Jisuanji kexue (Jul 2022)
MTDCD:A Hybrid Defense Mechanism Against Network Intrusion
Abstract
Both moving target defense and cyber deception defense protect their own systems and networks by increasing the uncertainty of information acquired by attackers.They can slow down network reconnaissance attacks to a certain extent.However,a single moving target defense technology cannot prevent attackers who use multiple information to conduct network intrusions.Meanwhile,the deployed decoy node may be identified and marked by the attacker,thereby reducing the defense effectiveness.Therefore,this paper proposes a hybrid defense mechanism combining moving target defense and cyber deception defens.Through in-depth analysis of actual network confrontation,a network intrusion threat model is constructed.Finally,a defense effectiveness evaluation model based on the Urn model is built.In addition,this paper evaluates the defense performance of the proposed hybrid defense method from multiple aspects such as virtual network topology size,deception probability of decoy nodes,IP address randomization period,IP address transfer probability,etc.,and provides reference and guidance for subsequent defense strategy design.
Keywords
