大数据安全必须面对的攻击假设矩阵

[摘要] 认为大数据安全研究需要从大数据攻击研究出发。大数据攻击不仅仅需要考虑针对大数据系统的攻击，更要综合考虑针对系统、过程、数据、语义等多层次的攻击，还要综合看待攻击面和背后的攻击目标。为了更好地理解大数据攻击，提出了意识信息物理系统（MCPs）这样的多层次复杂系统的认识模型，并根据MCPs的多层次，建立起[攻击面x攻击目标]的攻击假设矩阵。对于攻击假设矩阵中每个格子的研究，可以帮助人们构建更有效的保障体系。

[关键词] 大数据安全；攻击假设矩阵；攻击面；攻击目标；MCPs

[Abstract] Big data attacks are the foundation of big data security. For data attacks, we need to consider attacks for the systems with large data, and for the system, process data and semantic level of attack, and also need a comprehensive look at the target of the attack surface. In order to better understand big data attacks, a new model of the multi-level complex system—Mentality-Cyber-Physical system/space (MCPs) is proposed. Based on this multi-level of MCPs, a attack hypothesis matrix by [attack surface, attack target] is built up. Research on every grid of the matrix will lead to more effective assurance solutions.

[Keywords] big data security; matrix of attack hypothesis; attack surface; attack target; MCPs