CN111628978B - Mimicry normalization decision making system, method and readable storage medium - Google Patents

Mimicry normalization decision making system, method and readable storage medium Download PDF

Info

Publication number
CN111628978B
CN111628978B CN202010433431.2A CN202010433431A CN111628978B CN 111628978 B CN111628978 B CN 111628978B CN 202010433431 A CN202010433431 A CN 202010433431A CN 111628978 B CN111628978 B CN 111628978B
Authority
CN
China
Prior art keywords
response information
normalization
serial number
processing module
normalized
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010433431.2A
Other languages
Chinese (zh)
Other versions
CN111628978A (en
Inventor
乔季军
宋延坡
郭义伟
冯志峰
鲍尚策
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhuhai Comleader Information Technology Co Ltd
Henan Xinda Wangyu Technology Co Ltd
Original Assignee
Zhuhai Comleader Information Technology Co Ltd
Henan Xinda Wangyu Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhuhai Comleader Information Technology Co Ltd, Henan Xinda Wangyu Technology Co Ltd filed Critical Zhuhai Comleader Information Technology Co Ltd
Priority to CN202010433431.2A priority Critical patent/CN111628978B/en
Publication of CN111628978A publication Critical patent/CN111628978A/en
Application granted granted Critical
Publication of CN111628978B publication Critical patent/CN111628978B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1095Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/565Conversion or adaptation of application format or content
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/60Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources

Abstract

The invention provides a mimicry normalization decision-making system, which comprises an input distribution agent module, a plurality of functionally equivalent heterogeneous executives, a normalization processing module and a decision-making device, wherein the input distribution agent module is used for receiving a plurality of input data; the input distribution agent module is respectively connected with each functional equivalent heterogeneous executive body and is used for receiving request information and copying and distributing the request information to each functional equivalent heterogeneous executive body; the functional equivalent heterogeneous executive body is connected with the normalization processing module and used for responding to the request information and outputting response information to the normalization processing module; the normalization processing module is connected with the resolver and used for filtering the response information according to a preset regular filtering rule to obtain normalization response information with a uniform data format and transmitting the normalization response information to the resolver; the arbitrator is used for arbitrating all the normalized response information according to a majority principle and outputting an arbitration result.

Description

Mimicry normalization decision making system, method and readable storage medium
Technical Field
The invention relates to the field of mimicry defense, in particular to a mimicry normalization arbitration system, a mimicry normalization arbitration method and a readable storage medium.
Background
The proposition of the mimicry defense theory provides an effective solution for the network space intrinsic safety. The mimicry defense theory states that in order to satisfy a dynamic, heterogeneous, redundant DHR architecture model, maximized heterogeneity needs to be satisfied in terms of functionally equivalent executables. However, in practical engineering practice, in order to maximize the heterogeneity between executives, because the executives with equivalent functions have different implementation manners, the executives with the same functions cannot guarantee the complete consistency of output information when receiving the same input request information. In this case, when performing multi-mode arbitration output, it will bring great challenge to the efficient arbitration of the arbitrator.
Meanwhile, due to the influence of network time delay, the arbitrator may acquire the response information of a plurality of request information at the same time, so that the acquisition and arbitration can not be performed only for the response information of a certain request information during arbitration, and the accuracy of an arbitration result is influenced.
In order to solve the above problems, people are always seeking an ideal technical solution.
Disclosure of Invention
The invention aims to overcome the defects of the prior art, and provides a mimicry normalization arbitration system, a method and a readable storage medium.
In order to achieve the above object, a first aspect of the present invention provides a mimicry normalization arbitration system, which includes an input distribution agent module, a plurality of functionally equivalent heterogeneous executives, a normalization processing module, and an arbitrator;
the input distribution agent module is respectively connected with each functional equivalent heterogeneous executive body and is used for receiving request information and copying and distributing the request information to each functional equivalent heterogeneous executive body;
the functional equivalent heterogeneous executive body is connected with the normalization processing module and used for responding to the request information and outputting response information to the normalization processing module;
the normalization processing module is connected with the resolver and used for filtering the response information according to a preset regular filtering rule to obtain normalization response information with a uniform data format and transmitting the normalization response information to the resolver;
and the arbitrator arbitrates all the normalized response information and outputs an arbitration result.
Preferably, after obtaining the normalized response information with the uniform data format, the normalization processing module further calculates a hash value of each normalized response information, and sends the hash value of each normalized response information and the corresponding response information before normalization to the resolver;
and the arbitrator arbitrates the hash values of all the normalized response information and outputs the response information before normalization corresponding to the arbitration result.
Preferably, the preset regular filtering rules include, but are not limited to, redundant fields or user-defined fields of the communication protocol, and information related to the heterogeneous executive itself.
Preferably, after receiving the request information, the input distribution agent module generates a unique tag serial number, adds the tag serial number to a redundant field or a custom field of the request information, and copies and distributes the request information with the tag serial number to each functionally equivalent heterogeneous executor;
after receiving the request information, the functionally equivalent heterogeneous executive body acquires a tag serial number from the request information, responds to the request information, adds the tag serial number to a redundant field or a user-defined field of the response information, and outputs the response information with the tag serial number to the normalization module;
after receiving the response information, the normalization processing module acquires a label serial number from the response information;
after the normalization processing module obtains the normalization response information, packaging each normalization response information and the corresponding label serial number into a list data and outputting the list data to the resolver;
the arbitrator judges the normalized response information in all the list data with the same label serial number and outputs an arbitrating result;
or after the normalization processing module obtains the normalization response information, packing the hash value of each normalization response information, the corresponding label serial number and the response information before normalization into a list of data and outputting the list of data to the resolver;
and the arbitrator judges the hash values of the normalized response information in all the list data with the same label serial number and outputs an arbitration result or the response information before normalization corresponding to the arbitration result.
Preferably, the device further comprises a cache database, wherein the cache database is connected with the normalization processing module and is used for receiving the list data output by the normalization processing module and performing queue caching; and the resolver is connected with the cache database and is used for acquiring all list data with the same tag serial number from the cache database.
Preferably, the obtaining all list data with the same tag serial number means: reading a piece of list data from the cache database, obtaining the tag serial number of the list data, and reading the list data with the tag serial number same as the tag serial number from the cache database according to the tag serial number.
Preferably, if the number of the normalized response information or the hash value of the normalized response information obtained by the resolver is less than the number of the functionally equivalent heterogeneous executors after the preset time is exceeded, the hash value of the normalized response information or the normalized response information actually obtained is decided.
The second aspect of the invention provides a mimicry normalization arbitration method, which comprises the following steps:
the input distribution agent module receives the request information and copies and distributes the request information to a plurality of functionally equivalent heterogeneous executors;
the functional equivalent heterogeneous executive body responds to the request information and outputs response information to the normalization processing module;
the normalization processing module is used for filtering the response information according to a preset regular filtering rule to obtain normalization response information with a uniform data format and transmitting the normalization response information to the resolver;
the arbitrator arbitrates all the normalized response information and outputs an arbitration result;
or, the normalization processing module filters the response information according to a preset regular filtering rule to obtain normalized response information with a uniform data format, respectively calculates a hash value of each normalized response information, and sends the hash value of each normalized response information and the corresponding response information before normalization to the arbitrator;
and the arbitrator arbitrates the hash values of all the normalized response information and outputs the response information before normalization corresponding to the arbitration result.
The third aspect of the invention provides a mimicry normalization arbitration method, which comprises the following steps:
the input distribution agent module receives the request information and copies and distributes the request information to a plurality of functionally equivalent heterogeneous executors;
the functional equivalent heterogeneous executive body responds to the request information and outputs response information to the normalization processing module;
the normalization processing module is used for filtering the response information according to a preset regular filtering rule to obtain normalization response information with a uniform data format, respectively calculating the hash value of each normalization response information, and sending the hash value of each normalization response information and the corresponding response information before normalization to the arbitrator;
and the arbitrator arbitrates the hash values of all the normalized response information and outputs the response information before normalization corresponding to the arbitration result.
The fourth aspect of the present invention provides a mimicry normalization adjudication method, comprising the following steps: the input distribution agent module receives the request information, generates a unique tag serial number, adds the tag serial number into a redundant field or a self-defined field of the request information, and copies and distributes the request information with the tag serial number to each functionally equivalent heterogeneous executive body;
after receiving the request information, the functionally equivalent heterogeneous executive body acquires a tag serial number from the request information, responds to the request information, adds the tag serial number to a redundant field or a user-defined field of the response information, and outputs the response information with the tag serial number to the normalization module;
after receiving the response information, the normalization processing module acquires a label serial number from the response information; filtering the response information according to a preset regular filtering rule to obtain normalized response information with a uniform data format;
after the normalization processing module obtains the normalization response information, packaging each normalization response information and the corresponding label serial number into a piece of list data, and outputting the list data to the resolver;
the arbitrator judges the normalized response information in all the list data with the same label serial number and outputs an arbitrating result;
or after the normalization processing module obtains the normalization response information, respectively calculating the hash value of each normalization response information, packaging the hash value of each normalization response information, the corresponding label serial number and the response information before normalization into a list of data, and outputting the list of data to the resolver;
and the arbitrator judges the hash values of the normalized response information in all the list data with the same label serial number and outputs the response information before normalization corresponding to the arbitrating result.
Based on the above, the normalization processing module packs each normalization response message and the corresponding tag serial number into a piece of list data, and then outputs the list data to the cache database for queue caching;
the arbitrator acquires all the list data with the same label serial number from the cache database, judges the normalized response information in all the list data and outputs an arbitrating result;
or, the normalization processing module packs the hash value of each normalization response information, the corresponding tag serial number and the response information before normalization into a piece of list data, and then outputs the list data to the cache database for queue caching;
and the arbitrator reads all the list data with the same tag serial number from the cache database, judges the hash value of the normalized response information in all the list data, and outputs the response information before normalization corresponding to the arbitrating result.
A fourth aspect of the present invention provides a computer-readable storage medium having computer-executable instructions stored therein, wherein the computer-executable instructions are configured to perform the above-mentioned pseudo normalized arbitration method.
Compared with the prior art, the invention has outstanding substantive characteristics and remarkable progress, particularly,
(1) according to the invention, response information is subjected to regular matching filtering, output information with inconsistent data formats caused by redundancy of heterogeneous executive communication protocols or difference of executive design realization is unified into normalized response information with consistent data formats, and then the normalized response information is sent to a resolver for resolution processing, compared with the case that normalization problems are put into the resolver for realization, the method can greatly improve the resolution efficiency of the resolver and reduce the time delay of data transmission; meanwhile, the scheme does not need to modify the executive body, so that the method has universality.
(2) After response information is judged, the hash value of each normalized response information is respectively calculated, and then all the hash values are judged; the hash value is obtained according to the normalized response information, and the data volume of the hash value is smaller than that of the normalized response information, so that the mimicry decision efficiency is further improved under the condition of ensuring that the decision result is not changed; in addition, the safety of the hash value is higher than that of the normalized response information, so that the safety of mimicry judgment can be further improved by judging the hash value.
(3) The invention adds a label information to the request information through the input agent distribution module, obtains the label serial number before normalization processing, and sends the label serial number and the corresponding normalization response information, or packages the hash value of the label serial number and the corresponding normalization response information and the response information before normalization to the arbitrator, and the arbitrator arbitrates the normalization response information with the same label serial number or the hash value thereof, thereby effectively solving the problem of inaccurate arbitration result caused by high concurrency of response information and improving the accuracy of mimicry arbitration.
(4) According to the invention, the tag serial number and the corresponding normalized response information or the hash value of the corresponding normalized response information and the response information before normalization are packaged and sent to the cache database, the arbitrator can conveniently search and obtain the response information of the same request information from the cache database according to the tag serial number, the arbitrator does not need to distinguish the same tag serial number, the accuracy of mimicry arbitration is improved, and the function loss of the arbitrator is reduced.
Drawings
Fig. 1 is a schematic block diagram of a system according to embodiment 1 of the present invention.
FIG. 2 is a schematic flow chart of the method of example 1 of the present invention.
FIG. 3 is a schematic flow chart of the method of embodiment 2 of the present invention.
FIG. 4 is a schematic flow chart of the method of embodiment 3 of the present invention.
FIG. 5 is a schematic flow chart of the method of embodiment 4 of the present invention.
Fig. 6 is a schematic block diagram of a system of embodiment 5 of the present invention.
FIG. 7 is a schematic flow chart of the method of embodiment 5 of the present invention.
FIG. 8 is a flowchart of a method in accordance with embodiment 6 of the present invention.
Detailed Description
The technical solution of the present invention is further described in detail by the following embodiments.
Example 1
As shown in FIG. 1, the invention discloses a mimicry normalization arbitration system, which comprises an input distribution agent module, a plurality of functionally equivalent heterogeneous executives, a normalization processing module and an arbitrator; the input distribution agent module is respectively connected with each functionally equivalent heterogeneous executive body; the functional equivalent heterogeneous executive body is connected with the normalization processing module; the normalization processing module is connected with the resolver.
As shown in fig. 2, the invention also discloses a mimicry normalization arbitration method based on the mimicry normalization arbitration system, which comprises the following steps:
the input distribution agent module receives the request information and copies and distributes the request information to a plurality of functionally equivalent heterogeneous executors;
the functional equivalent heterogeneous executive body responds to the request information and outputs response information to the normalization processing module;
the normalization processing module is used for filtering the response information according to a preset regular filtering rule to obtain normalization response information with a uniform data format and transmitting the normalization response information to the resolver;
and the arbitrator arbitrates all the normalized response information according to a majority principle judgment method and outputs an arbitration result.
In the implementation of the heterogeneous executors with equivalent functions, because of the redundant fields designed for meeting the universality of the communication protocol interfaces in the design stage, the specific implementation modes of different executors for the redundant parts of the communication protocols are different, so that the output results of the executors are inconsistent; in consideration of the integrity of the communication interface, the executive body also packages the data information related to the executive body as partial field information in the execution process, so that the output results of the executive body are inconsistent;
in order to solve the problem of inconsistent output results caused by the two problems, in this embodiment, the preset regular filtering rule is related to the redundant field or the user-defined field of the communication protocol and the information related to the heterogeneous executive body itself, specifically, the preset regular filtering rule includes, but is not limited to, the redundant field or the user-defined field of the communication protocol and the information related to the heterogeneous executive body itself; by filtering out the information related to the redundant field or the user-defined field of the communication protocol and the heterogeneous executive body, the normalized response information with a uniform data format is obtained, and the arbitrator can conveniently arbitrate. Compared with the realization of putting the normalization problem into the resolver, the method can greatly improve the resolution efficiency of the resolver and reduce the time delay of data transmission; meanwhile, the scheme does not need to modify the executive body, so that the method has universality.
It should be noted that, during the data receiving process, there may be a phenomenon that the normalized response information of the individual executors is delayed or not received, and for the problem that the response information is delayed or not received, a data reading timeout mechanism may be adopted: namely, if the number of the normalized response information acquired by the resolver is smaller than the number of the functionally equivalent heterogeneous executors after exceeding the preset time, the actually acquired normalized response information is arbitrated.
Example 2
This embodiment is different from embodiment 1 in that:
as shown in fig. 3, the present invention also discloses a second mimicry normalization arbitration method based on the mimicry normalization arbitration system, comprising the following steps:
the normalization processing module is used for respectively calculating the hash value of each piece of normalization response information after acquiring the normalization response information with the uniform data format, and sending the hash value of each piece of normalization response information and the corresponding response information before normalization to the resolver;
and the arbitrator arbitrates the hash values of all the normalized response information according to a judgment method of a majority rule and outputs the response information before normalization corresponding to the arbitration result.
According to the invention, after response information is judged, the hash value of each normalized response information is respectively calculated, all hash values are judged, and then the response information before normalization corresponding to the judgment result is input, so that the safety of mimicry judgment can be further improved.
It should be noted that, during the data receiving process, there may be a phenomenon that the hash value of the normalized response information of the individual executable is delayed or not received, and for the problem that the response information is delayed or not received, a data reading timeout mechanism may be adopted: namely, if the number of the hash values of the normalized response information acquired by the resolver is smaller than the number of the functionally equivalent heterogeneous executors after the preset time is exceeded, the hash values of the normalized response information actually acquired are arbitrated.
Example 3
This embodiment is different from embodiment 1 in that: as shown in fig. 4, the present invention also discloses a third mimetic normalized arbitration method based on the mimetic normalized arbitration system, which comprises the following steps:
the input distribution agent module receives the request information, generates a unique tag serial number, adds the tag serial number into a redundant field or a self-defined field of the request information, and copies and distributes the request information with the tag serial number to each functionally equivalent heterogeneous executive body;
after receiving the request information, the functionally equivalent heterogeneous executive body acquires a tag serial number from the request information, responds to the request information, adds the tag serial number to a redundant field or a user-defined field of the response information, and outputs the response information with the tag serial number to the normalization module;
after receiving the response information, the normalization processing module acquires a label serial number from the response information; filtering the response information according to a preset regular filtering rule to obtain normalized response information with a uniform data format;
the normalization processing module packs each normalization response message and the corresponding label serial number into a piece of list data and outputs the list data to the resolver;
and the arbitrator judges the normalized response information in all the list data with the same label serial number according to a majority principle judgment method and outputs an arbitration result.
According to the invention, the input agent distribution module adds a label information to the request information, the label serial number is obtained before normalization processing, the label serial number and the corresponding normalization response information are packed and sent to the arbitrator, and the arbitrator arbitrates the normalization response information with the same label serial number according to convenience, so that the problem of inaccurate arbitration result caused by high response information and occurrence is effectively solved, and the accuracy of mimicry arbitration is improved.
It should be noted that, during the data receiving process, there may be a phenomenon that the receiving of the normalized response information of the individual executors is delayed or not, and for the problem that the receiving of the response information is delayed or not, a data reading timeout mechanism may be adopted: namely, if the number of the normalized response information acquired by the resolver is smaller than the number of the functionally equivalent heterogeneous executors after exceeding the preset time, the actually acquired normalized response information is arbitrated.
Example 4
This embodiment is different from embodiment 3 in that: as shown in fig. 5, the present invention also discloses a fourth mimicry normalization arbitration method based on the mimicry normalization arbitration system, comprising the following steps:
after the normalization processing module obtains the normalization response information, the hash value of each normalization response information is respectively calculated, the hash value of each normalization response information, the corresponding label serial number and the response information before normalization are packaged into a piece of list data, and the list data are output to the arbitrator;
and the arbitrator judges the hash values of the normalized response information in all the list data with the same label serial number according to a judgment method of a majority rule and outputs the response information before normalization corresponding to the arbitrating result.
The invention calculates the hash value of the normalized response after the normalization processing by the normalization processing module, packs the hash value of the tag serial number and the corresponding normalized response information and the response information before normalization and sends the packed hash value to the resolver, and then the resolver decides the hash value of the normalized response information with the same tag serial number according to convenience; the hash value is obtained according to the normalized response information, and the data volume of the hash value is smaller than that of the normalized response information, so that the mimicry decision efficiency is further improved under the condition of ensuring that the decision result is not changed; in addition, the safety of the hash value is higher than that of the normalized response information, so that the safety of mimicry judgment can be further improved by judging the hash value.
It should be noted that, during the data receiving process, there may be a phenomenon that the hash value of the normalized response information of the individual executable is delayed or not received, and for the problem that the hash value of the normalized response information is delayed or not received, a data reading timeout mechanism may be adopted: namely, if the number of the hash values of the normalized response information acquired by the resolver is smaller than the number of the functionally equivalent heterogeneous executors after the preset time is exceeded, the hash values of the normalized response information actually acquired are arbitrated.
Example 5
This embodiment is different from embodiment 1 in that:
as shown in fig. 6, the present invention also discloses a second mimicry normalization arbitration system, which comprises an input distribution agent module, a plurality of functionally equivalent heterogeneous executives, a normalization processing module, a cache database and an arbitrator; the input distribution agent module is respectively connected with each functionally equivalent heterogeneous executive body; the functional equivalent heterogeneous executive body is connected with the normalization processing module; the normalization processing module is connected with the cache database; the cache database is connected with the resolver.
As shown in fig. 7, the present invention further discloses a mimicry normalization arbitration method based on the second mimicry normalization arbitration system, which includes the following steps:
the input distribution agent module receives the request information, generates a unique tag serial number, adds the tag serial number into a redundant field or a self-defined field of the request information, and copies and distributes the request information with the tag serial number to each functionally equivalent heterogeneous executive body;
after receiving the request information, the functionally equivalent heterogeneous executive body acquires a tag serial number from the request information, responds to the request information, adds the tag serial number to a redundant field or a user-defined field of the response information, and outputs the response information with the tag serial number to the normalization module;
after receiving the response information, the normalization processing module acquires a label serial number from the response information; filtering the response information according to a preset regular filtering rule to obtain normalized response information with a uniform data format;
the normalization processing module packs each normalization response message and the corresponding tag serial number into a piece of list data, and outputs the list data to the cache database for queue caching;
the arbitrator acquires all the list data with the same label serial number from the cache database, judges the normalized response information in all the list data according to a judgment method of a majority rule and outputs an arbitration result;
the invention adds a label information to the request information through the input agent distribution module, obtains the label serial number before normalization processing, packs the label serial number and the corresponding normalization response information and sends the packed label serial number and the corresponding normalization response information to the cache database, the arbitrator can conveniently search and obtain the response information of the same request information from the cache database according to the label serial number, the arbitrator does not need to distinguish the same label serial number, the accuracy of mimicry arbitration is improved, and the function loss of the arbitrator is reduced.
It should be noted that, during the process of receiving list data from the cache database, there may be a phenomenon that the list data corresponding to an individual execution entity is delayed or not received, and for the problem that the list data is delayed or not received, a data read timeout mechanism may be adopted: namely, if the number of the list data acquired by the resolver is smaller than the number of the functionally equivalent heterogeneous executors after exceeding the preset time, the normalized response information in all the actually acquired list data is arbitrated.
Example 6
This embodiment is different from embodiment 5 in that:
as shown in fig. 8, the present invention also discloses another mimetic normalized arbitration method based on the second mimetic normalized arbitration system, which includes the following steps:
after the normalization processing module obtains the normalization response information, the hash value of each normalization response information is respectively calculated, the hash value of each normalization response information, the corresponding label serial number and the response information before normalization are packaged into a list of data, and the list of data is output to the cache database for queue caching;
the arbitrator reads all the list data with the same label serial number from the cache database, judges the hash value of the normalized response information in all the list data according to a judgment method of a majority rule, and outputs the response information before normalization corresponding to an arbitration result.
The invention adds a piece of label information to the request information through the input agent distribution module, obtains the label serial number before normalization processing, packs the label serial number, the hash value of the corresponding normalization response information and the response information before normalization and sends the packed label serial number and the hash value to the cache database, and the arbitrator conveniently searches the hash value of the normalization response information of the same request information from the cache database according to the label serial number and arbitrates all the hash values; the hash value is obtained according to the normalized response information, and the data volume of the hash value is smaller than that of the normalized response information, so that the mimicry decision efficiency is further improved under the condition of ensuring that the decision result is not changed; in addition, the safety of the hash value is higher than that of the normalized response information, so that the safety of mimicry judgment can be further improved by judging the hash value.
It should be noted that, during the process of receiving list data from the cache database, there may be a phenomenon that the list data corresponding to an individual execution entity is delayed or not received, and for the problem that the list data is delayed or not received, a data read timeout mechanism may be adopted: namely, if the number of the list data acquired by the resolver is smaller than the number of the functionally equivalent heterogeneous executors after exceeding the preset time, the hash values of the normalized response information in all the actually acquired list data are resolved.
Example 7
The invention provides a computer-readable storage medium, wherein computer-executable instructions are stored in the computer-readable storage medium, and the computer-executable instructions are used for executing the pseudo-normalized arbitration method.
Finally, it should be noted that the above examples are only used to illustrate the technical solutions of the present invention and not to limit the same; although the present invention has been described in detail with reference to preferred embodiments, those skilled in the art will understand that: modifications to the specific embodiments of the invention or equivalent substitutions for parts of the technical features may be made; without departing from the spirit of the present invention, it is intended to cover all aspects of the invention as defined by the appended claims.

Claims (7)

1. A mimicry normalized arbitration system, comprising: the system comprises an input distribution agent module, a plurality of functionally equivalent heterogeneous executors, a normalization processing module and a resolver;
the input distribution agent module is respectively connected with each functional equivalent heterogeneous executive body and is used for receiving request information and copying and distributing the request information to each functional equivalent heterogeneous executive body;
the functional equivalent heterogeneous executive body is connected with the normalization processing module and used for responding to the request information and outputting response information to the normalization processing module;
the normalization processing module is connected with the resolver and used for filtering the response information according to a preset regular filtering rule to obtain normalization response information with a uniform data format and transmitting the normalization response information to the resolver;
the arbitrator is used for arbitrating all the normalized response information and outputting an arbitration result;
the input distribution agent module generates a unique tag serial number after receiving the request information, adds the tag serial number into a redundant field or a custom field of the request information, and copies and distributes the request information with the tag serial number to each functionally equivalent heterogeneous executive body;
after receiving the request information, the functionally equivalent heterogeneous executive body acquires a tag serial number from the request information, responds to the request information, adds the tag serial number to a redundant field or a user-defined field of the response information, and outputs the response information with the tag serial number to the normalization module; after receiving the response information, the normalization processing module acquires a label serial number from the response information;
after the normalization processing module obtains the normalization response information, packaging each normalization response information and the corresponding label serial number into a list data and outputting the list data to the resolver;
the arbitrator judges the normalized response information in all the list data with the same label serial number and outputs an arbitrating result;
or after the normalization processing module obtains the normalization response information, packing the hash value of each normalization response information, the corresponding label serial number and the response information before normalization into a list of data and outputting the list of data to the resolver;
and the arbitrator judges the hash values of the normalized response information in all the list data with the same label serial number and outputs an arbitration result or the response information before normalization corresponding to the arbitration result.
2. The mimicry normalized arbitration system of claim 1, wherein: after the normalization processing module obtains the normalization response information with the uniform data format, the normalization processing module also respectively calculates the hash value of each normalization response information and sends the hash value of each normalization response information and the corresponding response information before normalization to the resolver;
and the arbitrator arbitrates the hash values of all the normalized response information and outputs the response information before normalization corresponding to the arbitration result.
3. The mimicry normalized arbitration system according to claim 1 or 2, characterized in that: the preset regular filtering rules include, but are not limited to, redundant fields or user-defined fields of the communication protocol, and information related to the heterogeneous executors themselves.
4. The mimicry normalized arbitration system of claim 1, wherein: the device also comprises a cache database which is connected with the normalization processing module and used for receiving the list data output by the normalization processing module and performing queue caching; and the resolver is connected with the cache database and is used for acquiring all list data with the same tag serial number from the cache database.
5. A mimicry normalization arbitration method is characterized by comprising the following steps:
the input distribution agent module receives the request information, generates a unique tag serial number, adds the tag serial number into a redundant field or a self-defined field of the request information, and copies and distributes the request information with the tag serial number to each functionally equivalent heterogeneous executive body;
after receiving the request information, the functionally equivalent heterogeneous executive body acquires a tag serial number from the request information, responds to the request information, adds the tag serial number to a redundant field or a user-defined field of the response information, and outputs the response information with the tag serial number to the normalization module;
after receiving the response information, the normalization processing module acquires a label serial number from the response information; filtering the response information according to a preset regular filtering rule to obtain normalized response information with a uniform data format;
after the normalization processing module obtains the normalization response information, packaging each normalization response information and the corresponding label serial number into a piece of list data, and outputting the list data to the arbitrator;
the arbitrator judges the normalized response information in all the list data with the same label serial number and outputs an arbitrating result;
or after the normalization processing module obtains the normalization response information, respectively calculating the hash value of each normalization response information, packaging the hash value of each normalization response information, the corresponding label serial number and the response information before normalization into a list of data, and outputting the list of data to the resolver;
and the arbitrator judges the hash values of the normalized response information in all the list data with the same label serial number and outputs the response information before normalization corresponding to the arbitrating result.
6. The mimicry normalized arbitration method of claim 5, wherein:
the normalization processing module packs each normalization response message and the corresponding tag serial number into a piece of list data and then outputs the list data to the cache database for queue caching;
the arbitrator acquires all the list data with the same label serial number from the cache database, judges the normalized response information in all the list data and outputs an arbitrating result;
or, the normalization processing module packs the hash value of each normalization response information, the corresponding tag serial number and the response information before normalization into a piece of list data, and then outputs the list data to the cache database for queue caching;
and the arbitrator reads all the list data with the same tag serial number from the cache database, judges the hash value of the normalized response information in all the list data, and outputs the response information before normalization corresponding to the arbitrating result.
7. A computer-readable storage medium having computer-executable instructions stored therein, the computer-readable storage medium characterized by: the computer-executable instructions are for performing the mimicry normalized arbitration method recited in claim 5 or 6.
CN202010433431.2A 2020-05-21 2020-05-21 Mimicry normalization decision making system, method and readable storage medium Active CN111628978B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010433431.2A CN111628978B (en) 2020-05-21 2020-05-21 Mimicry normalization decision making system, method and readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010433431.2A CN111628978B (en) 2020-05-21 2020-05-21 Mimicry normalization decision making system, method and readable storage medium

Publications (2)

Publication Number Publication Date
CN111628978A CN111628978A (en) 2020-09-04
CN111628978B true CN111628978B (en) 2022-02-22

Family

ID=72272778

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010433431.2A Active CN111628978B (en) 2020-05-21 2020-05-21 Mimicry normalization decision making system, method and readable storage medium

Country Status (1)

Country Link
CN (1) CN111628978B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112187833B (en) * 2020-11-09 2021-12-17 浙江大学 AI + regular double-matching detection method in mimicry WAF
CN112532659B (en) * 2021-02-10 2021-05-11 之江实验室 Normalization method of TCP data packet based on mimicry edge gateway
CN116471117A (en) * 2023-05-15 2023-07-21 嵩山实验室 Information processing method and system for mimicking reconstruction message part and message middleware

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108900654A (en) * 2018-08-04 2018-11-27 中国人民解放军战略支援部队信息工程大学 A kind of DNS dynamic dispatching method based on mimicry name server
CN110166435A (en) * 2019-04-18 2019-08-23 杭州电子科技大学 The mimicry Web gateway system and method for dynamic dispatching are carried out using load balancing
CN110324417A (en) * 2019-06-29 2019-10-11 河南信大网御科技有限公司 A kind of cloud service execution body dynamic reconfiguration method based on mimicry defence
CN110691133A (en) * 2019-09-29 2020-01-14 河南信大网御科技有限公司 Web service mimicry system and method applied to network communication equipment
CN111124663A (en) * 2019-11-15 2020-05-08 华东计算技术研究所(中国电子科技集团公司第三十二研究所) Mimicry resource scheduling method, system and medium

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106534063B (en) * 2016-09-27 2019-11-12 上海红阵信息科技有限公司 A kind of device, method and apparatus encapsulating isomery function equivalence body
SG11201710238QA (en) * 2017-06-29 2019-01-30 Certis Cisco Security Pte Ltd Autonomic incident triage prioritization by performance modifier and temporal decay parameters
CN112313915B (en) * 2018-11-05 2021-08-31 北京大学深圳研究生院 Security modeling quantification method based on GSPN and halter strap theoretical network space mimicry defense
CN110018895A (en) * 2019-04-15 2019-07-16 中国人民解放军战略支援部队信息工程大学 A kind of execution body dispatching method and system based on isomerism and service quality
CN110557437B (en) * 2019-08-05 2021-11-19 上海拟态数据技术有限公司 Universal mimicry distribution voting scheduling device and method based on user-defined protocol
CN110768966B (en) * 2019-10-10 2022-03-25 中国人民解放军战略支援部队信息工程大学 Secure cloud management system construction method and device based on mimicry defense

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108900654A (en) * 2018-08-04 2018-11-27 中国人民解放军战略支援部队信息工程大学 A kind of DNS dynamic dispatching method based on mimicry name server
CN110166435A (en) * 2019-04-18 2019-08-23 杭州电子科技大学 The mimicry Web gateway system and method for dynamic dispatching are carried out using load balancing
CN110324417A (en) * 2019-06-29 2019-10-11 河南信大网御科技有限公司 A kind of cloud service execution body dynamic reconfiguration method based on mimicry defence
CN110691133A (en) * 2019-09-29 2020-01-14 河南信大网御科技有限公司 Web service mimicry system and method applied to network communication equipment
CN111124663A (en) * 2019-11-15 2020-05-08 华东计算技术研究所(中国电子科技集团公司第三十二研究所) Mimicry resource scheduling method, system and medium

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
Mimic defense: a designed-in cybersecurity defense;Hu H, Wu J;《IET Information Security》;20181231;第226-237页 *
基于拟态防御架构的多余度裁决建模与风险分析;李卫超;《信息安全学报》;20180930;第64-74页 *
基于拟态防御的数据保护安全架构研究;樊永文;《中国优秀博硕士学位论文全文数据库(硕士)信息科技辑》;20190715;第三章 *

Also Published As

Publication number Publication date
CN111628978A (en) 2020-09-04

Similar Documents

Publication Publication Date Title
CN111628978B (en) Mimicry normalization decision making system, method and readable storage medium
CN109410045B (en) Parallel chain consensus method, equipment and storage medium
CN102630315B (en) Method and system for processing data for preventing deadlock
CN109255057B (en) Block generation method, device, equipment and storage medium
CN111510465B (en) Mimicry judging method and judging device based on mixed data type industrial protocol
CN111625558A (en) Server architecture, database query method thereof and storage medium
US20210357466A1 (en) Recording ledger data on a blockchain
CN110648124B (en) Method and apparatus for concurrently executing transactions in a blockchain
CN109213828B (en) Block generation method, device, equipment and storage medium
CN110581887A (en) Data processing method, device, block chain node and storage medium
US20230214338A1 (en) Data moving method, direct memory access apparatus and computer system
CN111553652A (en) Service processing method and device
CN102413247B (en) The restoration methods of crash site of terminal and device
CN113743943A (en) Method for executing transaction in block chain, main node and slave node
US20120096195A1 (en) Data transfer device and data transfer method
CN109992539B (en) Double-host cooperative working device
CN115174090B (en) Block chain consensus method, apparatus, computer device and readable storage medium
CN111209263A (en) Data storage method, device, equipment and storage medium
CN115438025A (en) Data processing method and device
CN114911588A (en) Interrupt routing control method and interrupt controller for system-on-chip
CN112950349B (en) Method and system for processing base distributed system flushing quadrature easy time sequence exception
CN113691632A (en) Dynamic scheduling method and system for block chain computing resources
CN111639129A (en) Transaction processing method and device, electronic equipment and computer-readable storage medium
CN113704006A (en) Communication method, communication device, electronic equipment, storage medium and system on chip
CN112818055B (en) Block chain performance optimization method, device and equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant