Abstract
The security of the dynamic heterogeneous redundancy (DHR) architecture relies on the heterogeneity of its executors, which also defines the vulnerability of the mimic system. In order to select executors with reliable and significant dissimilarity as service executors, we propose a DHR executor selection algorithm based on historical credibility and dissimilarity clustering (HCDC), which adds two metrics of executor historical credibility and dissimilarity. First, to maximize the difference between heterogeneous executor pools, clustering is performed based on the dissimilarity of the executor. Second, the executor with the highest historical credibility is selected from the heterogeneous executor pool as the candidate pool. The historical credibility is dynamically updated by the negative feedback control based on the results of the multi-mode adjudicator. Finally, the dynamic scheduling algorithm selects the executors from the candidate pool to form the set of service executors. The simulation results demonstrate that, in comparison to existing methods, the algorithm reduces the attack success rate and average failure rate while increasing system reliability.
Similar content being viewed by others
References
Wu Z, Wei J. Heterogeneous executors scheduling algorithm for mimic defense systems. In: Proceedings of the 2nd International Conference on Computer and Communication Engineering Technology (CCET), 2019. 279–284
Song K, Liu Q R, Wei S, et al. Endogenous security architecture of Ethernet switch based on mimic defense. J Commun, 2020, 41: 18–26
Ren Q, Wu J X, He L. Performance modeling based on GSPN for cyberspace mimic DNS. Chin J Electron, 2020, 29: 738–749
Wu J X. Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats. Berlin: Springer Science & Business Media, 2011
Wu J X. Research on cyber mimic defense. J Cyber Secur, 2016, 1: 1–10
Wu J X. Endogenous Safety and Security in Cyberspace: Mimic Defense and Generalized Robust Control. Beijing: Science Press, 2020
Wu J X. Development paradigms of cyberspace endogenous safety and security. Sci China Inf Sci, 2022, 65: 156301
Wu J X. Cyberspace endogenous safety and security. Engineering, 2022, 15: 179–185
Hu H C, Chen F C, Wang Z P. Performance evaluations on DHR for cyberspace mimic defense. J Cyber Secur, 2016, 1: 1–10
Tong Q, Zhang Z, Zhang W H, et al. Design and implementation of mimic defense Web server. J softw, 2017, 28: 883–0897
Tong Q, Guo Y F. A comprehensive evaluation of diversity systems based on mimic defense. Sci China Inf Sci, 2021, 64: 229304
Zhang Z, Ma B L, Wu J X. The test and analysis of prototype of mimic defense in Web servers. J Cyber Secur, 2017, 2: 13–28
Zhu Z B, Liu Q R, Liu D P, et al. Research progress of mimic multi-executive scheduling algorithms. J Commun, 2021, 42: 179–190
Zhang J X, Pang J M, Zhang Z, et al. Heterogeneity quantization method of cyberspace security system based on dissimilar redundancy structure. J Electron Inf Technol, 2019, 41: 1594–1600
Zhang J X, Pang J M, Zhang Z. Quantification method for heterogeneity on Web server with mimic construction. J Softw, 2020, 31: 564–577
Wu T, Hu C N, Chen Q N, et al, Defense-enhanced dynamic heterogeneous redundancy architecture based on execution partition. J Commun, 2021, 42: 122–134
Liu Q R, Lin S J, Gu Z Y. Heterogeneous redundancies scheduling algorithm for mimic security defense. J Commun, 2018, 39: 188–198
Ma H L, Yi P, Jiang Y M, et al. Dynamic heterogeneous redundancy based router architecture with mimic defenses. J Cyber Secur, 2017, 2: 29–42
Lv Y Y, Guo Y F, Wang Z P, et al. Negative feedback scheduling algorithm based on historical information in SDN. Chinese J Netw Inf Secur, 2018, 4: 45–51
Wu Z Q, Wei J. Heterogeneous executors scheduling algorithm for mimic defense systems. In: Proceedings of the 2nd International Conference on Computer and Communication Engineering, Piscataway, 2019. 279–284
Shen C Q, Chen S X, Wu C M, et al. Adaptive mimic defensive controller framework based on reputation and dissimilarity. J Commun, 2018, 39: 173–180
Yao W B, Yang X Z. Design of selective algorithm for diverse software components. J Harbin Inst Technol, 2003, 35: 261–264
Acknowledgements
This work was supported by National Natural Science Foundation of China (Grant Nos. 62076139, 621762-64), Natural Science Foundation of Jiangsu Province (Higher Education Institutions) (Grant Nos. BK20170900, 19KJB520046, 20KJA520001), Innovative and Entrepreneurial Talents Projects of Jiangsu Province, Jiangsu Planned Projects for Postdoctoral Research Funds (Grant No. 2019K024), Six Talent Peak Projects in Jiangsu Province (Grant No. JY02), Postgraduate Research & Practice Innovation Program of Jiangsu Province (Grant Nos. KYCX19_0921, KYCX19_0906), Open Research Project of Zhejiang Lab (Grant No. 2021KF0AB05), and NUPT DingShan Scholar Project and NUPTSF (Grant No. NY219132).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Shao, S., Ji, Y., Zhang, W. et al. A DHR executor selection algorithm based on historical credibility and dissimilarity clustering. Sci. China Inf. Sci. 66, 212304 (2023). https://doi.org/10.1007/s11432-022-3635-2
Received:
Revised:
Accepted:
Published:
DOI: https://doi.org/10.1007/s11432-022-3635-2