Tongxin xuebao (Mar 2025)
Adaptive defense model for critical assets against unknown network threats
Abstract
To address the stealthy and penetrative characteristics of unknown network threats, a novel adaptive defense model based on mimic defense theory was proposed. The model introduced a mimic disguise mechanism and proposed a dynamic reconstruction strategy using subnet camouflage. By dynamically adjusting subnet topologies, it disrupted attack path and protected critical assets. The model included input proxy, reconfigurable subnet, scheduling control layer, and policy decision layer. The input proxy forwarded traffic to reconfigurable subnet. A reinforcement learning-based decision model in the policy decision layer perceived reconfigurable subnet states to generate defense strategies. Subnet connections were dynamically adjusted by the scheduling control layer to adaptively interfere with attack paths and prevent unknown threat diffusion. Experiments show that the proposed model achieves higher success rate in blocking unknown threats within limited steps compared to existing methods.
