Skip to main content
SpringerLink
Log in

A Framework for Mimic Defense System in Cyberspace

  • Published:
Journal of Signal Processing Systems Aims and scope Submit manuscript

Abstract

The long-term existence of various vulnerabilities and backdoors in software and hardware makes security threats of the cyberspace more and more serious. Cyberspace mimic defense tries to use uncertain defense to deal with uncertain threat and construct the risk-controlled information system based on components with security flaws. However, mimic defense system is at a preliminary stage of research. It is necessary to pay more attention to the new theory. This paper further expands the ideas from mimic defense system and proposes a typical framework for the system. Then principles of mimic transformation design are explained. This paper also describes concepts of mimic operator and mimic awareness function. Effectiveness of mimic defense system is showed by simulations of mimic defense web server.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Figure 1
Figure 2
Figure 3
Figure 4
Figure 5
Figure 6

Similar content being viewed by others

References

  1. Gai, K., Qiu, M., Ming, Z., Zhao, H., Qiu, L. (2017). Spoofing-jamming attack strategy using optimal power distributions in wireless smart grid networks. IEEE Transactions on Smart Grid, 8(5), 2431–2439.

    Article  Google Scholar 

  2. House, W. (2016). Federal cybersecurity research and development strategic plan.

  3. Gai, K., Qiu, M., Tao, L., Zhu, Y. (2016). Intrusion detection techniques for mobile cloud computing in heterogeneous 5G. Security and Communication Networks, 9(16), 3049–3058.

    Article  Google Scholar 

  4. Adams, M., Hitefield, S., Hoy, B., Fowler, M., Clancy, T. (2013). Application of cybernetics and control theory for a new paradigm in cybersecurity. arXiv:1311.0257.

  5. Gai, K., & Qiu, M. (2017). Blend arithmetic operations on tensor-based fully homomorphic encryption over real numbers. IEEE Transactions on Industrial Informatics, 14(8), 3590–3598.

    Article  Google Scholar 

  6. Lye, K., & Wing, J. (2005). Game strategies in network security. International Journal of Information Security, 4(1-2), 71–86.

    Article  Google Scholar 

  7. Mahimkar, A., & Shmatikov, V. (2005). Game-based analysis of denial-of-service prevention protocols. In 18th IEEE computer security foundations workshop (CSFW’05) (pp. 287–301): IEEE.

  8. Bencsáth, B., Vajda, I., Buttyán, L. (2003). A game based analysis of the client puzzle approach to defend against dos attacks. In Proceedings of SoftCOM, (Vol. 11 pp. 763–767).

  9. Xu, J., & Lee, W. (2003). Sustaining availability of web services under distributed denial of service attacks. IEEE Transactions on Computers, 52(2), 195–208.

    Article  Google Scholar 

  10. Browne, R. (2000). C4i defensive infrastructure for survivability against multi-mode attacks. In MILCOM 2000 Proceedings. 21st century military communications. Architectures and technologies for information superiority (cat. no. 00CH37155), (Vol. 1 pp. 417–424): IEEE.

  11. Kim, J., & Bentley, P. (2002). Towards an artificial immune system for network intrusion detection An investigation of dynamic clonal selection. In Proceedings of the 2002 Congress on Evolutionary Computation. CEC’02 (Cat. No. 02TH8600), (Vol. 2 pp. 1015–1020).

  12. Kim, J., & Bentley, P. (2002). Immune memory in the dynamic clonal selection algorithm. In Proceedings of the first international conference on artificial immune systems ICARIS (pp. 59–67): Citeseer.

  13. Hofmeyr, S., & Forrest, S. (2000). Architecture for an artificial immune system. Evolutionary computation, 8(4), 443–473.

    Article  Google Scholar 

  14. Qiu, H., Qiu, M., Lu, Z., Memmi, G. (2019). An efficient key distribution system for data fusion in v2x heterogeneous networks. Information Fusion, 50, 212–220.

    Article  Google Scholar 

  15. Qiu, H., Noura, H., Qiu, M., Ming, Z., Memmi, G. (2019). A user-centric data protection method for cloud storage based on invertible dwt. IEEE Transactions on Cloud Computing, p 1–1.

  16. Zhang, C., & Zheng, Z. (2019). Task migration for mobile edge computing using deep reinforcement learning. Future Generation Computer Systems, 96, 111–118.

    Article  Google Scholar 

  17. Gai, K., Wu, Y., Zhu, Z., Qiu, M., Shen, M. (2019). Privacy-preserving energy trading using consortium blockchain in smart grid. IEEE Transactions on Industrial Informatics, PP(99), 1.

    Google Scholar 

  18. Gai, K., Wu, Y., Zhu, L., Xu, L., Zhang, Y. (2019). Permissioned blockchain and edge computing empowered privacy-preserving smart grid networks. IEEE Internet of Things Journal, PP(99), 1.

    Google Scholar 

  19. National Science and Technology Council. (2011). Trustworthy cyberspace: strategic plan for the federal cybersecurity research and development program.

  20. Hu, H., Wu, J., Wang, Z., Cheng, G. (2017). Mimic defense: a designed-in cybersecurity defense framework. IET Information Security, 12(3), 226–237.

    Article  Google Scholar 

  21. Wu, J. (2017). Introduction to cyberspace mimic defense. Science Press.

  22. House, W. (2011). Trustworthy cyberspace: Strategic plan for the federal cyber security research and development program. Report of the National Science and Technology Council, Executive Office of the President.

  23. Lu, K., Song, C., Lee, B., Chung, S., Kim, T., Lee, W. (2015). Aslr-guard: Stopping address space leakage for code reuse attacks. In Proceedings of the 22nd ACM SIGSAC conference on computer and communications security (pp. 280–291): ACM.

  24. Wang, Q., Wang, C., Li, J., Ren, K., Lou, W. (2009). Enabling public verifiability and data dynamics for storage security in cloud computing. In European symposium on research in computer security (pp. 355–370): Springer.

  25. Neti, S., Somayaji, A., Locasto, M. (2012). Software diversity: Security, entropy and game theory. In Proceeding of HotSec (pp. 5–10).

  26. Zhuang, R., DeLoach, S., Ou, X. (2014). A model for analyzing the effect of moving target defenses on enterprise networks. In Proceedings of the 9th annual cyber and information security research conference (pp. 73–76): ACM.

  27. Zhuang, R., Bardas, A., DeLoach, S., Ou, X. (2015). A theory of cyber attacks: a step towards analyzing mtd systems. In Proceedings of the second ACM workshop on moving target defense (pp. 11–20): ACM.

  28. Carter, K., Riordan, J., Okhravi, H. (2014). A game theoretic approach to strategy determination for dynamic platform defenses. In Proceedings of the first ACM workshop on moving target defense (pp. 21–30): ACM.

  29. Cybenko, G., & Hughes, J. (2014). No free lunch in cyber security. In MTD @ CCS (pp. 1–12).

  30. Hong, J., & Kim, D. (2016). Assessing the effectiveness of moving target defenses using security models. IEEE Transactions on Dependable and Secure Computing, 13(2), 163–177.

    Article  Google Scholar 

  31. Pradhan, D., & et al. (1996). Fault-tolerant computer system design Vol. 132. Englewood Cliffs: Prentice-Hall.

    Google Scholar 

  32. Tong, Q., Zhang, Z., Zhang, W., Wu, J. (2017). Design and implementation of mimic defense web server. Journal of Software, 28(4), 883–897.

    Google Scholar 

  33. Zhang, Z., Ma, B., WU, J. (2017). The test and analysis of prototype of mimic defense in web servers. Journal of Cyber Security, 2(1), 13–28.

    Google Scholar 

Download references

Acknowledgements

This work was supported by National Key Research Program of China (2016YFB0800101, 2016YF0800100) and Innovative Research Groups of the National Natural Science Foundation of China (61521003).

Author information

Authors and Affiliations

  1. State Key Laboratory of Mathematical Engineering and Advanced Computing, Information Engineering University, Zhengzhou, Henan, 450001, People’s Republic of China

    Guangsong Li, Wei Wang, Benchao Yang & Xueming Si

  2. School of Computer Science and Technology, Beijing Institute of Technology, Beijing, 100081, People’s Republic of China

    Keke Gai

  3. School of Computer Science and Technology, Xi’an Jiaotong University, Xi’an, Shaanxi, 710049, People’s Republic of China

    Yazhe Tang

Authors
  1. Guangsong Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Wei Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Keke Gai
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yazhe Tang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Benchao Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Xueming Si
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Keke Gai.

Additional information

Publisher’s Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Li, G., Wang, W., Gai, K. et al. A Framework for Mimic Defense System in Cyberspace. J Sign Process Syst 93, 169–185 (2021). https://doi.org/10.1007/s11265-019-01473-6

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11265-019-01473-6

Keywords

Search

Navigation