Research Of Model And Algorithm Of ITS Based On Proactive-Reactive Mechanism

The aim of traditional system security is mainly to construct a system with defensive mechanism, so as to protect system from being invaded illegally by the attacker. The practical experience indicates that there are lots of new and unknown cyber attack ways and methods in the Internet, and most of systems still have quite a few weakness and bugs. Then, for the consideration of emphasizing to protect basic cyber applications, it needs to search for new defensive method against invasion. Intrusion tolerance technique comes into being under this situation. In recent ten years, intrusion tolerance technique has being researched by experts and researchers from many different countries with lots of research result, such as Stroud R. proposed MAFTIA model with some other guys, Feiyi Wang proposed SITAR model. Some scholars introduced Virtualization technology into the research of intrusion tolerance technique, and put forward SCIT model and RWS model in recent years. All these secure models have much more standout features rather than traditional information protection mechanism, and it can improve the cyber security level in some degree. But there are still much defects in the models, for example, each model is based on a certain drive protection mechanism with a defect of single apply, the requirements for replication and diversity will enhance the difficulty of management and cost problems etc.According to the problems existing in the intrusion tolerance model above, under the base of the research of virtualization technology, this paper proposes a new virtual proactive and reactive based intrusion tolerance model (V-PRSCIT), it can overcome the defects and shortages of the current intrusion tolerance secure model well. First, it adds the proactive and reactive mechanism, and then the simplex applied problem can be solved, and gets a full direction and three-dimensional protective mechanism. Second, it integrates intrusion tolerance with IDS and IPS, then it constructs a multi-layer defensive architecture, and it has a good defensive and protective function for the traditional attacks and unknown attacks. Third, introducing virtualization technology into this architecture, it overcomes problems of maintenance and cost of servers cluster and improves the utilization rate of resources, increases a layer of protective barriers in the underlying layer. This paper designed control system architecture of V-PRSCIT model, and realized operation scheduling algorithm for this architecture. Finally, the two typical network application services have been added to the new security defense architecture, and conducted a series of simulated experiments, the result proved that V-PRSCIT model and algorithm are reasonable and feasible.