Abstract
The long-term existence of various vulnerabilities and backdoors in software and hardware makes security threats of the cyberspace more and more serious. Cyberspace mimic defense tries to use uncertain defense to deal with uncertain threat and construct the risk-controlled information system based on components with security flaws. However, mimic defense system is at a preliminary stage of research. It is necessary to pay more attention to the new theory. This paper further expands the ideas from mimic defense system and proposes a typical framework for the system. Then principles of mimic transformation design are explained. This paper also describes concepts of mimic operator and mimic awareness function. Effectiveness of mimic defense system is showed by simulations of mimic defense web server.
Similar content being viewed by others
References
Gai, K., Qiu, M., Ming, Z., Zhao, H., Qiu, L. (2017). Spoofing-jamming attack strategy using optimal power distributions in wireless smart grid networks. IEEE Transactions on Smart Grid, 8(5), 2431–2439.
House, W. (2016). Federal cybersecurity research and development strategic plan.
Gai, K., Qiu, M., Tao, L., Zhu, Y. (2016). Intrusion detection techniques for mobile cloud computing in heterogeneous 5G. Security and Communication Networks, 9(16), 3049–3058.
Adams, M., Hitefield, S., Hoy, B., Fowler, M., Clancy, T. (2013). Application of cybernetics and control theory for a new paradigm in cybersecurity. arXiv:1311.0257.
Gai, K., & Qiu, M. (2017). Blend arithmetic operations on tensor-based fully homomorphic encryption over real numbers. IEEE Transactions on Industrial Informatics, 14(8), 3590–3598.
Lye, K., & Wing, J. (2005). Game strategies in network security. International Journal of Information Security, 4(1-2), 71–86.
Mahimkar, A., & Shmatikov, V. (2005). Game-based analysis of denial-of-service prevention protocols. In 18th IEEE computer security foundations workshop (CSFW’05) (pp. 287–301): IEEE.
Bencsáth, B., Vajda, I., Buttyán, L. (2003). A game based analysis of the client puzzle approach to defend against dos attacks. In Proceedings of SoftCOM, (Vol. 11 pp. 763–767).
Xu, J., & Lee, W. (2003). Sustaining availability of web services under distributed denial of service attacks. IEEE Transactions on Computers, 52(2), 195–208.
Browne, R. (2000). C4i defensive infrastructure for survivability against multi-mode attacks. In MILCOM 2000 Proceedings. 21st century military communications. Architectures and technologies for information superiority (cat. no. 00CH37155), (Vol. 1 pp. 417–424): IEEE.
Kim, J., & Bentley, P. (2002). Towards an artificial immune system for network intrusion detection An investigation of dynamic clonal selection. In Proceedings of the 2002 Congress on Evolutionary Computation. CEC’02 (Cat. No. 02TH8600), (Vol. 2 pp. 1015–1020).
Kim, J., & Bentley, P. (2002). Immune memory in the dynamic clonal selection algorithm. In Proceedings of the first international conference on artificial immune systems ICARIS (pp. 59–67): Citeseer.
Hofmeyr, S., & Forrest, S. (2000). Architecture for an artificial immune system. Evolutionary computation, 8(4), 443–473.
Qiu, H., Qiu, M., Lu, Z., Memmi, G. (2019). An efficient key distribution system for data fusion in v2x heterogeneous networks. Information Fusion, 50, 212–220.
Qiu, H., Noura, H., Qiu, M., Ming, Z., Memmi, G. (2019). A user-centric data protection method for cloud storage based on invertible dwt. IEEE Transactions on Cloud Computing, p 1–1.
Zhang, C., & Zheng, Z. (2019). Task migration for mobile edge computing using deep reinforcement learning. Future Generation Computer Systems, 96, 111–118.
Gai, K., Wu, Y., Zhu, Z., Qiu, M., Shen, M. (2019). Privacy-preserving energy trading using consortium blockchain in smart grid. IEEE Transactions on Industrial Informatics, PP(99), 1.
Gai, K., Wu, Y., Zhu, L., Xu, L., Zhang, Y. (2019). Permissioned blockchain and edge computing empowered privacy-preserving smart grid networks. IEEE Internet of Things Journal, PP(99), 1.
National Science and Technology Council. (2011). Trustworthy cyberspace: strategic plan for the federal cybersecurity research and development program.
Hu, H., Wu, J., Wang, Z., Cheng, G. (2017). Mimic defense: a designed-in cybersecurity defense framework. IET Information Security, 12(3), 226–237.
Wu, J. (2017). Introduction to cyberspace mimic defense. Science Press.
House, W. (2011). Trustworthy cyberspace: Strategic plan for the federal cyber security research and development program. Report of the National Science and Technology Council, Executive Office of the President.
Lu, K., Song, C., Lee, B., Chung, S., Kim, T., Lee, W. (2015). Aslr-guard: Stopping address space leakage for code reuse attacks. In Proceedings of the 22nd ACM SIGSAC conference on computer and communications security (pp. 280–291): ACM.
Wang, Q., Wang, C., Li, J., Ren, K., Lou, W. (2009). Enabling public verifiability and data dynamics for storage security in cloud computing. In European symposium on research in computer security (pp. 355–370): Springer.
Neti, S., Somayaji, A., Locasto, M. (2012). Software diversity: Security, entropy and game theory. In Proceeding of HotSec (pp. 5–10).
Zhuang, R., DeLoach, S., Ou, X. (2014). A model for analyzing the effect of moving target defenses on enterprise networks. In Proceedings of the 9th annual cyber and information security research conference (pp. 73–76): ACM.
Zhuang, R., Bardas, A., DeLoach, S., Ou, X. (2015). A theory of cyber attacks: a step towards analyzing mtd systems. In Proceedings of the second ACM workshop on moving target defense (pp. 11–20): ACM.
Carter, K., Riordan, J., Okhravi, H. (2014). A game theoretic approach to strategy determination for dynamic platform defenses. In Proceedings of the first ACM workshop on moving target defense (pp. 21–30): ACM.
Cybenko, G., & Hughes, J. (2014). No free lunch in cyber security. In MTD @ CCS (pp. 1–12).
Hong, J., & Kim, D. (2016). Assessing the effectiveness of moving target defenses using security models. IEEE Transactions on Dependable and Secure Computing, 13(2), 163–177.
Pradhan, D., & et al. (1996). Fault-tolerant computer system design Vol. 132. Englewood Cliffs: Prentice-Hall.
Tong, Q., Zhang, Z., Zhang, W., Wu, J. (2017). Design and implementation of mimic defense web server. Journal of Software, 28(4), 883–897.
Zhang, Z., Ma, B., WU, J. (2017). The test and analysis of prototype of mimic defense in web servers. Journal of Cyber Security, 2(1), 13–28.
Acknowledgements
This work was supported by National Key Research Program of China (2016YFB0800101, 2016YF0800100) and Innovative Research Groups of the National Natural Science Foundation of China (61521003).
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Li, G., Wang, W., Gai, K. et al. A Framework for Mimic Defense System in Cyberspace. J Sign Process Syst 93, 169–185 (2021). https://doi.org/10.1007/s11265-019-01473-6
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11265-019-01473-6