Summary: | Build upon the dynamic-heterogeneous-redundant architecture for multi-body execution, multi-mode ruling and multi-dimension reconstruction, cyberspace mimic defense (CMD) uses uncertain system to deal with the uncertain threat to cyberspace ubiquity.The evolution of CMD over the past 8 years were reviewed systematically from the vertical, horizontal, current, developing and future perspectives.From the vertical perspective, the development process of CMD from concept to theory and practice was summarized.From the horizontal view, it elaborated the core structure DHR (dynamical heterogeneous redundancy) of CMD, the principles based on CMD’s three major theorems, safety gains and performance costs.A comparison was conducted between CMD and five other active defense technologies, namely intrusion tolerance, moving target defense, zero trust architecture, trusted computing and computer immunology.From the current perspective, it reviewed the implementation elements, performance, system architecture, heterogeneous strategies, scheduling strategies, voting strategies and other common technology patterns and characteristics of 11 types of main existing mimic products including mimicry router, mimicry processor, mimicry DNS server and mimicry cloud platform.From the developing perspective, it explored the “mimic+” AICDS (Mimic + AI/IoT/Cloud/Data/SDN) symbiotic ecology with respect to 5 types of new technologies, namely artificial intelligence, Internet of things, cloud computing, big data and software-defined network, and proposed the corresponding technology junctions and cross research value.From the future perspective, it looked into the future mimicry baseline 2.0 product ecology, “mimic +5G/6G”, “mimic + edge computing”,“mimic + cloud” and “mimic + blockchain” application scenarios.Besides, 4 types of challenges faced by CMD in the future were analyzed and summarized, including escape space of multi-mode decision attack, mutual restriction of heterogeneous and synchronous, difficult balance between security and function, and limited transformation space of existing endogenous security components.
|