Research On Mimic Defense Mechanism And Key Technologies In Information Communication Networks

At present,as the fifth-dimension space after land,sea,sky and sky,the information communication network has been transformed from the traditional single consumption information system into a major infrastructure highly related to the national economy and social development.It radiates all aspects of human production,life,social activities and even ideology,and has a profound impact on the political,economic and military affairs of all countries in the world.Various emerging technologies,especially software-defined Networking(SDN),Network Function Virtualization(NFV),Cloud Computing(CC)are flourishing and widely used,making information and communication networks show unprecedented vitality.However,with the rapid expansion of the scale of information communication networks and the huge complexity of various network elements,especially under the wave of the globalization of information technology,all kinds of network software/hardware systems are vulnerable to "toxic pollution".It makes the uncertain disturbance problems such as network node or link failure and vulnerability backdoor prominent in recent years.Therefore,the robustness and security of information communication network have become urgent problems.To solve this problem,relevant researchers have proposed various solutions in the early stage,such as honeypot technology,linkage Defense,intrusion tolerance technology,sandbox isolation Defense,credible calculation,Moving Target Defense(MTD).However,the above schemes have certain limitations,especially it is difficult to defend against uncertain failures and unknown cyber threats caused by unknown vulnerabilities and backdoors.Cyberspace Mimic Defense(CMD),as a new endogenous security technology,can solve the problem of certain or uncertain threats based on vulnerability backdoors or virus trojans on target objects in different fields of cyberspace by introducing dynamic heterogeneous redundancy architecture and negative feedback control mechanism.In recent years,cyber mimicry defense has made a lot of innovative achievements in theoretical research,technological research and demonstration application.With the further development of mimicry defense technology in cyberspace,it is of great significance to change the security defense dilemma of information communication networks.Based on the above considerations,this paper makes an in-depth study on mimicry defense mechanism and key technologies in information communication networks.Firstly,we introduce a mimic defense strategy evaluation method based on game model.Based on this,we further apply the mimic defense idea to the control layer and service layer of the information communication network,and achieve the security objectives of "network robust control" and "service robust provision".The main research results of this paper are as follows:1.Based on the FlipIt game model commonly used in advanced persistent threat analysis in recent years,we propose an improved game model M-flipit for offense and defense in mimic defense scenarios.We analyze the security of mimic defense system of information communication network under advanced persistent threat.By discussing the variation of defender’s and attacker’s gains under completely heterogeneous and finite heterogeneous conditions,we propose a dynamic scheduling strategy for mimic defense under different heterogeneous conditions to achieve a good balance between heterogeneity and dynamics.2.In order to solve the problem that heterogeneous controllers in the information communication network control layer are diverse and difficult to evaluate,we propose a method for evaluating the heterogeneity of controllers based on Analytical Network Process(ANP),which not only considers the selection conditions,but also considers each function of the controllers.It thus determines a multi-decision criterion for selecting heterogeneous controllers in mimic defense.First,we use ANP to perform a function-based controller evaluation.Then the performance of two controllers with high priority is compared in terms of jitter and end-to-end delay.Finally,the controller with the optimal function and the optimal quality of service is determined.The simulation results show that the proposed method can select the controller with the required heterogeneous functions well according to the constraint matrix calculated based on ANP.3.In order to solve the problem that the control layer is vulnerable to attack caused by centralized control in information communication network,we propose a control layer security mechanism based on mimic defense.We introduce the consensus mechanism,which uses multiple heterogeneous equivalent controllers to simultaneously process data layer requests,and detect whether the master controller has malicious behavior by comparing their flow table entries.Among them,we focus on how to compare the flow table items of multiple heterogeneous controllers at the semantic level to solve their differences in syntax.The security mechanism does not depend on the prior knowledge of malicious behavior.The experimental results verify the effectiveness and good performance of malicious behavior detection.4.In order to deal with the risk of malicious attack and random failure of the virtual network function in the information communication network service layer,we propose a method of service function chain deployment that supports node segmentation and heterogeneous backup.This method introduces the split of virtual network function nodes and mimic defense,establishes an optimization model to minimize the cost of link resources under the constraint of service function chain deployment,and designs a service function chain deployment algorithm based on tolerant hierarchical sequence and greedy selection.Experimental results show that compared with the traditional redundant backup deployment method,the proposed method can greatly improve the anti-attack performance of the service function chain,and at the same time reduce the computational resource cost by 17% and link bandwidth resource cost by 10%.This paper is based on national natural science fund project – Research on the Generalized Robust Control Meachism of Information Communication Network.The related research results can provide technical support for network space mimic,expand the mimic defense in the new research direction in the field of information and communication network and application.