电子学报 ›› 2019, Vol. 47 ›› Issue (10): 2025-2031.DOI: 10.3969/j.issn.0372-2112.2019.10.002

• 学术论文 • 上一篇    下一篇

动态异构冗余结构的拟态防御自动机模型

朱维军1,2, 郭渊博3, 黄伯虎4   

  1. 1. 郑州大学信息工程学院, 河南郑州 450001;
    2. 北京大学信息科学技术学院, 北京 100871;
    3. 信息工程大学密码工程学院, 河南郑州 450001;
    4. 西安电子科技大学计算机学院, 陕西西安 710071
  • 收稿日期:2018-09-21 修回日期:2019-07-26 出版日期:2019-10-25
    • 作者简介:
    • 朱维军 男,1976年生于河南郑州.郑州大学副教授.研究方向为拟态防御、网络安全.E-mail:zhuweijun@zzu.edu.cn;郭渊博 男,1975年生于陕西周至.信息工程大学教授、博士生导师,研究方向为拟态防御、信息安全.
    • 基金资助:
    • 国家自然科学基金 (No.U1204608); 国家重点研发计划 (No.2016YFB0800100)

A Mimic Defense Automaton Model of Dynamic Heterogeneous Redundancy Structures

ZHU Wei-jun1,2, GUO Yuan-bo3, HUANG Bo-hu4   

  1. 1. School of Information Engineering, Zhengzhou University, Zhengzhou, Henan 450001, China;
    2. School of Electronics Engineering and Computer Science, Peking University, Beijing 100871, China;
    3. Cryptography Engineering Institute, Information Engineering University, Zhengzhou, Henan 450001, China;
    4. School of Computer Science, Xidian University, Xi'an, Shaanxi 710071, China
  • Received:2018-09-21 Revised:2019-07-26 Online:2019-10-25 Published:2019-10-25
    • Supported by:
    • National Natural Science Foundation of China (No.U1204608); National Key Research and Development Program of China (No.2016YFB0800100)

摘要: 动态异构冗余结构是拟态防御技术的常用工程模型.然而,目前尚缺乏对该结构实施形式化分析的手段,因为该结构缺乏形式化建模方法.针对此问题,使用有穷状态自动机及其并行组合自动机为一些拟态攻防行为建立计算模型.首先,使用单个有穷状态自动机为单个执行体建模;其次,使用有穷状态自动机的并行组合为执行体组合建模;再次,修改状态迁移规则,得到可描述攻防行为的拟态防御自动机模型;最后,根据该自动机模型的状态条件,分析动态异构冗余结构上拟态攻防行为的安全性.此外,也可使用交替自动机为拟态攻防建模,并把安全性自动分析规约为交替自动机模型检测问题.

关键词: 动态异构冗余, 拟态防御, 自动机

Abstract: Up to now, the Dynamic Heterogeneous Redundancy (DHR) structure is a kind of important engineering model about the Mimic Defense (MD) technique. However, there is still a lack of way of formal analysis for DHR structures as there is no formal model available for a DHR structure. To address this problem, we use a Finite State Automaton (FSA) and its Parallel Automaton (PA) to establish a computing model for some attacks and mimic defenses. First, each FSA is employed to model each execution body, while there are a number of execution bodies in a DHR structure. Second, these FSAs are combined in parallel to model the combination of execution bodies. Third, one can get a model of MD automaton which can describe the attacks and MD actions, by modifying the state transition rules. Finally, one can analyse the attacks and MD actions on a DHR structure, according to the conditions of the PA states. Furthermore, we use an Alternating Finite Automaton (AFA) to model some attacks and MD actions. As a result, the automatic MD analysis problem is reduced to the solved AFA model checking problem.

Key words: dynamic heterogeneous redundancy, mimic defense, automata

中图分类号: