LAUSR

Cyberspace mimic defense (CMD) is an active defense theory that has emerged in recent years. By dynamically constructing and scheduling multiple executors, the CMD can not only effectively defend against security threats caused by unknown cyberspace weaknesses, but also improve the present situation of information asymmetry between attackers and defenders in cyberspace. However, as one of the key technologies of the CMD, the scheduling strategy algorithm still needs to be improved in real-time security, reliability, and universality, which has restricted the development and large-scale deployment of the CMD. To solve this problem, we propose an optimal seed scheduling strategy algorithm (OSSSA) in this paper. After using continuous-time Markov processes to mathematically analyze the model of the mimic defense system in cyberspace, we introduce the key factors and their evaluation methods that affecting the CMD defense performance in the OSSSA, then propose a reliable working mechanism of the OSSSA. Furthermore, we present an evaluation method that can effectively evaluate the defense performance of the scheduling algorithms. Experimental results from software simulations and real experiments show that the OSSSA has better real-time defense performance than the current mainstream scheduling strategy algorithms, and can adapt to different practical application scenarios, which is helpful to the further development of the CMD.