Research On Mimic Defensive Technology For Web Application

The deepening of digital reform and the promotion of online services,such as online learning and online office based on Web and Web APP,while we enjoy convenience,the operating environment of Web tends to increase sharply.The current application security mainly exhibits the following characteristics.Attack behaviors tend to be automated,intelligent,and collaborative,the attack surface is getting increasingly bigger with the gradually growing Web supply chain.Vulnerabilities exist objectively and cannot be completely eradicated.Current defense methods which are based on prior knowledge are ineffective in the face of unknown threats and attacks.The mimic defense theory proposed by our country’s researchers has inherent advantages to these unknown network security problems.However,since the mimic defense technology is temporarily in its infancy,there are still some problems to be solved urgently in the protection scenario of applications: What is the theoretical support for mimic defense;How classic mimic defense model is adapted for Web applications;How to adjust the existing mimic modules to be suitable for Web applications;How to verify that mimic defense mechanism is suitable for web applications.In view of the above-mentioned key problems and challenges,this paper studies the mimic defense technology towards Web applications.The specific research contents and contributions are as follows:·Analysis of the resource adversarial model of the new active defense framework.The ordinary differential dynamic system is introduced to express the dynamic and structural characteristics of the new active defense framework based on mimic defense,focusing on transforming some complex network attack and defense problems into simple and accurately defined resource adversarial models through ordinary differential equations.From this,a comprehensive and in-depth assessment of the key constructs of mimic defense and other active defenses can be obtained.·Research on mimic defense modeling based on heterogeneous redundancy architecture.Based on the current attack chain of Web applications under attacks,it analyzes and discovers the characteristics and vulnerabilities of attack behaviors,and realizes the defense of important places by constructing a dynamic,heterogeneous,and redundant mimic defense model,so as to achieve effective defense against unknown threats and attacks.The experimental results show that mimicry defense can effectively interrupt the attack chain and block unknown attacks.·Research on key technologies of web mimic defense.Combined with the Web application scenario and the mimic defense model,researches are focusing on the problems such as the low heterogeneity of the existing online executives,the insufficient security of the executives and the service jitter in the migration of the executives.Firstly,an actuator set selection algorithm based on reputation and heterogeneity is proposed to ensure the optimal service capability and security of the whole system.In addition,the mimic decision algorithm combined with credibility will obtain more reliable decision results.Then,a fault-tolerant method based on transaction synchronization is proposed to improve the stability of the virtual machine post-copy migration algorithm.The experimental results show that the research content can improve the service ability and security of the mimic defense system.Also,it can achieve the stability of Web executive service migration at low cost.·Design and verification of mimic web gateway technology for web application.Based on the mimic defense model and key technological breakthroughs,the mimic security gateway system architecture is proposed.Emphasis is placed on the mimic transformation of virtualization technology,operating system,web server,and web application layer to form a mimic web gateway system architecture.The security and performance test results show that the gateway can defend against unknown attacks and back-doors of web applications.For the more,on the basis research focus on the mimic web gateway architecture,combined with the web application requirements of the State Grid,the focus is on the engineering implementation and demonstration verification of the new gateway.To sum up,this paper focuses on the research on the mimic defense technologies of Web applications.This research focusing on solving the problems of active defense mechanism,active defense architecture,core key technologies,defense effect evaluation and so on.The research results certainly reference significance for the application and practice of mimic defense theory in the field of Cyberspace Security in the future.