Abstract:Attackers have suffcient time and space to implementing reconnaissance and attack aiming at the static and fixed characteristic of information system in the game of cyberspace attack and defense. In the view of network defense, dynamic and random changes of OS, software, data and network infrastructure realize dynamic defense of information system, thus probably reduces attack surface and contains attacks. In the paper, a method of modeling and analysis of information system dynamic defense is presented based on Markov chain, meanwhile, the index of attack detection probability is introduced in order to quantitatively calculate attack surface of dynamic system. The model is subdivided into four cases according to attack and defense strategies. Finally, a calculation example of dynamic cloud center attack
and defense is illustrated which shows that the mentioned modeling technique is valid and feasible.
杨林, 张义荣, 杨峰, 马琳茹, 李京鹏. 基于攻击面度量的动态目标防御效能评估方法[J]. 指挥与控制学报, 2015, 1(4): 453-457.
YANG Lin, ZHANG Yi-Rong, YANG Feng, MA Lin-Ru, LI Jing-Peng. Performance Assessment Technique of Moving Target Defense Based on Attack Surface Measurement. Journal of Command and Control, 2015, 1(4): 453-457.
2015, Vol. 1 
