CN115499486A - Mimicry system for synchronizing network session connection after execution of body switching - Google Patents

Mimicry system for synchronizing network session connection after execution of body switching Download PDF

Info

Publication number
CN115499486A
CN115499486A CN202211126178.1A CN202211126178A CN115499486A CN 115499486 A CN115499486 A CN 115499486A CN 202211126178 A CN202211126178 A CN 202211126178A CN 115499486 A CN115499486 A CN 115499486A
Authority
CN
China
Prior art keywords
pool
executive
executors
execution
connection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211126178.1A
Other languages
Chinese (zh)
Inventor
席泽生
张波
何川
王云帆
缪巍巍
曾锃
张瑞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Smart Grid Research Institute Co ltd
State Grid Corp of China SGCC
State Grid Jiangsu Electric Power Co Ltd
Information and Telecommunication Branch of State Grid Jiangsu Electric Power Co Ltd
Original Assignee
State Grid Smart Grid Research Institute Co ltd
State Grid Corp of China SGCC
Information and Telecommunication Branch of State Grid Jiangsu Electric Power Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Smart Grid Research Institute Co ltd, State Grid Corp of China SGCC, Information and Telecommunication Branch of State Grid Jiangsu Electric Power Co Ltd filed Critical State Grid Smart Grid Research Institute Co ltd
Priority to CN202211126178.1A priority Critical patent/CN115499486A/en
Publication of CN115499486A publication Critical patent/CN115499486A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/148Migration or transfer of sessions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/146Markers for unambiguous identification of a particular session, e.g. session cookie or URL-encoding

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a mimicry system for synchronizing network session connection after executing body switching, which comprises: the system comprises an input agent, a running executive body pool, a backup executive body pool, a resolver, a configuration manager and a message manager, wherein the configuration manager and the message manager are arranged in the input agent; the configuration manager is used for acquiring network configuration information of the mimicry system network communication and working state information of the executive body; the message manager is used for generating a data message and a connection message; executing the executive in the executive pool to receive the data message, performing operation processing, and sending the operation processing result to the resolver for resolution; and the executors in the backup executors pool receive the connection message, maintain the communication connection with the input agent and do not perform operation processing. Through the setting of the mimicry system, the new online executive body can quickly establish the network connection with the input agent when the executive body is switched, the original system configuration is recovered, and the resource waste caused by the redundant work of the backup executive body is reduced.

Description

Mimicry system for synchronizing network session connection after execution entity switching
Technical Field
The invention relates to the technical field of mimicry defense, in particular to a mimicry system for synchronizing network session connection after execution body switching.
Background
The mimicry defense technology carries out endogenous safety energization on a system by constructing a dynamic heterogeneous redundancy architecture (DHR), so as to realize active defense on unknown vulnerabilities or backdoors. The DHR framework surrounds one or more processing links, a plurality of execution bodies with consistent functions and heterogeneous technologies are built by using diversified software and hardware components, a heterogeneous redundant service environment is built by dynamically scheduling and using the heterogeneous execution bodies, and dynamic and generalized uncertainty is presented to the outside. Each request is processed by a plurality of dynamically selected executives together, so that the attack to a specific vulnerability is avoided in a congenital manner, and the purpose of active defense is realized.
When the mimicry system is attacked, the arbitrator feeds back the abnormal output result of the executive body to the feedback controller, the feedback controller carries out offline or cleaning on the abnormal executive body, and simultaneously selects a new online executive body to participate in the work according to the scheduling strategy so as to ensure the safe and stable operation of the system. When the dispatching cycle is switched, the feedback controller selects a new executive body to form an operation executive body set according to the dispatching strategy so as to increase the safety and the dynamic property of the system. When a new executive body is online, how to quickly establish the connection between the new online executive body and other functional modules of the mimicry system, synchronously switch the previous network session state, and recover the normal functions of the system is very important for the mimicry system to exert the functionality and stability of providing services for the outside. Therefore, the research on the fast online and synchronous network session connection after the heterogeneous executors are switched has important significance for improving the service quality of the mimicry system.
Disclosure of Invention
In view of this, embodiments of the present invention provide a mimicry system for synchronizing network session connection after performing body switch, so as to solve the technical problem in the prior art how to keep fast online and synchronize network call back connection after performing body switch.
The technical scheme provided by the invention is as follows:
a first aspect of an embodiment of the present invention provides a mimicry system for synchronizing network session connections after a peer handover is performed, including: the system comprises an input agent, a running executive body pool, a backup executive body pool, a resolver, a configuration manager and a message manager, wherein the configuration manager and the message manager are arranged in the input agent; the configuration manager is used for acquiring network configuration information of mimicry system network communication and working state information of an executive body, and the working state information of the executive body in the running executive body pool is different from that of the executive body in the backup executive body pool; the message manager is used for generating a data message and a connection message according to the network configuration information and the working state information; the executive bodies in the running executive body pool are respectively connected with the input agent and the resolver, receive the data messages sent by the input agent, perform operation processing, and send operation processing results to the resolver for resolution; and the executive bodies in the backup executive body pool are connected with the input agent, receive the connection message sent by the input agent, keep the communication connection with the input agent according to the connection message and do not perform operation processing.
Optionally, the configuration manager comprises: the network information module is used for recording network configuration information of network communication of the mimicry system; the executive information module is used for recording the working state information of the executive, the working state information comprises an executive number and an executive pool identification bit, the executive pool identification bit of the executive in the running executive pool is a first executive pool identification bit, the executive pool identification bit of the executive in the backup executive pool is a second executive pool identification bit, and the executive pool identification bit of the cleaned executive is a third executive pool identification bit.
Optionally, the mimicry system for performing network session connection synchronization after the body switch further includes: a feedback controller; the feedback controller is used for outputting a first scheduling command to the running execution body pool, outputting a second scheduling command to the backup execution body pool and outputting a third scheduling command to the cleaned execution body when the execution body needs to be switched; the first scheduling command is used for disconnecting the connection between the executive bodies in the running executive body pool and the input agent and the resolver, migrating the disconnected executive bodies out of the running executive body pool, and changing the working state information of the migrated executive bodies; the second scheduling command is used for establishing the connection between the executives in the backup executives pool and the resolver, migrating the executives which are disconnected from the backup executives pool into the running executives pool, and changing the working state information of the migrated executives; the third scheduling command is used for establishing connection between the execution body and the input agent, migrating the execution body into a backup execution body pool, and changing the working state information migrated into the execution body.
Optionally, the feedback controller is specifically configured to receive a scheduling period input from the outside, output a first scheduling command to the run execution pool when switching the execution unit according to the scheduling period, and output a second call command to the backup execution pool; the first scheduling command is used for selecting a preset number of executors from the running executors pool, disconnecting the preset number of executors from the input agent and the arbitrator in the running executors pool, migrating the preset number of executors from the running executors pool, and changing the working state information of the migrated executors; the second scheduling command is used for selecting a preset number of executors from the backup executors pool, establishing connection between the executors and the arbitrator, migrating the executors from the backup executors pool to the running executors pool, and changing the working state information of the migrated executors.
Optionally, the feedback controller is further configured to output a third scheduling command to the cleaned execution entity when the execution entity is switched according to the scheduling period, where the third scheduling command is used to migrate a preset number of cleaned execution entities into the backup execution entity pool, establish a connection between the migrated execution entity and the input agent, and change the working state information of the migrated execution entity.
Optionally, the feedback controller is specifically configured to receive a resolution result of the resolver, output a first scheduling command to the run executor pool when an executor is switched according to an abnormal executor in the resolution result, and output a second call command to the backup executor pool; the first scheduling command is used for disconnecting the connection between the abnormal execution body in the running execution body pool and the input agent and the arbitrator, migrating the abnormal execution body from the running execution body pool to be cleaned, and changing the working state information of the migrated execution body; the second scheduling command is used for selecting the executors with the same number as the abnormal executors from the backup executors, establishing the connection between the executors and a resolver, transferring the executors from the backup executors to the running executors, and changing the working state information of the executors transferred out.
Optionally, the feedback controller is further configured to output a third scheduling command to the cleaned execution entity when the execution entity is switched according to the abnormal execution entity in the arbitration result, where the third scheduling command is used to migrate the cleaned execution entities, which are the same in number as the abnormal execution entity, into the backup execution entity pool, establish a connection between the migrated execution entity and the input proxy, and change the working state information of the migrated execution entity.
Optionally, the feedback controller is further configured to send migration information of the execution block to the configuration manager, and the configuration manager updates working state information of the execution block; and the message manager generates a new data message and a new connection message according to the updated working state information of the executive, sends the new data message to the executive which is migrated in the running executive pool, and sends the new connection message to the slave executive which is migrated in the backup executive pool.
Optionally, the data packet includes working data, the working data is used to be sent to an executor in the run executor pool for performing operation processing, and the connection packet does not include the working data.
The technical scheme provided by the invention has the following effects:
according to the mimicry system for synchronizing network session connection after execution body switching, provided by the embodiment of the invention, by arranging the configuration manager, the message manager and the backup execution body pool, the message manager generates a data message and a connection message according to information recorded by the configuration manager, and the execution body in the execution body pool can perform operation processing according to the data message; the executors in the backup executors pool can maintain the connection with the input agent according to the connection message without performing operation processing. Therefore, the mimicry system realizes that the executive body keeps the communication state and does not waste system resources too much; the executive in the backup executive pool can maintain the network connection with the input agent with lower resource consumption, so that the executive in the backup executive pool can be rapidly synchronized when being scheduled and switched to be converted into the executive in the running executive pool, a normal external service function is provided, the function of the mimicry system is not influenced when the executive is switched, and the quality of the service provided by the mimicry system to the outside is improved. Through the setting of the mimicry system, the new online executive body can quickly establish the network connection with the input agent when the executive body is switched, the original system configuration is recovered, and the resource waste caused by the redundant work of the backup executive body is reduced.
According to the mimicry system for synchronizing network session connection after execution body switching, provided by the embodiment of the invention, the message manager is set to generate a data message for complete data transmission and a connection message only used for connection establishment according to different identification bits according to the execution body information recorded by the configuration manager. In the working process, the network connection is established with the executors in the backup executors pool by using the connection message, no specific operation resource is sent, and no operation is carried out by the backup executors. Therefore, the network connection with the input agent can be quickly established by the new online executive body when the executive body is switched, the original system configuration is recovered, and the resource waste caused by the redundant work of the backup executive body is reduced.
The mimicry system for synchronizing network session connection after execution body switching provided by the embodiment of the invention carries out scheduling and updating of the execution body set in a layered connection and layered operation mode, wherein the scheduling and updating comprises an abnormal execution body offline mode and an updating and switching new execution body set mode. The running execution body pool can adapt to complex and changeable attack scenes, the safety and the stability of the mimicry system are enhanced, an attacker is difficult to learn the structure of the realization of the internal service function of the system, and the anti-attack capability of the mimicry system is improved.
According to the mimicry system for synchronizing network session connection after execution body switching, provided by the embodiment of the invention, the input agent sends different messages, and the operation execution body pool and the backup execution body pool are connected with the input agent and the arbitrator in a layering manner to execute scheduling work, so that the operation execution body pool can adapt to complex and variable attack scenes, the safety and the stability of the mimicry system are enhanced, an attacker is difficult to learn the structure of realizing the internal service function of the system, and the anti-attack capability of the mimicry system is improved. Meanwhile, the backup executive body and the input agent can maintain a communication link continuously with low resource consumption, and the network and data synchronization of a new online executive body can be realized easily.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the prior art descriptions will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
FIG. 1 is a block diagram of a proposed defense system based on a dynamic heterogeneous redundant architecture;
FIG. 2 is a block diagram of a mimetic system for network session connection synchronization after performing a body switch, according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a data packet according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a connection packet according to an embodiment of the present invention.
Detailed Description
The current mimicry defense system based on dynamic heterogeneous redundancy structure, as shown in fig. 1, is generally composed of an input agent, a plurality of heterogeneous executives, a resolver, an output agent and a feedback controller; the input agent is used for receiving externally input data; the heterogeneous executives are used as core processing units of the system, a plurality of environments with the same function but different running conditions are created, independent operation processing can be carried out on the data received by the input agent, and the operation processing result is sent to the resolver for resolution; the resolver judges whether the abnormality caused by threatened utilization occurs in the system or not according to the resolving results of a plurality of heterogeneous executives, namely whether the operation processing result of a certain heterogeneous executant is different from other results or not, and the resolver generates a final resolving result through analysis processing; sending the arbitration result to a feedback controller; meanwhile, the output agent outputs a normal operation processing result; and when the feedback controller receives the judgment result, resetting or cleaning the abnormal heterogeneous execution offline.
Therefore, when the feedback controller receives the arbitration result and takes the abnormal heterogeneous executive bodies off line, a new heterogeneous executive body needs to be selected to replace the abnormal executive bodies; in addition, when the feedback controller also needs to select a new heterogeneous executive to replace the original abnormal executive based on the scheduling period; however, when a new heterogeneous execution body is online, the current scheme cannot quickly establish the connection between the new online execution body and other functional modules of the mimicry system, synchronously switch the previous network session state, and recover the normal functions of the system. In view of this, the embodiment of the present invention provides a mimicry system for network session connection synchronization after an execution entity is switched, so as to achieve an effect of quickly synchronizing a network session connection state when a new heterogeneous execution entity is online.
In order to make the technical solutions of the present invention better understood, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terms "first," "second," "third," "fourth," and the like in the description and in the claims, as well as in the drawings, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It will be appreciated that the data so used may be interchanged under appropriate circumstances such that the embodiments described herein may be practiced otherwise than as specifically illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Example 1
An embodiment of the present invention provides a mimicry system for synchronizing network session connections after performing entity switching, as shown in fig. 2, the mimicry system includes: the system comprises an input agent, a running executive body pool, a backup executive body pool, a resolver, a configuration manager and a message manager, wherein the configuration manager and the message manager are arranged in the input agent; the configuration manager is used for acquiring network configuration information of network communication of the mimicry system and working state information of the executors, and the working state information of the executors in the running executors pool is different from that of the executors in the backup executors pool; the message manager is used for generating a data message and a connection message according to the network configuration information and the working state information; the executive bodies in the running executive body pool are respectively connected with the input agent and the resolver, receive the data messages sent by the input agent, perform operation processing, and send operation processing results to the resolver for resolution; and the executive bodies in the backup executive body pool are connected with the input agent, receive the connection message sent by the input agent, keep the communication connection with the input agent according to the connection message and do not perform operation processing.
According to the mimicry system for synchronizing network session connection after execution body switching, provided by the embodiment of the invention, by arranging the configuration manager, the message manager and the backup execution body pool, the message manager generates a data message and a connection message according to information recorded by the configuration manager, and the execution body in the execution body pool can perform operation processing according to the data message; the executors in the backup executors pool can maintain the connection with the input agent according to the connection message without performing operation processing. Therefore, the mimicry system realizes that the executive body keeps the communication state and does not waste system resources too much; the executive in the backup executive pool can maintain the network connection with the input agent with lower resource consumption, so that the executive in the backup executive pool can be rapidly synchronized when being scheduled and switched to be converted into the executive in the running executive pool, a normal external service function is provided, the function of the mimicry system is not influenced when the executive is switched, and the quality of the service provided by the mimicry system to the outside is improved. Through the setting of the mimicry system, the new online executive body can quickly establish the network connection with the input proxy when the executive body is switched, the original system configuration is recovered, and the resource waste caused by the redundant work of the backup executive body is reduced.
In one embodiment, the configuration manager comprises: the network information module is used for recording network configuration information of network communication of the mimicry system; the executive information module is used for recording the working state information of the executive, the working state information comprises an executive number and an executive pool identification bit, the executive pool identification bit of the executive in the running executive pool is a first executive pool identification bit, the executive pool identification bit of the executive in the backup executive pool is a second executive pool identification bit, and the executive pool identification bit of the cleaned executive is a third executive pool identification bit. Specifically, the first execution block pool flag may be set to 0, the second execution block flag may be set to 1, and the third execution block pool flag may be set to-1; in addition, in other embodiments, the three execution body pool identification bits may also be set to other values, and the setting of the specific value is not specifically limited in the embodiment of the present invention.
In an embodiment, the data packet includes working data, the working data is used to be sent to an executor in the run executor pool for performing arithmetic processing, and the connection packet does not include the working data. When the message manager generates a data message or a connection message, based on the number of each execution body and the corresponding execution body pool identification bit, the message manager may generate the data message or the connection message corresponding to each execution body number on the basis of determining the network configuration information, for example, when the execution body pool identification bit is 0, the message manager generates the data message; when the identification bit of the execution body pool is 1, generating a connection message; and then according to the corresponding executive body number, sending the generated data message or connection message to the corresponding executive body.
Specifically, as shown in fig. 3 and 4, the data packet and the packet header of the connection packet are similar to each other, and are an IP header containing IP information and a TCP header containing port information, which are different in the packet body part. The message body of the data message contains the working data of the mimicry system for providing the function service to the outside, and the input agent sends the working data to the executing body running on line in the running executing body pool through the data message for operation processing. The message body of the connection message does not contain data or only contains part of short data for maintaining communication, and the input agent sends the connection message to the backup executive bodies in the backup executive body pool to maintain the continuous communication connection between the input agent and the backup executive bodies.
According to the mimicry system for synchronizing network session connection after execution body switching, provided by the embodiment of the invention, the message manager is set to generate a data message for complete data transmission and a connection message only used for connection establishment according to different identification bits according to the execution body information recorded by the configuration manager. In the working process, the network connection is established with the executors in the backup executors pool by using the connection message, no specific operation resource is sent, and no operation is carried out by the backup executors. Therefore, the network connection with the input agent can be quickly established by the new online executive body when the executive body is switched, the original system configuration is recovered, and the resource waste caused by the redundant work of the backup executive body is reduced.
In one embodiment, the mimicry system for network session connection synchronization after performing a body switch further comprises: a feedback controller; when the execution body needs to be switched, the feedback controller outputs a first scheduling command to the running execution body pool, outputs a second scheduling command to the backup execution body pool, and outputs a third scheduling command to the cleaned execution body; the first scheduling command is used for disconnecting the connection between the executive bodies in the running executive body pool and the input agent and the resolver, migrating the disconnected executive bodies from the running executive body pool, and modifying the executive body pool identification bits of the disconnected executive bodies from 0 to-1; the second scheduling command is used for establishing the connection between the executives in the backup executives pool and the resolver, migrating the disconnected executives from the backup executives pool into the running executives pool, and modifying the identification bits of the executives pool from 1 to 0; and the third scheduling command is used for establishing the connection between the execution body and the input agent, migrating the execution body into a backup execution body pool, and modifying the identification bit of the execution body pool from-1 to 1.
In an embodiment, the feedback controller is further configured to send migration information of an execution entity to the configuration manager, and the configuration manager updates working state information of the execution entity; and the message manager generates a new data message and a new connection message according to the updated working state information of the executive, sends the new data message to the executive which migrates in the running executive pool, and sends the new connection message to the executive which migrates in the backup executive pool. Specifically, when the executors in the running executors pool and the backup executors pool are migrated, the message manager generates a new data message or a connection message based on the number of the migrated executors and the identifier of the executors pool according to the information of the updated executors in the configuration manager, and sends the new data message or the connection message to the corresponding migrated executors.
Example 2
The embodiment of the invention provides a mimicry system for synchronizing network session connection after execution body switching, which is used for realizing switching of execution bodies according to a scheduling period. The mimicry system comprises: the system comprises an input agent, a running executive body pool, a backup executive body pool, a resolver, a configuration manager and a message manager, wherein the configuration manager and the message manager are arranged in the input agent; the configuration manager is used for acquiring network configuration information of network communication of the mimicry system and working state information of the executors, and the working state information of the executors in the running executors pool is different from that of the executors in the backup executors pool; the message manager is used for generating a data message and a connection message according to the network configuration information and the working state information; the executive bodies in the running executive body pool are respectively connected with the input agent and the resolver, receive the data messages sent by the input agent, perform operation processing, and send operation processing results to the resolver for resolution; and the executive bodies in the backup executive body pool are connected with the input proxy, receive the connection messages sent by the input proxy, keep the communication connection with the input proxy according to the connection messages and do not perform operation processing.
The mimicry system further comprises: a feedback controller; the feedback controller is used for receiving a scheduling period input from the outside, outputting a first scheduling command to the running executive body pool when switching the executive bodies according to the scheduling period, and outputting a second calling command to the backup executive body pool; the first scheduling command is used for selecting a preset number of executors from the running executors pool, disconnecting the connections among the preset number of executors in the running executors pool, the input agent and the arbitrator, migrating the executors from the running executors pool, and changing the working state information of the migrated executors, for example, changing the executive pool identification bit of the migrated executors from 0 to-1; the second scheduling command is used for selecting a preset number of executors from the backup executable pool, establishing connection between the executors and the arbitrator, migrating the executors from the backup executable pool to the running executable pool, and changing the working state information of the migrated executors, for example, changing the identifier bit of the execution pool of the migrated executors from 1 to 0. And the feedback controller is also used for outputting a third scheduling command to the cleaned executive body when the executive body is switched according to the scheduling period, wherein the third scheduling command is used for migrating a preset number of cleaned executive bodies into the backup executive body pool, establishing the connection between the migrated executive bodies and the input agent, and changing the working state information of the migrated executive bodies, if the executive body pool identification bit of the migrated executive body is changed from-1 to 1.
The numerical values of the preset number can be preset according to actual needs; the embodiment of the present invention is not limited to specific values. In addition, when the executors are selected based on the preset number, the executors can be selected randomly in the running executors pool or the backup executors pool, or can be selected according to a certain sequence, and the specific selection mode can be determined according to the actual situation.
In an embodiment, the feedback controller is further configured to send migration information of an execution entity to the configuration manager, and the configuration manager updates working state information of the execution entity; and the message manager generates a new data message and a new connection message according to the updated working state information of the executive, sends the new data message to the executive which is migrated in the running executive pool, and sends the new connection message to the executive which is migrated in the backup executive pool.
Example 3
The embodiment of the invention provides a mimicry system for synchronizing network session connection after execution body switching, which is used for realizing switching of execution bodies according to a judgment result of a judgment device. The mimicry system comprises: the system comprises an input agent, a running execution body pool, a backup execution body pool, a resolver, a configuration manager and a message manager, wherein the configuration manager and the message manager are arranged in the input agent; the configuration manager is used for acquiring network configuration information of mimicry system network communication and working state information of an executive body, and the working state information of the executive body in the running executive body pool is different from that of the executive body in the backup executive body pool; the message manager is used for generating a data message and a connection message according to the network configuration information and the working state information; the executive bodies in the running executive body pool are respectively connected with the input agent and the resolver, receive the data messages sent by the input agent, perform operation processing, and send operation processing results to the resolver for resolution; and the executive bodies in the backup executive body pool are connected with the input agent, receive the connection message sent by the input agent, keep the communication connection with the input agent according to the connection message and do not perform operation processing.
The mimicry system further comprises: a feedback controller; the feedback controller is used for receiving the arbitration result of the arbitrator, outputting a first scheduling command to the running execution body pool and outputting a second calling command to the backup execution body pool when an abnormal execution body in the arbitration result switches the execution body; the first scheduling command is used for disconnecting the connection between the abnormal execution body in the running execution body pool and the input agent and the arbitrator, migrating the abnormal execution body from the running execution body pool to be cleaned, and changing the working state information of the migrated execution body, if the execution body pool identification bit of the migrated execution body is changed from 0 to-1; and the second scheduling command is used for selecting the executors with the same number as the abnormal executors from the backup executors pool, establishing the connection between the executors and the arbitrator, migrating the executors from the backup executors pool to the running executors pool, and changing the working state information of the migrated executors, such as modifying the execution pool identification bit of the migrated executors from 1 to 0. And the feedback controller is further configured to output a third scheduling command to the cleaned execution entity when the execution entity is switched according to the abnormal execution entity in the arbitration result, where the third scheduling command is used to migrate the cleaned execution entities of the same number as the abnormal execution entity into the backup execution entity pool, establish a connection between the migrated execution entity and the input agent, and change the working state information of the migrated execution entity, for example, change the execution entity pool identification bit of the migrated execution entity from-1 to 1.
In an embodiment, the feedback controller is further configured to send migration information of an execution entity to the configuration manager, and the configuration manager updates working state information of the execution entity; and the message manager generates a new data message and a new connection message according to the updated working state information of the executive, sends the new data message to the executive which is migrated in the running executive pool, and sends the new connection message to the slave executive which is migrated in the backup executive pool.
It should be noted that, for the functional description of each structure in the mimicry system for performing network session connection synchronization after body switching in embodiment 2 and embodiment 3, reference is made in detail to the functional description of each structure in the mimicry system for performing network session connection synchronization after body switching in embodiment 1. The details of embodiment 2 and embodiment 3 are not repeated.
The mimicry system for synchronizing network session connection after execution body switching provided by the embodiment of the invention carries out scheduling and updating of the execution body set in a layered connection and layered operation mode, wherein the scheduling and updating comprises an abnormal execution body offline mode and an updating and switching new execution body set mode. The running execution body pool can adapt to complex and changeable attack scenes, the safety and the stability of the mimicry system are enhanced, an attacker is difficult to learn the structure of the realization of the internal service function of the system, and the anti-attack capability of the mimicry system is improved.
According to the mimicry system for synchronizing network session connection after execution body switching, provided by the embodiment of the invention, the input agent sends different messages, and the operation execution body pool and the backup execution body pool are connected with the input agent and the arbitrator in a layering manner to execute scheduling work, so that the operation execution body pool can adapt to complex and variable attack scenes, the safety and the stability of the mimicry system are enhanced, an attacker is difficult to learn the structure for realizing the internal service function of the system, and the anti-attack capability of the mimicry system is improved. Meanwhile, the backup executive body and the input agent can maintain a communication link continuously with low resource consumption, and the network and data synchronization of a new online executive body can be realized easily.
Although the embodiments of the present invention have been described in conjunction with the accompanying drawings, those skilled in the art may make various modifications and variations without departing from the spirit and scope of the invention, and such modifications and variations fall within the scope defined by the appended claims.

Claims (9)

1. A mimicry system for performing post-volume handoff network session connection synchronization, comprising: the system comprises an input agent, a running execution body pool, a backup execution body pool, a resolver, a configuration manager and a message manager, wherein the configuration manager and the message manager are arranged in the input agent;
the configuration manager is used for acquiring network configuration information of mimicry system network communication and working state information of an executive body, and the working state information of the executive body in the running executive body pool is different from that of the executive body in the backup executive body pool;
the message manager is used for generating a data message and a connection message according to the network configuration information and the working state information;
the executive bodies in the running executive body pool are respectively connected with the input agent and the resolver, receive the data messages sent by the input agent, perform operation processing and send operation processing results to the resolver for resolution;
and the executive bodies in the backup executive body pool are connected with the input agent, receive the connection message sent by the input agent, keep the communication connection with the input agent according to the connection message and do not perform operation processing.
2. The mimicry system for network session connection synchronization after performing a body handoff according to claim 1, wherein the configuration manager comprises:
the network information module is used for recording network configuration information of network communication of the mimicry system;
the executive information module is used for recording the working state information of the executive, the working state information comprises an executive number and an executive pool identification bit, the executive pool identification bit of the executive in the running executive pool is a first executive pool identification bit, the executive pool identification bit of the executive in the backup executive pool is a second executive pool identification bit, and the executive pool identification bit of the cleaned executive is a third executive pool identification bit.
3. The mimicry system for performing post-body handoff network session connection synchronization of claim 1, further comprising: a feedback controller;
the feedback controller is used for outputting a first scheduling command to the running execution body pool, outputting a second scheduling command to the backup execution body pool and outputting a third scheduling command to the cleaned execution body when the execution body needs to be switched;
the first scheduling command is used for disconnecting the connection between the executive bodies in the running executive body pool and the input agent and the resolver, migrating the disconnected executive bodies out of the running executive body pool, and changing the working state information of the migrated executive bodies;
the second scheduling command is used for establishing the connection between the executives in the backup executives pool and the resolver, migrating the executives which are disconnected from the backup executives pool into the running executives pool, and changing the working state information of the migrated executives;
the third scheduling command is used for establishing connection between the execution body and the input agent, migrating the execution body into the backup execution body pool, and changing the working state information migrated into the execution body.
4. The mimicry system for performing post-volume handoff network session connection synchronization of claim 3,
the feedback controller is specifically configured to receive an externally input scheduling period, output a first scheduling command to the operating execution body pool when switching an execution body according to the scheduling period, and output a second call command to the backup execution body pool;
the first scheduling command is used for selecting a preset number of executors from the running executors pool, disconnecting the preset number of executors from the input agent and the arbitrator in the running executors pool, migrating the preset number of executors from the running executors pool, and changing the working state information of the migrated executors;
the second scheduling command is used for selecting a preset number of executors from the backup executors pool, establishing connection between the executors and the arbitrator, migrating the executors from the backup executors pool to the running executors pool, and changing the working state information of the migrated executors.
5. The mimicry system for synchronization of network session connections after execution entity switchover as recited in claim 4, wherein the feedback controller is further configured to output a third scheduling command to the cleaned execution entity when the execution entity is switched according to the scheduling period, where the third scheduling command is used to migrate a preset number of cleaned execution entities into the backup execution entity pool, establish a connection between the migrated execution entity and the input agent, and change the working state information of the migrated execution entity.
6. The mimicry system for performing post-volume handover network session connection synchronization of claim 3,
the feedback controller is specifically configured to receive a resolution result of the resolver, output a first scheduling command to the run executor pool when an executor is switched according to an abnormal executor in the resolution result, and output a second call command to the backup executor pool;
the first scheduling command is used for disconnecting the connection between the abnormal execution body in the running execution body pool and the input agent and the arbitrator, migrating the abnormal execution body from the running execution body pool to be cleaned, and changing the working state information of the migrated execution body;
the second scheduling command is used for selecting the executors with the same number as the abnormal executors from the backup executors pool, establishing the connection between the executors and the arbitrator, migrating the executors from the backup executors pool to the running executors pool, and changing the working state information of the migrated executors.
7. The mimicry system for network session connection synchronization after performing a body switch according to claim 6,
and the feedback controller is also used for outputting a third scheduling command to the cleaned executive bodies when the executive bodies are switched according to the abnormal executive bodies in the judgment result, wherein the third scheduling command is used for migrating the cleaned executive bodies with the same quantity as the abnormal executive bodies into the backup executive body pool, establishing the connection between the migrated executive bodies and the input proxy and changing the working state information of the migrated executive bodies.
8. The mimicry system for synchronization of network session connections after execution of a handoff of an entity of claim 3, wherein the feedback controller is further configured to send migration-in and migration-out information of the execution entity to the configuration manager, and the configuration manager updates the operating status information of the execution entity; and the message manager generates a new data message and a new connection message according to the updated working state information of the executive, sends the new data message to the executive which is migrated in the running executive pool, and sends the new connection message to the slave executive which is migrated in the backup executive pool.
9. The mimicry system for synchronization of network session connection after effector handover according to any one of claims 1-8, wherein the data packet includes working data, the working data is used to be sent to an effector in the runtime effector pool for performing operation processing, and the connection packet does not include working data.
CN202211126178.1A 2022-09-16 2022-09-16 Mimicry system for synchronizing network session connection after execution of body switching Pending CN115499486A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211126178.1A CN115499486A (en) 2022-09-16 2022-09-16 Mimicry system for synchronizing network session connection after execution of body switching

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211126178.1A CN115499486A (en) 2022-09-16 2022-09-16 Mimicry system for synchronizing network session connection after execution of body switching

Publications (1)

Publication Number Publication Date
CN115499486A true CN115499486A (en) 2022-12-20

Family

ID=84468636

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211126178.1A Pending CN115499486A (en) 2022-09-16 2022-09-16 Mimicry system for synchronizing network session connection after execution of body switching

Country Status (1)

Country Link
CN (1) CN115499486A (en)

Similar Documents

Publication Publication Date Title
CN110380961B (en) Pseudo-reconstruction device and method for traditional router
CN101571813B (en) Master/slave scheduling method in multimachine assembly
CN101136900B (en) Fast transparent fault shift device and implementing method facing to service
EP3958508A1 (en) Data processing method and device, storage medium and electronic device
CN111858165B (en) Rapid recovery method, system and framework for heterogeneous executer
US11245615B2 (en) Method for determining link state, and device
CN104158707A (en) Method and device of detecting and processing brain split in cluster
CN110895469A (en) Method and device for upgrading dual-computer hot standby system, electronic equipment and storage medium
CN110247980B (en) Gateway control method in local area network and gateway
CN106411574B (en) Management control method and device
CN105490960A (en) SDN configuration, and message forwarding method based on same
CN115499486A (en) Mimicry system for synchronizing network session connection after execution of body switching
CN114268581B (en) Method for realizing high availability and load sharing of network equipment
Huang et al. A multi-agent based algorithm for mesh-structured shipboard power system reconfiguration
CN111741175A (en) Call center system, signal transmission method, device, server and medium
CN113556248B (en) Cluster measurement and control dynamic deployment method, device, equipment and storage medium
US20230266994A1 (en) Migration of computational units in distributed networks
CN111193674A (en) Method and system for realizing load distribution based on scene and service state
CN114826972B (en) Stacking equipment and stacking releasing method thereof
CN208299812U (en) A kind of active-standby switch system based on ZooKeeper cluster
JP6127615B2 (en) Server, network device, server system, communication destination determination method
CN111124638B (en) Multi-machine program scheduling system under embedded Linux system and implementation method
CN113788375A (en) Method, device, storage medium and electronic device for acquiring call information
Cao et al. Challenges and Solutions of Public Cloud Carrying 5GC Network
Gessner et al. Towards a layered architecture for the flexible time-triggered replicated star for ethernet

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20230411

Address after: 102209 18 Riverside Avenue, Changping District science and Technology City, Beijing

Applicant after: State Grid Smart Grid Research Institute Co.,Ltd.

Applicant after: STATE GRID JIANGSU ELECTRIC POWER Co.,Ltd. INFORMATION & TELECOMMUNICATION BRANCH

Applicant after: STATE GRID CORPORATION OF CHINA

Applicant after: STATE GRID JIANGSU ELECTRIC POWER Co.,Ltd.

Address before: 102209 18 Riverside Avenue, Changping District science and Technology City, Beijing

Applicant before: State Grid Smart Grid Research Institute Co.,Ltd.

Applicant before: STATE GRID JIANGSU ELECTRIC POWER Co.,Ltd. INFORMATION & TELECOMMUNICATION BRANCH

Applicant before: STATE GRID CORPORATION OF CHINA