A Generalized Information Security Model SOCMD for CMD Systems

Zhang, Baowen; Xiao, Changfa; Li, Jianhua

doi:10.1049/cje.2020.02.017

Cited by 6 publications

(4 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A modeling technique has been developed, focused on the use of the proposed models Strengths and limitations of results. Several studies (Ghiasi et al, 2023;Zhang et al, 2020) have studied generalized IPS models, but the main drawback of generalized models is the very poor elaboration of their formal aspects. A characteristic feature is that this problem is very complex and nontrivial and its solution requires a lot of time and resources, which significantly complicates the practical use of such models.…”

Section: Discussionmentioning

confidence: 99%

See 1 more Smart Citation

Developing the Concept of Methodological Support for Designing and Assessing the Efficiency of Information Protection Systems of Standard Information Systems Considering Their Vulnerabilities

Alexandrov,

Kirichek,

Kuklin

et al. 2023

Journal of Computer Science

View full text Add to dashboard Cite

The Information Protection System (IPS) is an integral part of any Information System (IS). To develop an optimal IPS model at the earliest stages of the IS lifecycle, it is necessary to develop IS resource and threat models. This study is devoted to developing a specific model of IS resources, allowing a detailed description of the relationship between resources and business processes and developing an IS threat model to describe in detail the relationships between threat implementations, various IS vulnerabilities, and the relationships between them. To solve these problems, this study used the methods of set theory, graph theory, probability theory, game theory, random processes theory, mathematical logic, and object-oriented approach. This study simulated different variants of the IPS and found that only a balanced IPS project met the Pareto demands. The projects where the emphasis is on countering only external or internal threats do not meet these demands.

show abstract

Section: Discussionmentioning

confidence: 99%

“…Many studies by Ghiasi et al (2023); Zhang et al (2020) have investigated generalized IPS models. Their main feature is the simultaneous consideration of numerous factors that determine the functioning of the protection system.…”

Section: Analytical Review Of Current Ips Modelsmentioning

confidence: 99%

Developing the Concept of Methodological Support for Designing and Assessing the Efficiency of Information Protection Systems of Standard Information Systems Considering Their Vulnerabilities

Alexandrov,

Kirichek,

Kuklin

et al. 2023

Journal of Computer Science

View full text Add to dashboard Cite

show abstract

“…In recent years, Cyber mimic defense (CMD) has emerged as a promising active network defense technology in the cyber‐security landscape [ 10 ] . Compare to MTD, CMD is more targeted and presents a more unpredictable defensive behavior in cyberspace [ 11 ] . Leveraging the advances in cloud computing to reduce CapEx and OpEx, CMD is suitable for building a high‐security 5GC SBA.…”

Section: Introductionmentioning

confidence: 99%

Secure Cloud Architecture for 5G Core Network

et al. 2021

Chinese J of Electronics

View full text Add to dashboard Cite

Service‐based architecture (SBA) is a profound advancement in the novel 5G Core network (5GC). Existing studies show that SBA can benefit from cloud computing to achieve extensibility, modularity, reusability, and openness. It also brings security problems (e.g., hypervisor hijacking, and malware injection). To provide secure 5G services, we propose a service‐based cloud architecture called Mimicloud for 5GC based on dynamic and heterogeneous techniques. Mimicloud provides flexible reconfiguration mechanisms to protect containers and eliminate all attack knowledge obtained from adversaries. We use multiple containers to execute crucial services and ensure security with crosscheck. Mimicloud employs heterogeneous components to prevent multiple containers from being breached through the same vulnerabilities. Experimental results show that Mimicloud can effectively strengthen the security of the 5GC. The performance overhead is analyzed in order to demonstrate its scalability.

show abstract

“…To improve the security of the multimedia network, the academic community has proposed a moving target defense (MTD) [7] technology and a cyber mimic defense (CMD) technology [8]. On the basis of MTD, CMD technology provides a dynamic heterogeneous redundancy (DHR) architecture, which uses the active transformation of functionally equivalent heterogeneous executive bodies to change the components of the information system, therefore realizing network, platform, environment, software, structure, and data dynamic changes or migrations.…”

Section: Introductionmentioning

confidence: 99%

Mimic Encryption Box for Network Multimedia Data Security

Zhou

et al. 2020

Security and Communication Networks

View full text Add to dashboard Cite

With the rapid development of the Internet, the security of network multimedia data has attracted increasingly more attention. The moving target defense (MTD) and cyber mimic defense (CMD) approaches provide a new way to solve this problem. To enhance the security of network multimedia data, this paper proposes a mimic encryption box for network multimedia data security. The mimic encryption box can directly access the network where the multimedia device is located, automatically complete the negotiation, provide safe and convenient encryption services, and effectively prevent network attacks. According to the principles of dynamization, diversification, and randomization, the mimic encryption box uses a reconfigurable encryption algorithm to encrypt network data and uses IP address hopping, port number hopping, protocol camouflage, and network channel change to increase the attack threshold. Second, the mimic encryption box has a built-in pseudorandom number generator and key management system, which can generate an initial random key and update the key with the hash value of the data packet to achieve “one packet, one key.” Finally, through the cooperation of the ARM and the FPGA, an access control list can be used to filter illegal data and monitor the working status of the system in real time. If an abnormality is found, the feedback reconstruction mechanism is used to “clean” the FPGA to make it work normally again. The experimental results and analysis show that the mimic encryption box designed in this paper has high network encryption performance and can effectively prevent data leakage. At the same time, it provides a mimic security defense mechanism at multiple levels, which can effectively resist a variety of network attacks and has high security.

show abstract

A Generalized Information Security Model SOCMD for CMD Systems

Cited by 6 publications

References 6 publications

Developing the Concept of Methodological Support for Designing and Assessing the Efficiency of Information Protection Systems of Standard Information Systems Considering Their Vulnerabilities

Developing the Concept of Methodological Support for Designing and Assessing the Efficiency of Information Protection Systems of Standard Information Systems Considering Their Vulnerabilities

Secure Cloud Architecture for 5G Core Network

Mimic Encryption Box for Network Multimedia Data Security

Contact Info

Product

Resources

About