网络空间拟态防御建模与量化评估技术研究

摘要：针对网络空间未知漏洞后门等不确定性扰动问题，拟态防御技术基于动态异构冗余架构与拟态伪装机制实现了对随机或非随机扰动的有效管控。针对上述内生安全问题，首先采用Petri 网、鞅以及概率论等理论与技术来评估与仿真系统的安全性，并对评估结果与实际部署进行了策略分析，同时对比了不同理论工具在量化可用性、攻击成功概率以及逃逸概率等指标时存在的优缺点。最后，针对现有理论与技术在不同场景适用性存在的不足以及实际部署量化问题，展望了后续拟态防御系统在定性与定量分析研究的主要方向。

关键词：网络空间内生安全；拟态构造；建模方法；评估

Abstract: For uncertain disturbances such as unknown vulnerabilities and backdoors in cyberspace, the mimic defense technology realizes effective control of random or non-random disturbances based on dynamic heterogeneous redundancy architecture and mimicry camouflage mechanism. For the above endogenous security problems, the Petri nets, martingales, probability theory, and other theories and technologies are used to evaluate and simulate the security of the system, and the evaluation results and actual deployment strategies are analyzed. At the same time, the advantages and disadvantages of different theoretical tools are compared in quantifying availability, attack success probability, escape probability, and other indicators. Finally, in view of the shortcomings of the applicability of the existing theories and technologies in different scenarios and the quantitative problems of the practical deployment, the main direction of the subsequent mimicry defense system in qualitative and quantitative analysis is discussed.

Keywords: cyberspace endogenous security; mimic structure; modeling methods; evaluation