摘要: 随着网电空间战略地位的提高,其对抗技术已成为研究的热点。针对网电空间对抗建模问题,以典型的网电空间蠕虫为研究对象,采用建立蠕虫攻击传播模型和蠕虫防御模型的方法,对基于蠕虫的网电空间攻防对抗建模技术进行研究。分析蠕虫扫描策略及目的不可达报文检测方法,建立基于选择性随机扫描策略的蠕虫传播模型。在该模型的基础上,提出基于蠕虫签名的防御方法及改进措施,并设计蠕虫综合对抗模型。仿真结果表明,与基于签名的防御方法相比,综合防御方法能更有效地抑制蠕虫传播。
关键词:
网电空间,
网络蠕虫,
蠕虫传播模型,
数字签名,
综合防御,
攻防对抗
Abstract: With the improvement of the strategic position of cyberspace, the technology of network countermeasure becomes a research focus in cyberspace. In order to overcome the problem of building the coutermeasure model in cyberspce, this paper takes worm as research object and researches the attack-defense countermeasure technology based on building the worm propagation model and the worm defense model. Firstly, a worm propagation model based on the strategy of selective-random scan is built by the analysis of the scanning strategy and the detection method. Then, at the basis of the worm propagation model, the defense method of Internet worm and improvement measures is proposed with the worm signature. In the end, this paper builds a comprehensive-countermeasure model. Simulation experimental result shows that the method of comprehensive defense can inhibit worm propagation more effectively than the method of the worm signature technology.
Key words:
cyberspace,
network worm,
worm propagation model,
digital signature,
integrated defense,
attack-defense countermeasure
中图分类号: