拟态防御技术结合软件多样化在软件安全产业中的应用
随着互联网的飞速发展,计算机软件全球化的进程不断推进。大量相同软件安装在数以万计的计算机中,容易导致黑客利用软件的漏洞,攻击安装了该软件的所有计算机。传统的软件安全措施是依靠对漏洞进行修补,其只能起到亡羊补牢的作用。软件多样化技术可以使这种情况得到缓解,但其并没有从根本上消除漏洞带来的威胁。本文提出将拟态防御技术与软件多样化技术相结合应用于软件安全产业,可以消除漏洞带来的威胁。...
Saved in:
| Published in | 中国工程科学 Vol. 18; no. 6; pp. 74 - 78 |
|---|---|
| Main Author | |
| Format | Journal Article |
| Language | Chinese |
| Published |
中国工程院战略咨询中心
01.06.2016
高等教育出版社有限公司 中国人民解放军信息工程大学数学工程与先进计算国家重点实验室,郑州,450001%中国人民解放军信息工程大学国家数字交换系统工程技术研究中心,郑州,450002 |
| Subjects | |
| Online Access | Get full text |
| ISSN | 1009-1742 2096-0034 |
| DOI | 10.15302/J-SSCAE-2016.06.015 |
Cover
| Summary: | 随着互联网的飞速发展,计算机软件全球化的进程不断推进。大量相同软件安装在数以万计的计算机中,容易导致黑客利用软件的漏洞,攻击安装了该软件的所有计算机。传统的软件安全措施是依靠对漏洞进行修补,其只能起到亡羊补牢的作用。软件多样化技术可以使这种情况得到缓解,但其并没有从根本上消除漏洞带来的威胁。本文提出将拟态防御技术与软件多样化技术相结合应用于软件安全产业,可以消除漏洞带来的威胁。 |
|---|---|
| Bibliography: | With the development of the Internet, the process of computer software globalization continues to push forward. For widely used software, anidentical binary code is installed on millions of computers; sometimes even hundreds of millions. This makes widespread exploitation easy and attractive for an attacker because the same attack vector is likely to succeed on a large number of targets. Traditional software security methods can only counter the threat temporarily, and cannot eliminate essential vulnerabilities. This paper proposes a scheme of combining software diversity with mimic defense in the software security industry. software diversity; mimic defense; software security product 11-4421/G3 Pang Jianmin1, Zhang Yujia1, Zhang Zheng1, Wu Jiangxing2 (1. State Key Laboratory of Mathematical Engineering and Advanced Computing, The PLA Information Engineering University, Zhengzhou 450001, China; 2. National Digital Switching System Engineering & Technological R&D Center, The PLA Information Engineering University |
| ISSN: | 1009-1742 2096-0034 |
| DOI: | 10.15302/J-SSCAE-2016.06.015 |