{"title":"A layer-crossing multi-factor and dynamic security model over a moving target defence","authors":"Zhan Cui, Jianping Zeng, Chengrong Wu","doi":"10.1504/ijics.2021.10040718","DOIUrl":null,"url":null,"abstract":"Moving target defence mainly focus on the single parameter hopping and rarely refer to the hopping of multiple parameters in multiple layers. With the background of database security, this paper constructs a layer-crossing, multi-parameter and dynamic security model over moving target defence. Seven parameters which belong to different layers in the database application are defined, and two mathematical functions of successful attack probability and the reconnection time of the legitimate users are proposed. Then through mathematical analysis, this paper comes to the conclusion that it is impossible to let the successful attack probability and the average reconnection time take the minimum values at the same time. Finally, under specific scenarios, the specific expressions of the two functions and the optimal hopping interval of each parameter are present. The model proposed is not only applicable to the security of database system, but also to other information systems.","PeriodicalId":164016,"journal":{"name":"Int. J. Inf. Comput. Secur.","volume":"71 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-08-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Int. J. Inf. Comput. Secur.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1504/ijics.2021.10040718","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Moving target defence mainly focus on the single parameter hopping and rarely refer to the hopping of multiple parameters in multiple layers. With the background of database security, this paper constructs a layer-crossing, multi-parameter and dynamic security model over moving target defence. Seven parameters which belong to different layers in the database application are defined, and two mathematical functions of successful attack probability and the reconnection time of the legitimate users are proposed. Then through mathematical analysis, this paper comes to the conclusion that it is impossible to let the successful attack probability and the average reconnection time take the minimum values at the same time. Finally, under specific scenarios, the specific expressions of the two functions and the optimal hopping interval of each parameter are present. The model proposed is not only applicable to the security of database system, but also to other information systems.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
