Research on executive control strategy of mimic web defense gateway

The present pattern of Cyberspace Security remains vulnerable to attacks but difficult to defend. Traditional defensive measures are mainly detecting and blocking, with a certain degree of passivity and hysteresis. As a game-changer, mimic defense [1] will definitely bring revolutionary changes to this pattern. DHR [2] (Dynamic Heterogeneous Redundancy) is the basic architecture of mimic defense. This paper analyses effectiveness of the security of this architecture and the impact of key parameters on it, based on mimic defense DHR. To improve security of executive sets, executive scheduling method based on K-means clustering is devised in this paper, making the maximum heterogeneous degree possible and guaranteeing the randomness of scheduling algorithm, in the result, the difficulty of attacks increases. Furthermore, this paper proposes a centralized resource allocation method for each executive based on feedback control [3], targeting evolving the system by reducing response time of executive sets. In the end of the dissertation, the actual deployment and test verification are carried out based on the mimic Web server [4] platform.