Research On Dynamic Scheduling Algorithm For Mimic Defense Architecture

The rapid development of information technology has made security issues more serious.Traditional defense systems have been unable to cope with unknown security issues due to their deterministic and static nature.This imbalanced status of cyberspace is constantly threatening various industries.In order to change this passive situation,Academician Wu has proposed an active defense architecture,namely Cyber Mimic Defense(CMD).CMD has three characteristics: dynamic,heterogeneous,and redundant.It targets unknown attack behaviors and causes uncertain changes in the system,so that it is difficult for attackers to achieve their goals.As an important part in the mimic defense,the dynamic scheduling algorithm realizes the dynamic change of the execution entity.Once the transformation rule is grasped by the attacker,the dynamic heterogeneous space will be degraded into the static heterogeneous space.Therefore,the dynamic scheduling algorithm is particularly important,which determines the security and reliability of the mimic defense.This paper is oriented to the mimic defense architecture.Firstly,the security mechanism of the dynamic heterogeneous redundant structure is analyzed,and the security analysis model of the mimic defense is proposed.Secondly,in view of the passive scheduling and large scheduling granularity of existing scheduling algorithms,a scheduling algorithm based on time threshold and task threshold is proposed which are combined with the random threshold generation method.Therefore,dynamic randomness of the mimic defense is realized from two different dimensions.Finally,in order to further strengthen the dynamic heterogeneous redundancy feature and improve the reliability of the mimic defense,minimum similarity algorithm for the initialization of the service set is given.Then,so as to make up for the shortcomings of the threshold-based scheduling algorithm,scheduling algorithm based on multi-level queue is proposed by combining time threshold and random threshold.Aiming at the three scheduling algorithms proposed in this paper,they compare with other scheduling algorithms by simulating.The analysis results show that the scheduling algorithm based on multi-level queue can take security and reliability into account,and has better dynamic diversity.It has better dynamic heterogeneous redundancy characteristics,which can effectively prevent the transformation rules of executive entities from being mastered by attackers.However,the shortcoming is that the scheduling process is complex and it requires high system performance.