动态网络主动安全防御的若干思考

[摘要] 提出以动态化、随机化、主动化为特点的动态网络主动安全防御是解决信息系统中未知漏洞与后门攻击的一种新途径。在动态网络的主动变迁技术中，提出了演进防御机制（EDM），该机制可以根据网络系统安全状态、网络系统安全需求等，选择最佳的网络配置变化元素组合来应对潜在的攻击、保证特定等级的安全要求。网络的动态重构和变迁需要根据系统的安全态势和可能遭受的网络攻击来考虑，其关键是如何有效对系统的安全态势和网络的攻击进行主动探测与感知。尚处于起步阶段的动态网络主动安全防御的创新技术研究任重而道远。

[关键词] 被动防御；未知攻击；主动防御

[Abstract] Dynamic network proactive security defence is an effective method for solving the unknown vulnerabilities and back door attacks in the information system. In this paper, the evolution defense mechanism (EDM) is proposed. According to the security status, network system security needs, EDM can select the best network configuration change elements to deal with potential attacks and ensure the safety requirements of a specific level. Dynamic reconfiguration and changes of the network need to be considered in accordance with the security situation of the system and the possible network attacks. The key is how to detect and the security situation and network attacks. It proposes that study on dynamic network proactive security defense in China is in the initial stage, and there is still much work to do.

[Keywords] passive defense; unknown attack; proactive defense