CN108900654B - Dynamic DNS scheduling method based on mimicry domain name server - Google Patents

Dynamic DNS scheduling method based on mimicry domain name server Download PDF

Info

Publication number
CN108900654B
CN108900654B CN201810880953.XA CN201810880953A CN108900654B CN 108900654 B CN108900654 B CN 108900654B CN 201810880953 A CN201810880953 A CN 201810880953A CN 108900654 B CN108900654 B CN 108900654B
Authority
CN
China
Prior art keywords
executive
pool
domain name
cur
execution
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810880953.XA
Other languages
Chinese (zh)
Other versions
CN108900654A (en
Inventor
陈博
伊鹏
高洁
马海龙
张震
卜佑军
于洪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Information Engineering University of PLA Strategic Support Force
Original Assignee
Information Engineering University of PLA Strategic Support Force
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Information Engineering University of PLA Strategic Support Force filed Critical Information Engineering University of PLA Strategic Support Force
Priority to CN201810880953.XA priority Critical patent/CN108900654B/en
Publication of CN108900654A publication Critical patent/CN108900654A/en
Application granted granted Critical
Publication of CN108900654B publication Critical patent/CN108900654B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/60Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)
  • Hardware Redundancy (AREA)

Abstract

The invention provides a DNS dynamic scheduling method based on a mimicry domain name server, which comprises the following steps: step 1.1, initialize Ccur(ii) a Step 1.2 from ChK physical servers are selected to form a candidate set HkFrom HkIn selection
Figure DDA0001754452270000011
In that
Figure DDA0001754452270000012
C, selecting an executive to join C in the executive sub-poolcur(ii) a Step 1.3, if HkIf no candidate physical server exists, executing step 1.5; otherwise, executing step 1.4; step 1.4 from HkIn selection
Figure DDA0001754452270000013
According to a predetermined safety gain algorithm, in
Figure DDA0001754452270000014
Determining the executive C' which maximizes the system security gain in the executive sub-pool of (1)curExecuting the step 1.6; step 1.5, traversing all the other executives in the executive body sub-pool where the current executant is positioned, determining the executor C' which enables the system safety gain to be maximum in all the other executives according to a preset safety gain algorithm, and adding Ccur(ii) a Step 1.6, repeatedly executing step 1.3 until CcurUp to m. The invention selects the on-line executive based on the safety gain, thereby maximizing the system safety gain.

Description

Dynamic DNS scheduling method based on mimicry domain name server
Technical Field
The invention relates to the technical field of network security, in particular to a dynamic DNS scheduling method based on a mimicry domain name server.
Background
The Domain Name System (DNS) is one of the most important infrastructures of the Internet, and maintains the mapping relationship between the Domain Name System and the IP address space. However, the domain name system inevitably has unknown vulnerabilities and backdoors, which are vulnerable.
The domain name system is an information system, the service mode of the information system is an input-processing-output (IPO) model, and the mimicry defense is to introduce a dynamic, heterogeneous and redundancy enhancing system on the basis of the model so as to defend unknown bugs, backdoors and solve the problem of random faults.
The mimicry domain name system is a basic application of mimicry defense. As shown in fig. 1, the mimicry domain name system simultaneously services client requests through multiple domain name servers, and selects only relatively correct results to the client through the resolver, so that even the failure of one or several domain name servers does not affect normal service. In addition, the running domain name servers dynamically change along with time and the state of the servers according to the scheduling strategy, and even if some domain name servers are attacked by domain name hijacking, cache virus throwing, DNS cheating and the like, the normal requests of users cannot be influenced.
However, different scheduling strategies also have different security gains, the current scheduling strategy is mainly based on random scheduling and scheduling based on an executive trust value, the controllability of the former is poor, the latter quantifies the trust of a single executive depending on the historical information of the executive, and the security of the system is not quantified from a global angle, so that the security gain of the mimicry domain name system cannot be maximized.
Disclosure of Invention
In order to solve the problems in the prior art, the invention provides a dynamic DNS scheduling method based on a mimicry domain name server, which can maximize the security gain of a mimicry domain name system.
The invention provides a DNS dynamic scheduling method based on a mimicry domain name server, wherein the mimicry domain name server comprises a plurality of physical servers and an executive body pool, the executive body pool comprises a plurality of executive body sub-pools, and the method comprises the following steps:
step 1.1, initialize the online executive set Ccur
Step 1.2, gathering C from system physical servershK physical servers are selected to form a candidate physical server set HkFrom HkSelect a physical server
Figure GDA0003021466010000021
In that
Figure GDA0003021466010000022
Selecting an executive C from the corresponding executive sub-pool to join CcurAnd update HkWherein h and k are positive integers, and h is more than or equal to k;
step 1.3, if HkIf no candidate physical server exists, executing step 1.5; otherwise, executing the step 1.4;
step 1.4 from HkSelect a physical server
Figure GDA0003021466010000023
According to a predetermined safety gain algorithm, in
Figure GDA0003021466010000024
Determining the executive body C 'which maximizes the system security gain in the corresponding executive body sub-pool, and adding C' into CcurAnd update HkExecuting the step 1.6;
step 1.5, traversing all the rest executables in the execution entity sub-pool where the current execution entity is located, and determining to increase the system safety in all the rest executables according to a preset safety gain algorithmBeneficiary maximum executive C 'adding C' to Ccur
Step 1.6, repeatedly executing step 1.3 until CcurThe number of executors in (1) reaches a preset number m.
Further, the method further comprises: if judged to obtain CcurIf the abnormal execution body exists, selecting a new execution body from the execution body pool to replace the abnormal execution body.
Further, the selecting a new execution block from the execution block pool to replace the abnormal execution block specifically includes:
step 2.1, determining a physical server p corresponding to the abnormal execution body, and determining the number p of the abnormal execution bodies in the execution body sub-pool corresponding to pmIf p ismIf not less than 2, executing the step 2.2, otherwise executing the step 2.3;
step 2.2, gather C from the remaining physical serversresSelecting a physical server ph to replace p, and selecting p from the executive body sub-pool corresponding to ph one by one according to a preset security gain algorithmmImplementation of body replacement C to maximize system security gaincurUpdate C of the abnormal executorres
And 2.3, selecting an executive body which enables the system safety gain to be maximum from the executive body sub-pool corresponding to the p according to a preset safety gain algorithm, and replacing the abnormal executive body.
Further, the preset safety gain algorithm specifically includes: security gain G between execution entity x and execution entity yxyAccording to the formula
Gxy=σ*ksxy+θ*(kvoxy+koxy)+δ*kvtxy
Determining; wherein theta represents the safety gain of the mimicry domain name server under different operating systems, delta represents the safety gain of the mimicry domain name server under different virtualization software, and sigma represents the safety gain of the mimicry domain name server under different domain name server software;
kvo if the virtual operating system types of execution body x and execution body y are differentxy1, otherwise kvoxy0; if the physical operations of the execution body x and the execution body y are executedSystem types are different, then koxy1, or vice versa koxy0; ks if the domain name server software types of executor x and executor y are differentxy1, and vice versa ksxy0; kvt if the virtualization software types of executable x and executable y are differentxy1, otherwise kvtxy=0;
The system security gain is a new executive and the current time CcurThe sum of the security gains between existing executors.
The invention has the beneficial effects that:
after a first executive body is randomly selected, the selected executive body is determined based on the safety gain between a new executive body and the existing executive body, so that the safety gain of a system is maximized; when a new executive body is selected to replace an abnormal executive body, the threat that an attacker attacks the physical server to cause failure of a plurality of executive bodies is prevented by evaluating the safety of the physical server, secondary mimicry defense is actually realized on the physical server level, and the attacker fails in domain name hijacking, cache poisoning, DNS spoofing and other attacks through a mimicry defense mechanism; in addition, the computational complexity of the method can meet the requirement of the real-time performance of the system.
Drawings
FIG. 1 is a schematic structural diagram of a prior art mimicry domain name system;
fig. 2 is a schematic structural diagram of a mimic domain name server according to an embodiment of the present invention;
fig. 3 is a schematic flowchart of a dynamic DNS scheduling method based on a mimicry domain name server according to an embodiment of the present invention;
fig. 4 is a schematic diagram of a replacement exception handler according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly described below with reference to the accompanying drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 2 is a schematic structural diagram of a mimetic domain name server according to an embodiment of the present invention. As shown in FIG. 2, a plurality of physical servers and a pool of executives; each physical server is configured with a physical operating system and virtualization software, the virtualization software is used for building a plurality of virtual operating systems on each physical server, and each virtual operating system is provided with a plurality of domain name server software; the executive body pool comprises a plurality of executive body sub-pools, one executive body sub-pool corresponds to one physical server, each executive body sub-pool comprises a plurality of executive bodies, and each executive body is built through domain name server software, a physical operating system, a virtualization operating system and a physical server.
Specifically, the virtual operating system may include a CentOS, Ubuntu, Windows Server 2008; the domain name server software may include BIND, PowerDNS, Microsoft DNS; DNS-1, DNS-2, …, DNS-a, … …, DNS-d in FIG. 2 can be understood as executors in the embodiment of the invention.
Physical server 1 corresponds to executive pool { DNS-1, DNS-2, … …, DNS-a }; the physical server 2 corresponds to an executive body pool { DNS-a +1, DNS-a +2, … … and DNS-b }; … … physical Server i corresponds to the executive pool { DNS-c +1, DNS-c +2, … …, DNS-d }.
The mimicry domain name server in the embodiment of the invention is based on a virtual machine level structure, and the mimicry domain name server is regarded as a hierarchical structure which can comprise a server layer, a virtualization layer and a physical operating system layer from top to bottom. Each physical server bears a virtualization software, a plurality of virtual operating systems are built, different domain name server software is installed on the virtual operating systems, each domain name server software, each operating system, each virtualization software and the bottom layer physical server hardware form an executive body, and the set of all the executive bodies is called an executive body pool.
Compared with the traditional domain name server, the mimicry domain name server can be virtualized into a plurality of executors on one physical server, so that the realization cost of mimicry defense can be greatly reduced. The execution body is constructed based on multi-level combination, the mimicry domain name server of the obtained execution body combination can effectively defend attackers from known or unknown vulnerabilities and backdoors of each level, the hierarchical combination is not limited to a plurality of levels described in the patent, and all software and hardware conditions influencing the security of the domain name server can be used as one part of the hierarchical division.
Fig. 3 is a schematic flowchart of a DNS dynamic scheduling method based on a mimicry domain name server according to an embodiment of the present invention. With reference to fig. 2 and 3, the method includes:
s101, initializing online executive body set Ccur
Specifically, based on the structure of the mimicry domain name server, after the mimicry domain name server receives the client request, before processing the client request, it needs to determine the online executive group CcurI.e. it needs to determine from the execution pool which executors are scheduled to process the client request.
S102, a slave system physical server set ChK physical servers are selected to form a candidate physical server set HkFrom HkSelect a physical server
Figure GDA0003021466010000051
In that
Figure GDA0003021466010000052
Selecting an executive C from the corresponding executive sub-pool to join CcurAnd update HkWherein h and k are positive integers, and h is more than or equal to k;
in particular, the set of system physical servers ChThe representation mimicry domain name server includes h physical servers. In this step, in determining HkIn time, a random selection may be made, i.e. from ChMedium random selectionK physical servers are selected. Then, in the slave HkSelect a physical server
Figure GDA0003021466010000053
After that, the
Figure GDA0003021466010000054
Then from the current HkIn deletion, i.e. updating
Figure GDA0003021466010000055
At this time, at
Figure GDA0003021466010000056
Selecting an executive C from the corresponding executive sub-pool to join CcurC at the present timecurIncluding the executable c.
S103, if HkIf there is no candidate physical server, executing S105; otherwise, executing S104;
s104, from HkSelect a physical server
Figure GDA0003021466010000057
According to a predetermined safety gain algorithm, in
Figure GDA0003021466010000058
Determining the executive body C 'which maximizes the system security gain in the corresponding executive body sub-pool, and adding C' into CcurAnd update HkExecuting S106;
s105, traversing all the other executables in the executive body sub-pool where the current executive body is located, determining an executive body C 'which enables the system security gain to be maximum in all the other executive bodies according to a preset security gain algorithm, and adding C' into Ccur
S106, repeatedly executing S103 until CcurThe number of executors in (1) reaches a preset number m.
According to the DNS dynamic scheduling method based on the mimicry domain name server, after the first executive body is randomly selected, the selected executive body is determined based on the security gain between the new executive body and the existing executive body, and therefore the system security gain is maximized.
On the basis of the above embodiment, the method further includes: if judged to obtain CcurIf the abnormal execution body exists, selecting a new execution body from the execution body pool to replace the abnormal execution body.
On the basis of the above embodiment, the selecting a new execution block from the execution block pool to replace the abnormal execution block specifically includes:
s201, determining a physical server p corresponding to the abnormal execution body, and determining the number p of the abnormal execution bodies in the execution body sub-pool corresponding to pmIf p ismIf the value is more than or equal to 2, executing S202, otherwise executing S203;
s202, collecting C from the remaining physical serversresSelecting a physical server ph to replace p, and selecting p from the executive body sub-pool corresponding to ph one by one according to a preset security gain algorithmmImplementation of body replacement C to maximize system security gaincurUpdate C of the abnormal executorres
Specifically, in this step, when selecting the alternative executable, a one-by-one selection manner is adopted, and the principle is similar to that in step S105. For example, if there are 2 abnormal executives Y1 and Y2 in the executor sub-pool P corresponding to P, the process of selecting a replacement executor from the executor sub-pool PH corresponding to PH is as follows:
firstly, traversing all executors in the executor sub-pool PH, determining an executor T1 which enables the system safety gain to be maximum in all the executors according to a preset safety gain algorithm, and then replacing Y1 or Y2 with T1;
then, all executors except T1 in the executor sub-pool PH are traversed again, an executor T2 that maximizes the system security gain is determined among all executors except T1 according to a preset security gain algorithm, and then Y2 or Y1 is replaced with T2.
For example, as shown by a dotted line 2 in fig. 4, if there are 2 abnormal executors on the physical server 3, one physical server i is reselected, and 2 new executors are individually elected from the corresponding executive sub-pool of the physical server to replace the 2 abnormal executors on the physical server 3.
S203, selecting the executive body which enables the system safety gain to be maximum from the executive body sub-pool corresponding to the p according to a preset safety gain algorithm, and replacing the abnormal executive body.
Specifically, as shown by a dashed line 1 in fig. 4, for example, if only one execution entity in the execution entity sub-pool corresponding to the physical server 1 is abnormal, a new execution entity is selected from the execution entity sub-pool to replace the abnormal execution entity.
Fig. 4 is a schematic diagram of a replacement exception handler according to an embodiment of the present invention. According to the DNS dynamic scheduling method based on the mimicry domain name server, when a new executive body is selected to replace an abnormal executive body, the threat that a plurality of executive bodies are invalid due to the fact that an attacker attacks the physical server is prevented by evaluating the safety of the physical server, secondary mimicry defense is actually achieved on the physical server level, and the attacker fails domain name hijacking, cache poisoning, DNS cheating and other attacks through a mimicry defense mechanism.
If C is knowncurSize m, HkThe size k, the number e of abnormal executives, the number h of physical servers, the number s of executives in each physical server, the selection of the executives all adopt a traversal method, and the calculation complexity when the physical servers are off-line is O ((ks-m)e) The computational complexity when the physical server is not offline is O (((h-k) s)e). The security gain of the mimicry architecture is exponentially increased, and under the general condition, a system can be guaranteed to be capable of resisting collaborative or non-collaborative attack based on a bug backdoor with high reliability only by a small number of executors, so that under the general condition, h is equal to or more than 3 and equal to or less than 10, and m is equal to or more than 3 and equal to or less than 10; secondly, considering the performance problem of the physical server, the number of the virtual machines built on the physical server can be limited according to specific conditions, and in general, s is less than or equal to 10; finally, because the mimicry architecture adopts a majority decision algorithm, and the requirement e is less than or equal to m/2, the computational complexity of the method of the invention can be completely accepted, and the requirement of the real-time performance of the system can be met.
On the basis of the foregoing embodiments, the preset security gain algorithm specifically includes: executive x and executiveSafety gain G between rows yxyAccording to the formula
Gxy=σ*ksxy+θ*(kvoxy+koxy)+δ*kvtxy
Determining; wherein theta represents the safety gain of the mimicry domain name server under different operating systems, delta represents the safety gain of the mimicry domain name server under different virtualization software, and sigma represents the safety gain of the mimicry domain name server under different domain name server software;
kvo if the virtual operating system types of execution body x and execution body y are differentxy1, otherwise kvoxy0; ko if the physical operating system types of execution body x and execution body y are differentxy1, or vice versa koxy0; ks if the domain name server software types of executor x and executor y are differentxy1, and vice versa ksxy0; kvt if the virtualization software types of executable x and executable y are differentxy1, otherwise kvtxy=0;
The system security gain is a new executive and the current time CcurThe sum of the security gains between existing executors.
Specifically, for example, the size m of the execution entity set preset by the system is 4, when a new execution entity c3 is selected from the execution entity pool, the current execution entity set is { c1, c2}, and the system security gain G is G31+G32(ii) a When a new execution body c4 is selected from the execution body pool, the current execution body set is { c1, c2, c3}, and the system security gain G ═ G41+G42+G43(ii) a By analogy, the system security gain is a new executive and the current time CcurThe sum of the security gains between existing executors. For example, when a new executable c5 is selected to replace the abnormal executable c1, and the current set of executors is { c2, c3}, the system security gain G-G after the scheduling policy is executed52+G53
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims (3)

1. A DNS dynamic scheduling method based on a mimicry domain name server, wherein the mimicry domain name server comprises a plurality of physical servers and an executive body pool, the executive body pool comprises a plurality of executive body sub-pools, and the method comprises the following steps:
step 1.1, initialize the online executive set Ccur
Step 1.2, gathering C from system physical servershK physical servers are selected to form a candidate physical server set HkFrom HkSelect a physical server
Figure FDA0003095263530000011
In that
Figure FDA0003095263530000012
Selecting an executive C from the corresponding executive sub-pool to join CcurAnd update HkWherein h and k are positive integers, and h is more than or equal to k;
step 1.3, if HkIf no candidate physical server exists, executing step 1.5; otherwise, executing the step 1.4;
step 1.4 from HkSelect a physical server
Figure FDA0003095263530000013
According to a predetermined safety gain algorithm, in
Figure FDA0003095263530000014
Determining the executive body C 'which maximizes the system security gain in the corresponding executive body sub-pool, and adding C' into CcurAnd update HkExecuting the step 1.6;
the preset safety gain algorithm specifically comprises: security gain G between execution entity x and execution entity yxyAccording to the formula
Gxy=σ*ksxy+θ*(kvoxy+koxy)+δ*kvtxy
Determining; wherein theta represents the safety gain of the mimicry domain name server under different operating systems, delta represents the safety gain of the mimicry domain name server under different virtualization software, and sigma represents the safety gain of the mimicry domain name server under different domain name server software;
kvo if the virtual operating system types of execution body x and execution body y are differentxy1, otherwise kvoxy0; ko if the physical operating system types of execution body x and execution body y are differentxy1, or vice versa koxy0; ks if the domain name server software types of executor x and executor y are differentxy1, and vice versa ksxy0; kvt if the virtualization software types of executable x and executable y are differentxy1, otherwise kvtxy=0;
The system security gain is a new executive and the current time CcurThe sum of the security gains between the existing executors;
step 1.5, traversing all the other executives in the executive body sub-pool where the current executant is positioned, determining an executive body C 'which enables the system safety gain to be maximum in all the other executives according to a preset safety gain algorithm, and adding C' into Ccur
Step 1.6, repeatedly executing step 1.3 until CcurThe number of executors in (1) reaches a preset number m.
2. The method of claim 1, further comprising:
if judged to obtain CcurIf the abnormal execution body exists, selecting a new execution body from the execution body pool to replace the abnormal execution body.
3. The method of claim 2, wherein the selecting a new execution block from the pool of execution blocks to replace the abnormal execution block comprises:
step 2.1, determining a physical server p corresponding to the abnormal execution body, and determining the number p of the abnormal execution bodies in the execution body sub-pool corresponding to pmIf p ismIf not less than 2, executing the step 2.2, otherwise executing the step 2.3;
step 2.2, gather C from the remaining physical serversresSelecting a physical server ph to replace p, and selecting p from the executive body sub-pool corresponding to ph one by one according to a preset security gain algorithmmImplementation of body replacement C to maximize system security gaincurUpdate C of the abnormal executorres
And 2.3, selecting an executive body which enables the system safety gain to be maximum from the executive body sub-pool corresponding to the p according to a preset safety gain algorithm, and replacing the abnormal executive body.
CN201810880953.XA 2018-08-04 2018-08-04 Dynamic DNS scheduling method based on mimicry domain name server Active CN108900654B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810880953.XA CN108900654B (en) 2018-08-04 2018-08-04 Dynamic DNS scheduling method based on mimicry domain name server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810880953.XA CN108900654B (en) 2018-08-04 2018-08-04 Dynamic DNS scheduling method based on mimicry domain name server

Publications (2)

Publication Number Publication Date
CN108900654A CN108900654A (en) 2018-11-27
CN108900654B true CN108900654B (en) 2021-07-23

Family

ID=64353227

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810880953.XA Active CN108900654B (en) 2018-08-04 2018-08-04 Dynamic DNS scheduling method based on mimicry domain name server

Country Status (1)

Country Link
CN (1) CN108900654B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109818951B (en) * 2019-01-18 2021-08-03 中国人民解放军战略支援部队信息工程大学 Functional equivalent executive body reliability assessment method and device
CN110011965B (en) * 2019-02-28 2021-09-24 中国人民解放军战略支援部队信息工程大学 Execution body complete non-uniform output arbitration method and device based on credibility
CN110247932A (en) * 2019-07-04 2019-09-17 北京润通丰华科技有限公司 A kind of detection system and method for realizing DNS service defence
CN111628978B (en) * 2020-05-21 2022-02-22 河南信大网御科技有限公司 Mimicry normalization decision making system, method and readable storage medium
CN116455654B (en) * 2023-04-26 2024-05-28 之江奇安科技有限公司 Security reinforcement method, device and equipment for business information system based on endophytic security and readable storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105049419A (en) * 2015-06-19 2015-11-11 中国人民解放军信息工程大学 Mimicry-network step-by-step exchange routing system based on heterogeneous diversity
CN106789360A (en) * 2017-02-15 2017-05-31 中国互联网络信息中心 A kind of DNS flow simulations system
CN106874755A (en) * 2017-01-22 2017-06-20 中国人民解放军信息工程大学 The consistent escape error processing apparatus of majority and its method based on mimicry Prevention-Security zero-day attacks
CN106878254A (en) * 2016-11-16 2017-06-20 国家数字交换***工程技术研究中心 Improve the method and device of DNS securities of system
CN108011994A (en) * 2017-12-15 2018-05-08 网宿科技股份有限公司 A kind of method and system of inquiry DNS records

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9948606B2 (en) * 2015-12-25 2018-04-17 Kn Group, Ghq Enhancing privacy and security on a SDN network using SDN flow based forwarding control

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105049419A (en) * 2015-06-19 2015-11-11 中国人民解放军信息工程大学 Mimicry-network step-by-step exchange routing system based on heterogeneous diversity
CN106878254A (en) * 2016-11-16 2017-06-20 国家数字交换***工程技术研究中心 Improve the method and device of DNS securities of system
CN106874755A (en) * 2017-01-22 2017-06-20 中国人民解放军信息工程大学 The consistent escape error processing apparatus of majority and its method based on mimicry Prevention-Security zero-day attacks
CN106789360A (en) * 2017-02-15 2017-05-31 中国互联网络信息中心 A kind of DNS flow simulations system
CN108011994A (en) * 2017-12-15 2018-05-08 网宿科技股份有限公司 A kind of method and system of inquiry DNS records

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
RESEARCH OF DOMAIN NAME MAPPED IP-ADDRESS;Cuicui Wang,Weimin Li , Fang Liu, Zhenming Lei;《Proceedings ofIC-NIDC2012》;20121231;全文 *
一种基于拟态安全防御的DNS框架设计;王禛鹏,扈红超,程国振;《电子学报》;20171130;全文 *

Also Published As

Publication number Publication date
CN108900654A (en) 2018-11-27

Similar Documents

Publication Publication Date Title
CN108900654B (en) Dynamic DNS scheduling method based on mimicry domain name server
CN110290100B (en) Simulation Web server based on SDN and user request processing method
CN111431946B (en) Mimicry router execution body scheduling method and mimicry router
CN110691107B (en) Endogenous safety user access authentication management system and method
US9483742B1 (en) Intelligent traffic analysis to detect malicious activity
US8843914B1 (en) Distributed update service
US9525697B2 (en) Delivering security functions to distributed networks
US8886929B2 (en) Generating a chain of trust for a virtual endpoint
US8307437B2 (en) Classification of software on networked systems
CN111191229A (en) Power Web application mimicry defense system
CN110166436B (en) Mimicry Web gateway system and method for dynamic scheduling by random selection
CN110673951B (en) Mimicry scheduling method, system and medium for general operation environment
US20070233862A1 (en) Trend analysis based on network admission control fingerprints
CN110166435B (en) Mimicry Web gateway system and method for dynamic scheduling by adopting load balancing
Wu et al. Automated adaptive intrusion containment in systems of interacting services
CN111478970A (en) Power grid Web application mimicry defense system
Ahmed et al. Mayflies: A moving target defense framework for distributed systems
CN111935071B (en) Multilayer mimicry defense method, device, storage medium and multilayer mimicry system
Hong et al. Scalable security models for assessing effectiveness of moving target defenses
Solomon et al. Designing autonomic management systems for cloud computing
Deng et al. A secure container placement strategy using deep reinforcement learning in cloud
CN114448711A (en) Mimicry defense system
CN113490231A (en) Network slice availability guarantee method and device
CN111368307A (en) Active defense method and system
CN116668097A (en) Mimicry HSS network element signaling processing method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant