Research on Heterogeneity of Information System with Dissimilar Redundant Architecture Based on Attack Surface

摘要

Cyber defenses based on heterogeneous redundant techniques have been proposed as a way to make systems more resistant to attacks. These defense approaches depend on the heterogeneous resources within the system in order to make attacks more complicated. However, little work has been done on evaluating or measuring heterogeneity among systems. In this work, we first build the attack surface model of information system with dissimilar redundant architecture. The attack surface model helps us identify the special system resources applied to the attack instances on a tested. Based on the analysis results, we get the attack surface resources of instance object. For the sake of increasing the system security, we construct the more heterogeneous executive entities by the attack surface resources. When we evaluate the heterogeneity among them, we conclude that the attack surface model administers to improve system security and its security increases as the heterogeneity of its executive entities becomes larger.