一种基于遗传算法的计算机动态防御方法A Computer Dynamic Defense Method Based on Genetic Algorithms
高雁翔
摘要(Abstract):
计算机中的动态防御是指通过改变计算机的多个系统参数来产生多样性,从而提高计算机系统的安全性.然而,在一个包含多台功能相似的计算机架构下,要保证任意两台计算机不能同时出现相同的配置和潜在的漏洞却非易事.根据上述问题提出一种基于遗传算法的动态防御方法,能发现满足瞬时空间多样性的计算机配置.将计算机配置模拟成染色体,具体的配置参数相当于基因,经过遗传算法的交叉和变异过程迭代生成的配置往往具有高安全性和多样性的特点.仿真结果表明该方法能在拥有多台功能相似的大型计算机架构中实现动态防御效果.
关键词(KeyWords): 计算机;动态防御;遗传算法
基金项目(Foundation):
作者(Author): 高雁翔
DOI: 10.16393/j.cnki.37-1436/z.2019.05.013
参考文献(References):
- [1]Lin J,Guo Y D,Man Y J,et al.Executable Program Code Segment Address Randomization[C]//International Conference on Computer Science&Applications.IEEE,2017.
- [2]Nurmukhametov A R,Zhabotinskiy E A,Kurmangaleev S F,et al.Fine-Grained Address Space Layout Randomization on Program Load[J].Programming and Computer Software,2018,44(5):363-370.
- [3]Célestin Matte,Cunche M,Rousseau F,et al.Defeating MAC Address Randomization Through Timing Attacks[C]//Acm Conference on Security&Privacy in Wireless&Mobile Networks.2016.
- [4]S.Stolfo,S.M.Bellovin,D.Evans.Measuring security[J].IEEE Security and Privacy,2011,9:60-65.
- [5]李琦,张静文,王帅.面向对象技术实现求解RCPSP的遗传算法[J].计算机应用与软件,2017,34(9):1-4.
- [6]Kycyman E.Discovering Correctness Constraints for SelfManagement of System Configuration[C]//Proceedings of the First International Conference on Autonomic Computing.IEEE Computer Society,2004.
- [7]Zhen H,Lie D.SAIC:Identifying Configuration Files for System Configuration Management[J].2017(03):1711.
- [8]Wang Y M,Verbowski C,Dunagan J,et al.STRIDER:A Black-box,State-based Approach to Change and Configuration Management and Support[J].Science of Computer Programming,2003,53(2):143-164.
- [9]Montanari M,Campbell R H.Multi-aspect security configuration assessment[C]//Acm Workshop on Assurable&Usable Security Configuration.ACM,2009.
- [10]刘渊,杨永辉,张春瑞,等.一种基于遗传算法的Fuzzing测试用例生成新方法[J].电子学报,2017,45(3):552-556.