The Principle of Cyberspace Mimic Defense
As pointed out in the previous chapters, cyberspace mimic defense (CMD) is technically based on an innovative general robust control structure (GRCS) and a deceptive mimic camouflage or invisibility/stealth mechanism that can produce a physical or logical scenario similar to the uncertainty principle of quantum mechanics, and this structure and mechanism can be employed to provide the intensified “trinity” functionality: application service provision, reliability guarantee, and secure and trusted defense in the target object. Its GRCS and endogenous security mechanism can provide Integrated Point-Surface (IPS) suppression without relying on prior knowledge of the attacker and conventional active/passive protection and control measures against uncertain threats based on unknown vulnerabilities or virus Trojans within the target system. Physical or virtual software/hardware bodies or virtual physical combined bodies designed based on this control structure and camouflage mechanism, such as IP cores, chips, middleware/embedded hardware and software, modules, components, devices, systems, platforms or networks, as well as all kinds of virtualization processing scenarios, can effectively control general uncertain disturbances (GUD), including known unknown security risks or unknown unknown security threats. However, CMD aims to solve the deal with uncertain threats from target-unknown vulnerabilities and cannot and will never completely solve all security-related problems in cyberspace, nor does it attempt to independently support the entire protection and control system for cyber security or hinder the inheritance or adoption of the relevant technological achievements and emerging technologies in future. As the world faces a conundrum of unsecured credibility of supply chains at the component layer, CMD only seeks to solve it in the uncertain operational scenarios taking shape on the basis of an innovative GRCS and a mimic camouflage mechanism (MCM),at the software/hardware structural level, and against the background of fully open ecology characterized by national division of labor, industrial division of labor, or even intro-product division of labor; also, it tends to change the current “cyber game rules” by turning over the cyber-attack theories and methods based on software/hardware code design vulnerabilities; promote major innovations in cyber defense theories, game rival models, and technical means and methods; reverse the strategic pattern of seriously imbalanced attack-defense postures; reshape the new cyber security order in the information age; and develop a new generation of information technology and industry featuring endogenous security functionality. In this way, we can eradicate the Achilles heel by addressing the “overflow” of product vulnerabilities and other dark features polluting the cyber ecosystem as a result of uncontrollable security or quality factors in the design or manufacturing process of hardware/software products.
Unable to display preview. Download preview PDF.