at black boxes. Background technique [0002] The current network security is in a situation of "easy to attack but difficult to defend". At present, the main defense methods are essentially to use prior knowledge to identify and defend against known threats, which cannot effectively solve the security threats when vulnerabilities and backdoors are unknown, and have certain Hysteresis. In this regard, a variety of network security dynamic defense solutions have emerged to effectively improve the system security level under unknown threats, typically including Moving Target Defense (Moving Target Defense, MTD) technology and Cyber Mimic Defense (Cyber Mimic Defense, CMD) technology. CMD was first proposed by Academician Wu Jiangxing's team, and it mainly builds a secure information system ...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1433H04L63/1441
Inventor 郑秋华胡海忠尹微皓杨菥张旭翟亮陈安邦吴铤曾英佩
Owner HANGZHOU DIANZI UNIV