Professor Luo Lin pointed out that the problem of information security confrontation is essentially a complex systemic problem. "Various information systems are embedded in larger systems, which in turn include systems, which in turn are integrated into larger systems." This follows the evolutionary principle of contradictory and unified development.
However, the study of sub-technologies cannot represent the whole by simple summation, and it is difficult to "integrate" the whole, i.e. "the whole is greater than the sum of its parts". At the same time, the field of information security is complicated, if you start from the existing technical methods, analyze the specific technical principles, performance, advantages and disadvantages, etc., it is not easy to sort out the pulse, easy to omit the important foundation, system level concepts, laws, etc., the so-called "see the trees and see the forest".
Based on such complexity, Professor Forest Law's team summarized the principles of the information security countermeasures base level into six items.
First, it is the principle of information system peculiarity keeping exploitation and attack confrontation, the confrontation of information security is the confrontation action of both sides around the system peculiarity keeping, "If we want to keep it secret, we have to hide it in a big way and find no peculiarity. "
Secondly, there is the principle of relative authenticity of information security and counter information. Information cannot be absolutely hidden, imitated or falsified, but "there is interference and destruction within any information we come into contact with", and the existence of information is relative.
In fact, our biometric features can be easily deceived, and this involves the third principle - the generalized space-time dimensional information interweaving representation and measurement limited principle - to verify the authenticity, which requires us to "reduce the temporal and spatial dimensional scales as much as possible" and use information features and measurements to improve the information system security countermeasures.
The fourth and fifth items are the principle of the opposite of the opposite of the opposite on the basis of the common path and the principle of the opposite of the opposite of the opposite of the common path. The former reflects the characteristic that the direction of contradictory movement is always towards the opposite side, while the latter requires us to take the other side of the common path in the direction of conformity, in essence to achieve the effect of reverse confrontation. A typical case of this is both a denial-of-service attack that sends an excessive number of service requests to bring down an information system, during which "we use a forward approach to reach a reverse attack. "
Finally, there is the competition for the right to counter information to quickly establish countermeasure response principles. It requires that we obtain counter information in the counter environment and develop an advantage that we can actively exploit in order to subsequently counteract it and build a systematic counter response.
Based on this, Professor Luo Lin's team has also proposed five information security and countermeasures system layer principles.
The first is the principle of the active-passive position and its local fight for the initiative to win the process. The attacked is usually in a reactive state, which is immutable, and all it can do is to fight for local initiative in the face of global passivity. "We, as the attacked side, tend to pay attention to reactive situations where the attacker can launch an attack at any time and place for the purpose of the attack, so we on the counter-attack side raise our baseline of defense, detection, contingency, and confrontation as much as possible, and you don't really know when the attacker is going to launch an attack, and therein we can also set up decoy systems."
The second is that information security is placed at the top of the information system function considering the principle of integrated operations. "While information security is not its entire function, something is going to go terribly wrong now if it's not defined at the top level of consideration." However, since information security plays more of a role in securing normal services, there is also a need to properly manage the interrelationship of the sub-functions without major dysfunctions.
The third is the principle that the transfer of core measures of technology constitutes a serial chain structure that creates vulnerability. Each security measure, in the technical measures implemented to achieve its "purpose", necessarily follows the pattern of transfer from the core of the technology to the ordinary technology. "We set a key for people to remember, we break people through, the system breaks through, so the core of the technology shifts to reach a common technology, and we can just attack that common technology."
In addition, there are principles of information adversarial applications based on symmetric and asymmetric transformations and principles of indirect adversarial equivalence under conditions of multi-level and multi-profile dynamics combinations. And based on the above principles, "we constructed some models of cybersecurity and countermeasures and an attack model that reaches the top level of control guidance, and divided the whole attack process into three phases. The first is the co-doctoring stage, where the other person doesn't necessarily feel it; The second is the Reverse I phase, where we start probing him for flaws and vulnerabilities; The third is the Reverse Path II phase, where the attack begins to be carried out. "In fact, you should be aware of it in the first phase as the counterattacking party, and the counterattack should be quick and accurate," explained Professor Rohlin. "
And when it comes to concrete execution, it requires a different approach at the strategic, tactical and combat levels. "Let's say we break the conditions it fights against, or just do the opposite and break its constraints for effect." At the same time, "by using a combination of fast response, etc. to counter compound attacks, break through in each of the time and space dimensions and disrupt its continuous links. "
Cybersecurity is a matter of overall national security and must be considered on three levels: theoretical, technical and practical, which his team is doing.
As one of the first "985 Project" and "211 Project" universities in China to establish a first-level discipline and doctoral program in the field of information security, Beijing University of Technology prepared to set up the "Information Countermeasures Technology" program in the last century. The Experimental Center for Information Systems and Security Countermeasures, which is in charge of Professor Luo Lin, is an experimental teaching demonstration center of the Ministry of Industry and Information Technology, and its research covers many aspects such as network security technology application, data mining technology application and big data processing, syntactic structure model and information security application, media processing and information security application, etc. It has published more than 200 academic papers and authored 14 books.
"We have created an innovative and leading talent development model and approach to cyberspace security that promotes research-based research and teaching." Professor Luo Lin said, "Cyberspace security is always and everywhere, and we should be aware of the cyber security posture in all aspects 24/7 and build a strong cyber security system to serve the national cyberspace security strategy. "
In fact, this is not only a request made by Prof. Luo Lin for him and his team, but also a common goal for all practitioners in China's cyber security industry, including Baidu Security, and achieving this goal requires the joint efforts and cooperation of industry, academia and research.
All along, Baidu Security has been an active promoter of openness and win-win in the industry. In this AI security sub-forum, elites from all walks of life also gathered to share their theoretical views and latest progress in the field of cybersecurity in the AI era - to help build national cybersecurity, to enable safer AI to drive the transformation of the industrial Internet, and to build a security ecology in the AI era.
More Information Security Information
Stay tuned to the public!
>>1、Hes a computer science major And a goddess in motionJRR This is how Zhang Lu conquered the blockchain market2、The first thing you need to do is to get a good idea of what youre getting into3、神经网络还简单周志华其实只是个简单的数学函数4、007 Mathematical graph drawing5、Realtime analysis of big data makes finegrained operations more efficient