QIN Junning,HAN Jiajia,ZHOU Sheng,WU Chunming,CHEN Shuangxi,ZHAO Ruoyan,ZHANG Jiangyu

DOI: https://doi.org/10.11959/j.issn.1000-0801.2020143

2020-01-01

Abstract:The unbalanced development status of network security was introduced.The main hazards and the mechanism model of penetration testing were described,and the inherent shortcomings of many existing traditional defense methods were analyzed.However,new method of the mimic defense model makes the attack information obtained invalid by dynamically selecting the executive set and adaptively changing the system composition.The same attack mode is difficult to be maintained or reproduced.Based on the attack chain model,the traditional defensetechnology and mimic defense technology were analyzed and compared,and it was demonstrated that it had a protective role in multiple stages of the attack chain.Finally,the effectiveness and superiority of the mimic defense was verified by experiments,and the model was summarized and prospected.

Jingjing Hu,Yu Li,Zhaozhao Li,Qinrang Liu,Jiangxing Wu

DOI: https://doi.org/10.1109/tnsm.2024.3387725

2024-01-01

IEEE Transactions on Network and Service Management

Abstract:The Dynamic Heterogeneous Redundancy (DHR) architecture presents a novel approach to system design and organization, aiming to enhance system security by integrating dynamicity and heterogeneity into its structure. Despite its practical efficacy, the theoretical underpinnings elucidating the mechanisms through which DHR enhances security remain unestablished. This study endeavors to bridge this gap by conducting a theoretical analysis and modeling of the DHR architecture, focusing on its intrinsic characteristics and their implications for system security. Employing static game theory, our research uncovers the unique Nash equilibrium within DHR architecture. Expanding upon this mathematical framework, we delve into how factors such as dynamicity, heterogeneity, and failure rates influence these equilibria, subsequently shaping system security. To validate our findings, we conduct a case study involving a triply redundant DHR system and simulate the offense-defense interplay using the Adam optimization algorithm within boundedly rational static games. Our results affirm the variations in system security under diverse initial conditions and model states, thereby establishing a robust theoretical foundation for DHR architectures and laying the groundwork for their broader comprehension and application across various domains.

Daojing He,Sammy Chan,Yan Zhang,Chunming Wu,Bing Wang

DOI: https://doi.org/10.1109/mis.2013.105

IF: 6.744

2014-01-01

IEEE Intelligent Systems

Abstract:Attack-defense models play an important role in the design of cybersecurity systems. Here, the authors review some traditional and prevailing attack-defense models along with their weaknesses. Then, they survey some recently proposed paradigm shifts to these models based on which more effective security strategies can be designed. Further, they provide some suggestions on how to adopt the new models, and present challenges that need to be addressed in this field.

曾璎珞,潘雪增,陈健

DOI: https://doi.org/10.3969/j.issn.1000-3428.2010.10.052

2010-01-01

Abstract:This paper proposes a dynamic security access control model based on system reliability,so as to improve the flexibility of combination among multiple security access control strategies,and to ensure system security and practicality.The model can choose the proper kind of combination among the security access control strategies dynamically in order to deal with different system states and improve the whole system performance.Experimental results prove that this model makes the multiple strategies control more flexible,ensures the system security,and improves practicality of the system.

Bo Mei,Zhengbin Zhu,Peijie Li,Bo Zhao

DOI: https://doi.org/10.1049/2024/2023349

2024-04-12

IET Information Security

Abstract:System on Wafer (SoW) based on chiplets may be implanted with hardware Trojans (HTs) by untrustworthy third-party chiplet vendors. However, traditional HTs protection techniques cannot guarantee complete protection against HTs, which poses a great challenge to the hardware security of SoW. In this paper, we propose a computing architecture based on endogenous security theory—dynamic heterogeneous redundant computing architecture (DHRCA) that can tolerate and detect HTs at runtime. The security of our approach is analyzed by building a generalized stochastic coloring petri net (GSCPN) model of DHRCA. The simulation results based on the GSCPN model show that our method can improve the system security probability to 0.8690 and the system availability probability to 0.9750 in the steady state compared with typical triple-mode redundancy and runtime monitoring methods. Furthermore, the impact of different attack and defense strategies on system security of different methods is simulated and analyzed in this paper.

computer science, information systems, theory & methods

Wei Pan,Weihua Li

DOI: https://doi.org/10.1109/ispa.2009.73

2009-01-01

Abstract:In information era advocating ubiquitous computing, computing resources are susceptible to attack without guaranteeing security of network system. It is necessary and desirable for network system to employ powerful safeguard to protect itself against diversified vulnerabilities. In this paper, we present reverse analysis and vulnerability detection for network system software (RAVDNSS), a novel approach which uses reverse analysis and vulnerability detection technologies to deal with security problems on critical network system. Adaptive reverse analysis we propose is used to dig out potential vulnerabilities, which might be abused by unauthorized and unlawful communities. A new vulnerability detection model is designed to provide safety precautions through detecting vulnerabilities and monitoring program behaviors. Our investigation aims to improve the ability to guard network system against malicious attacks. The proposed schemes demonstrate that our approach can effectively perform security detection and management of network system software.

Xiaohua Li,Gang Wang,Lin Xiao,Maosheng Ding

DOI: https://doi.org/10.1109/TDC.2005.1547134

2005-01-01

Abstract:This paper gives a new more practical software reliability model based on architectures of software components. This model uses semi-Markov chain and can give the quantitative evaluation about the digital protection's software. It analyzes the relation between the material architecture of software's modules and the reliability of software, then changes the model into a semi-Markov one based on the architecture of software's modules. Besides having the characters of the former model, this one have the ability to emulate the reliability in the situation which is the software having complex architecture or the system having the capability about paratactic calculating. Furthermore, the variable parameter method is used to study the sensitivity in order to find the vital factors of reliability. An example is given to demo the proposed techniques. The calculation results prove that the algorithm is viable. © 2005 IEEE.

REN Quan,HE Lei,WU Jiangxing

DOI: https://doi.org/10.11959/j.issn.2096-109x.2018035

2018-01-01

Abstract:Block chain,dissimilar redundancy and mimic defense technology have developed rapidly in different security fields of cyberspace.However,there is a lack of effective models to describe and analyze these three kinds of innovative technologies currently.The DTMC (discrete time Markov chain) was used to model and analyze the anti-interference of the three kinds of systems.The results show that mimic defense system which adopts dynamic heterogeneous redundancy architecture and negative feedback control mechanism can ensure the high availability of the system.The block chain system uses high redundancy consensus mechanism to have a higher anti-interference performance than mimic defense system and dissimilar redundancy system in a certain time,but its performance will decrease quickly after that.With the increase of redundancy,the anti-interference performance of the dissimilar redundancy system will tend to the high redundancy block chain rapidly.Compared with block chain,the anti-interference performance falling of dissimilar redundancy system will be relatively slower.

Yufeng Li,Qi Liu,Weihua Zhuang,Yiqing Zhou,Chenhong Cao,Jiangxing Wu

DOI: https://doi.org/10.1109/mvt.2023.3263334

IF: 13.609

2023-01-01

IEEE Vehicular Technology Magazine

Abstract:For connected automated vehicles (CAVs), safety and security are two interrelated critical issues since many in-vehicle components are both safety critical and security critical. To achieve both safety and security in the presence of functional failures or cyberattacks, this article proposes a dynamic heterogeneous redundancy (DHR) scheme for CAVs. The basic idea is that each safety- and security-critical in-vehicle component should employ a DHR architecture, which is constructed by multiple heterogeneous executors with the same function. With redundancy, the functional safety can be achieved when one executor fails. Meanwhile, based on the principle that the probability is extremely low that two or more heterogeneous executors with the same function will fail for the same vulnerability, security can be ensured by using simple consensus mechanisms to detect abnormal executors caused by any cyberattacks. A DHR prototype has been designed and installed on an automated bus. Test results show that the proposed DHR is effective in enhancing both safety and security for CAVs.

telecommunications,engineering, electrical & electronic,transportation science & technology

Xu Junjie,Junjie Xu

DOI: https://doi.org/10.4236/jcc.2021.97001

2021-01-01

Journal of Computer and Communications

Abstract:With the rapid growth of network technology, the methods and types of cyber-attacks are increasing rapidly. Traditional static passive defense technologies focus on external security and known threats to the target system and cannot resist advanced persistent threats. To solve the situation that cyberspace security is easy to attack and difficult to defend, Chinese experts on cyberspace security proposed an innovative theory called mimic defense, it is an active defense technology that employs “Dynamic, Heterogeneous, Redundant” architecture to defense attacks. This article first briefly describes the classic network defense technology and Moving Target Defense (MTD). Next, it mainly explains in detail the principles of the mimic defense based on the DHR architecture and analyzes the attack surface of DHR architecture. This article also includes applications of mimic defense technology, such as mimic routers, and mimic web defense systems. Finally, it briefly summarizes the existing research on mimic defense, expounds the problems that need to be solved in mimic defense, and looks forward to the future development of mimic defense.

Gaofeng Da,Maochao Xu,Shouhuai Xu

DOI: https://doi.org/10.1145/2600176.2600184

2016-01-01

Abstract:Modeling and analyzing security of networked systems is an important problem in the emerging Science of Security and has been under active investigation. In this paper, we propose a new approach towards tackling the problem. Our approach is inspired by the shock model and random environment techniques in the Theory of Reliability, while accommodating security ingredients. To the best of our knowledge, our model is the first that can accommodate a certain degree of adaptiveness of attacks , which substantially weakens the often-made independence and exponential attack inter-arrival time assumptions. The approach leads to a stochastic process model with two security metrics, and we attain some analytic results in terms of the security metrics.

Jun Xiang,Deyu Qi,Kefu Xu,Shouqiang Liu,Wenhong Wei

DOI: https://doi.org/10.1109/ICIEA.2008.4582928

2008-01-01

Abstract:As the network-based degree improves, the security problem becomes more significant day by day. The network security has entered the three-dimensional security interaction protection time. In this paper, security interaction technology is studied, the deficiencies of existing security interaction models are pointed out. Based on these, the dynamic security interaction model, DSIM for short, is designed. It has such advantages as lightening network load, saving network bandwidth, dynamic adapting and easy expanding. ©2008 IEEE.

Xiaohu Li,Timothy Paul Parker,Shouhuai Xu

DOI: https://doi.org/10.1109/tdsc.2008.75

2011-01-01

Abstract:Traditional security analyses are often geared toward cryptographic primitives or protocols. Although such analyses are necessary, they cannot address a defender's need for insight into which aspects of a networked system having a significant impact on its security, and how to tune its configurations or parameters so as to improve security. This question is known to be notoriously difficult to answer, and the state of the art is that we know little about it. Toward ultimately addressing this question, this paper presents a stochastic model for quantifying security of networked systems. The resulting model captures two aspects of a networked system:1) the strength of deployed security mechanisms such as intrusion detection systems and 2) the underlying vulnerability graph, which reflects how attacks may proceed. The resulting model brings the following insights: 1) How should a defender “tune” system configurations (e.g., network topology) so as to improve security? 2) How should a defender “tune” system parameters (e.g., by upgrading which security mechanisms) so as to improve security? 3) Under what conditions is the steady-state number of compromised entities of interest below a given threshold with a high probability? Simulation studies are conducted to confirm the analytic results, and to show the tightness of the bounds of certain important metric that cannot be resolved analytically.

Zhang Baowen,Chang Xiao,Li Jianhua

DOI: https://doi.org/10.1049/cje.2020.02.017

IF: 1.019

2020-01-01

Chinese Journal of Electronics

Abstract:As a new security defense theory, Cyberspace mimic defense（CMD） provides an architecture named Dynamic heterogeneous redundancy（DHR） to enhance the defense level of system security. Due to the new dynamic defense mechanism DHR introduced in CMD systems, traditional security modelling and analysis methods can hardly be used for them. In this paper, we propose a Security ontology-based modelling method for CMD systems（SOCMD）, which uses ontology to represent DHR components and to define their inner relationships. SOCMD also connects information components including DHRs with security vulnerabilities,threats and attackers in cyberspace. Next, attacking rules,multi-mode arbitration mechanism and combination rules are designed with SOCMD for CMD systems and a new logical-checking method is proposed to make judgement about the security state of SOCMD. Finally, different use cases and performance tests are developed to demonstrate the application process for the model and to verify the validity of our method.

Xi Chen,Fan Zhang,Wei Huang,Ziwen Peng,Wei Guo,Ruiyang Huang,Jianpeng Li,Xinyuan Miao,Jiayu Du,Chenyu Zhou,Guangze Yang,Jiangxing Wu,Zijie Zhang

DOI: https://doi.org/10.1051/sands/2024011

2024-01-01

Security and Safety

Abstract:The rapid development of deep learning (DL) models has been accompanied by various safety and security challenges, such as adversarial attacks and backdoor attacks. By analyzing the current literature on attacks and defenses in DL, we find that the ongoing adaptation between attack and defense makes it impossible to completely resolve these issues. In this paper, we propose that this situation is caused by the inherent flaws of DL models, namely non-interpretability, non-recognizability, and non-identifiability. We refer to these issues as the Endogenous Safety and Security (ESS) problems. To mitigate the ESS problems in DL, we propose using the Dynamic Heterogeneous Redundant (DHR) architecture. We believe that introducing diversity is crucial for resolving the ESS problems. To validate the effectiveness of this approach, we conduct various case studies across multiple application domains of DL. Our experimental results confirm that constructing DL systems based on the DHR architecture is more effective than existing DL defense strategies.

Han Zhang,Yu Wang,Hao Liu,Hongyu Lin,Liquan Chen

DOI: https://doi.org/10.23919/jcc.fa.2023-0125.202407

2024-01-01

China Communications

Abstract:The conventional dynamic heterogeneous redundancy (DHR) architecture suffers from the security threats caused by the stability differences and similar vulnerabilities among the executors. To overcome these challenges, we propose an intelligent DHR architecture, which is more feasible by intelligently combining the random distribution based dynamic scheduling algorithm (RD-DS) and information weight and heterogeneity based arbitrament (IWHA) algorithm. In the proposed architecture, the random distribution function and information weight are employed to achieve the optimal selection of executors in the process of RD-DS, which avoids the case that some executors fail to be selected due to their stability difference in the conventional DHR architecture. Then, through introducing the heterogeneity to restrict the information weights in the procedure of the IWHA, the proposed architecture solves the common mode escape issue caused by the existence of multiple identical error output results of similar vulnerabilities. The experimental results characterize that the proposed architecture outperforms in heterogeneity, scheduling times, security, and stability over the conventional DHR architecture under the same conditions.

Xin YANG,Hui LI,Jiangxing WU,Peng YI

DOI: https://doi.org/10.1360/ssi-2019-0224

2020-01-01

Abstract:Cyber mimic defenses have recently emerged as a dynamic heterogeneity redundancy architecture, which adjust the asymmetry between defenders and attackers by reconfiguring the system according to the network scenario. Some studies have investigated the effectiveness of security models, however, there is still a lack of convincing and practical methods to assess CMD networks quantitatively. Thus, in this paper, we propose a two-dimension model that calculates those details as a digital result to compare different CMD networks. In addition, the proposed method demonstrates good scalability in different networks. Specifically, in the first dimension, i.e., attacking a single node, we elaborate on system configurations and employ the Generalized Stochastic Petri net model to capture the effectiveness of different behaviors from gamers. To quantify the impacts of those behaviors, we parameterized them using a Poisson process, common vulnerabilities and exposures, and the common vulnerability scoring system. In the second dimension, we adopt Markov chains and the Martingale theory to analyze the attack process along the attack chain. Finally, security metrics and countermeasures under different scenarios are presented to verify the effectiveness of CMD, which provides some guidance for designing future systems with acceptable cost.

赵峰,章勤,李敏

DOI: https://doi.org/10.3969/j.issn.1002-137x.2010.02.012

2010-01-01

Computer Science

Abstract:In recent years,computing system vulnerability analysis attracts more and more researchers,which has become a hot spot in the field of system security.With the emergence of multi-core technology,computing systems become more open and dynamic An attack graph-based dynamic security analysis model was proposed,which can measure combined effect of dynamic computing system vulnerabilities.An improved attack map generation algorithm was also presented to improve performance and simplify further security analysis by system administrators.Moreover,a virtual computing system-based example shows the analysis process of the proposed method and validates its efficiency and performance. The experimental results show that our method is an effective way to dynamic system security risk analysis.

ZHANG Tao,HU Ming-zeng,YUN Xiao-chun,ZHANG Yong-zheng

DOI: https://doi.org/10.3321/j.issn:1000-436x.2005.12.017

2005-01-01

Abstract:The research of security analysis needed a systemic security analysis model that was from the system resource and security factor of computer network.For the classification,rate and the main threaten of the security requirement,system devices,access privilege,host connection relation and vulnerability were analyzed,and the computer network attack from the point of view that the attacker's objective was to get privilege escalation was described.The computer system security analysis by fault tree and the network system security analysis by attack graph use the security analysis model.

Jiangxing WU

DOI: https://doi.org/10.19363/j.cnki.cn10-1380/tn.2016.04.001

2016-01-01

Abstract:The unbalance in cyber security and its root is analyzed in this paper, of which a dynamically redundant het-erogeneity architecture and the basic principle to compose an information system of high reliability and high security level with unreliable hardware is mainly discussed. Then, basic concepts about mimic defense is briefly stated. Finally, a test evaluation and preliminary conclusion about the system of mimic defense verification is presented.