Dear Zhengyuan Shi, Cao Shuji, Secretary-General Zhang, distinguished academic colleagues, I am glad to speak at the first session of the Internet industry academic forums. Today, I want to talk about the problem is the Internet industry, the concept of hot prospects are very bright, very attractive. But I think the security challenges of the Internet industry more serious, in a sense, the Internet industry is not a fully guaranteed, will not have any bright future.
Today, I want to talk about the Internet security industry what common solutions.
First, the Internet industry is also part of cyberspace Cyberspace, so this endogenous perception of Cyberspace present a security problem becomes very important. That is, in the end security problem, what is its origin issues, such phenomenon are many.
I derived this knowledge into four, the first problem is the hardware and software components, either OT or IT, or OT plus IT, software and hardware components of a design flaw led to security vulnerabilities inevitable. Because the phase characteristics of technological development and scientific cognitive level of human caused, so vulnerabilities can not be completely avoided, for this reason, weakly correlated with independent intellectual property rights and whether the degree of localization.
Second, the information technology products in the presence of hardware and software ecosystem can not put an end to the back door, which is what causes? Because the era of globalization, open industry environment, open source technology model and you have me, I have you in the chain, resulting in software and hardware backdoor problem can not be completely eliminated. Just can not grasp the whole ecosystem, even if you have independent intellectual property rights can not completely solve the problem, this is not a problem we can solve intellectual property rights.
Third, at this stage of human technology is not yet a thorough investigation of human vulnerability backdoor problem, the general sense, exhaustive and thorough investigation of the target system hardware and software code issue in the foreseeable future, the technology is still difficult to overcome the problem, we can not and impossible to build a safe, non-toxic sterile absolutely ideal scenario, the Internet industry is also true.
Fourth, there is no effective information product safety and quality control measures, such as a tens of thousands or even tens of billions of transistors integrated circuits, software version of the tens of thousands and even millions of lines of code, a complex information system, an industrial control device, As long as there is a loophole, or implantation of a back door, it could cause the entire information system as well as all the same amenities suffers.
Therefore, safety and quality hardware and software products from the source because they can not control and protection, resulting in Cyberspace rapid expansion process, basic security issues exponentially proliferation, cyberspace ecosystem caught in a cycle of contamination of state, which is the inevitable result. So we know why more and more security problems Cyberspace space, because the beauty of open information network security Box.
Based on this four-derived knowledge, we can have four important corollary of the first, those who adopt resource sharing mechanisms and hierarchical structure of the vertical processing system, the credibility of their services can not be a witness. In other words, the underlying or low-level vulnerability backdoor Trojan virus may lead to failure of the top security measures, including encryption. A second complex system, an additional safety measure which often can not effectively prevent the target object or the host system problem. That is, external guards do not know can not control the internal security target object is happening. Third, based on a priori attacker protection technical knowledge and behavioral characteristics, can not cope with real-time based on unknown vulnerabilities, unknown unknown threats back door, I called the 3U problem. So, to remedy the situation can not be avoided, not to say costly, not be able to fill prison.
The fourth problem as long as no other doors heretics, you can always attack fortified front door, I can enhance password, I can enhance the recognition of the brush face, they do not go heretics side door, back door vulnerabilities is to take the side door of heretics. So we say, traditional security techniques to deal with 3U threaten the existence of a genetic defect, very nice view on the right, which is hardware, then services and applications, and security model, but each layer we can raise three issues left, is the existence of unknown vulnerabilities in software and hardware, hardware and software is not pre-exist the back door? There is not a short-board effect? Such a question, whether the protected object, or the security guard who themselves are unable to answer these questions. A 360 security guards, he no loopholes it? He did not do the back door? I think, no one has can not answer each question. So the lack of effective cognitive perception will not be able to implement effective defense against uncertain threats.
This is our basic understanding of the issues in front of Cyberspace, in fact, is our basic knowledge of the Internet security industry. Thus, the Internet industry there is a more serious security threat, if we now consume the Internet is people, people have a lot of anti-jamming capability in spite of the cheated behavior. But the machine is almost do not have much knowledge, so not only deceived, any instruction will do.
We first look at the connotation of the Internet industry, and there are all kinds of stories, is the core of information technology and industrialization integration of the two background, OT IT technology plus technology plus Internet technology, the Internet industry is, I am particularly IT technology and the Internet separately, because IT technology as early as in the Internet, OT technology as early as in IT technology.
This is an innovative product integration development. We can see this line, is on the side of IT, it is the trajectory of development of the Internet, 50 years of development trajectory. Here is the OT network, is the concept after the start of the Industrial Revolution 2.0, so the development earlier. We can see that they appeared part of the integration and convergence in the year 2000, which is why we see the trend of technological development, is moving to the integration direction.
Because we can see the original document information from the Internet +, from industrial CNC, computer-aided design and manufacturing, eventually became the Internet industry. Industry here is that IT + OT + Internet, so we can see, there turned out to be in the industrial automation, domain-specific, physical isolation, determine service performance, high reliability, high availability, compliance has operational problems, without regard to the deliberate compromise, and man-machine Internet of the Internet industry, high availability, high reliability, but the service there is uncertainty how to ensure low latency guarantee how large the connection, especially for high data security how credible assurance? If not this one. Therefore, the industrial Internet security issues, also belong to the category of cyberspace security, vulnerability backdoor harm may be larger than the traditional Internet, we look at its evolution trend, three in a network within the enterprise, there is a business information network, we have an industrial control network, as well as external Internet, industrial control network inside despite backdoor loophole problem, because it is physically separated, if you want to follow this rule, external attacks usually unreachable. So unless human error, system security is basically controlled, so we say that human error is the biggest security risk, in the case of OT.
Enterprise information network vulnerability backdoor problem also exists, but the physical isolation makes it difficult to use, unless there is non-compliance by the ghost operation, the use of U disk, the attack code into the enterprise network information, but basically safe. So therefore, the ghost is the main security threat to enterprise networks.
Let's look at the problem of Internet, the Internet we are very clear, it is based on the core issue of the unknown vulnerability backdoor attack is the most difficult security guard, is currently the biggest security threat, not one. In this case we see, internal business-oriented network with a combination of three, the first is the need for integration of the two, so that enterprise information is inevitable to achieve interoperability with industrial control networks, while just need to become the gateway, network between physical isolation can no longer be ensured is supplied reachability problem, the industrial plant information and control network through a gateway connection.
With the advent of the era of globalization, the Internet +, unable to adapt to the situation of islands of information production and management of change, just need to be connected to the Internet, ubiquitous security threats of the attendant, highlighting the problem is to attack accessibility, making enterprises backdoor vulnerability issues and network within the industrial control network native highlights, including firewalls, gateways, additional safety equipment, its software code problem. In other words, the original enterprise network is not secure, there are endogenous security flaws, and there are plenty of loopholes in the back door, just like Obama with Chairman Xi said the same. Obama these things I say that you move your hands and feet would be finished, so we find in the Three Gorges check in more than 2,000 vulnerabilities.
So I'm speaking from the three network structure, the Internet has field level, workshop level, plant level, something a lot of information technology, due to the pass, attack accessibility reached, a native of vulnerabilities and backdoors issues will be new attacks use of available resources. So on its own can not guarantee the security of the firewall, authentication, compliance checks and other plug-in or add-on type of software and hardware protection measures, and some even affect the certainty of service, it is difficult to effectively deal with future hardware and software-based vulnerability backdoor uncertain threat, so the sight of the industrial system, I really was shocked, but I can not really shocked, because the original is a life in a cage of people, is a sterile room.
Now suddenly exposed to an environment full of bacteria, which is a very natural situation, for us, very surprised. Especially in the era of globalization, how to solve these problems? In particular collaborative division of labor globally distributed, collaborative upstream and downstream parts of the globally distributed, globally distributed enterprise branch, cloud services, mobile office, including the operating environment to support plant operations, logistics, water, steam and warm, finance, global demand for access to each node are exposed to the full range of security threats in the cyberspace environment, a large number of cases shows that a successful attack, the border guard mode has been unable to continue physical isolation miracle. So, Google proposed a zero trust architecture, that is, from the border guard to shift the focus of protection, the core idea is a dynamic multi-round authentication, and scoring mechanism based on real-time fingerprint and user historical behavior of managed devices based on user identity, including the precision of, level of resource access control architecture is a network deployment, from the border guard to focus on protection. However, zero trust architecture is still facing serious security challenges, such as various databases identity of these unique facilities, 3U problem also exists, once the database is compromised, zero-trust framework will collapse. By the same token, access control unknown vulnerability backdoor engine, once an attacker who successfully exploited, access authorization control function can be bypassed or bypassed. How to deal with uncertainty unknown vulnerability backdoor attack based access control and authentication database engine? Zero trust architecture itself could not give a satisfactory answer. In globalization, large-scale application deployment has led to uncertainty physical boundaries of the network.
We can see that, in a factory, IT, OT flattened converged network, when the network device is connected to the surge we see a wide range of flexible access device, wired, wireless and other access mode, in which case we can see, flat network and evolution of ubiquitous access demand has resulted in fuzzy logical boundary. In this case, the physical boundaries of uncertainty, coupled with diversification fuzzy, access the logical boundaries, coupled with a great abundance of large-scale equipment, backdoor loophole resources, hardware and software-based attacks on the code defects has become the biggest security threat, so to say, why even more severe? There is no knowledge of the security field going to face less complex Internet environment, it is impossible not serious.
what should we do? Import mimicry theory and structure, is generalized robust endogenous control and security, is a new technology of IT. Endogenous security flaws to be overcome by endogenous safety function, with 8122 to describe mimicry. For a premise that loopholes in the back door to prevent future uncertain threat, based on an axiom, axioms relatively correct, according to a discovery, the system can be stabilized to resist entropy diminished unknown attacks, drawing on two theories, reliability theory and automatic control theory, invention, a configuration, the dynamic redundant configuration isomers, we introduced a mechanism called mimicry camouflage mechanism, the formation of a benefit, the uncertainty effects.
Get a functional, endogenous security features, to achieve an effect, the integration of existing security technology can enhance the defense gain index of the order, to achieve two goals, normalization traditional security and non-traditional security issues, access to the generalized Lu rod control properties, so the defense is not just mimicry defense technology, construction techniques should be a endogenous, we called the generalized control technology, the effect is the effect of endogenous security, the system is designed, when there is this, rather than by adding a firewall problem you can solve.
It can provide a priori does not rely on the attacker in the knowledge and behavioral characteristics information, the cyberspace uncertain security threats, normalized reliability and robust control theory and technology issues can be resolved. We know that reliability and robust control theory developed quite mature, to an uncertain threat normalization, this problem solving built on a solid theoretical foundation.
This model is constructed of mimicry, this issue which is very simple, the middle is a variety of execution, the outer frame is mimicry, feedback controller function-based, we can give a variety of algorithms, as control OT inside, give different the control rate, control effect is different. In this case, the import of such mechanisms can make mimicry configuration creates a mechanism similar to mimicry camouflage, this figure is very well-known, this is the mimic octopus, if I do not say you may not know this is the octopus, but the octopus the show is a variety of forms.
In this case we have constructed a consistency-based discrimination, the convergence of the iterative feedback control scenario, we will transform the scene into a single multi-dimensional scene to scene change static to a dynamic scene will transform the scene into heterogeneous homogeneous scene, will open ring scene change to the closed-loop scenarios, greatly enhances the collusion, cheating difficulty collaboration. So the formation of a benefit, I called the uncertainty effect. Get a feature called endogenous security features.
Its index of the order lifting the threshold for attacks exploit any loopholes in the back door of a personalized attack on the invalid mechanism. Any attack or blind trial and error will result in the current defense scene change, that the success of any coordinated attack even if it is difficult to stably maintained and again, and in a sense sentenced to attack the theory and methods based on hardware and software code for the entire vulnerability backdoor the end. We gave a visual expression, the far left is heterogeneous database, generate heterogeneous execution, through scheduling, to provide services, then through a policy decision, to get a result, this dynamic is based on dynamic decision, not blind dynamic.
In this case, we are able to both traditional and non-traditional security issues, through mimicry construction, conversion probability problem occurs while the majority of consistency error in a mimicry sector, this can be adjusted by the quantization control. So we import policy-based feedback control function mimicry camouflage, it is possible to effectively prevent the trial and error type of cooperative or coordinated attack, allowing the attacker can not assess the effect of the attack is difficult to experience inheritance, attack scene is difficult to reproduce. Robust control generalized properties obtained, it is possible to prevent the known and unknown risks, risks can prevent uncertain, random disturbance can be suppressed differential and common mode failures generated, which is highly reliable technology to meet with the system architecture, highly letter, high availability integration of applications, it is necessary nature of the Internet industry.
I introduce state mimicry technology, defense mimicry is designed quantifiable, verifiable metrics. So for the uncertainty of the threat perception and defense, is designed to significantly increase the cost and expense of the attacker, has a unique effect of endogenous safe, able to adapt to global industry environment, we do not use American thing, because it is a structure shaped something to do, naturally inherited or the integration of information technology and security technology achievements, with high life cycle cost advantage, do not need anti-virus every day, which is not what happened in mimicry, there is one case per year check on it. So defense mimicry, reliability, availability, anti-attack quantifiable design, we help verify the reliability theory and quantitative assay injection test methods, yet so far none of the global ICT or IT product or CPS, you can use white-box test for safety test and measurement technology we need to know the reliability of the white-box verification, rather than black-box testing.
It should be said, mimicry technology to subvert the theories and methods of attack based on the target objects such as hardware and software vulnerabilities dark backdoor function, offset the strategic advantages of technology and market pioneer in the field of network security, such as the Americans have placed backdoors and loopholes in this regard advantage in this mimicry is gone, so changing the rules of the game in cyberspace. We have now produced a variety of switches, and Lu, gateways, file systems, there are about 10 categories, more than 20 kinds of mimicry construction products, involving IT, ICT, CPS fields, proven, stable and reliable product performance, technology & Poor's suitability and cost-effective than the significant.
Under the guidance of the Ministry of Industry, from January last year began providing construction and validation of serialized equipment. At present, all the equipment has been fully validated, resulting in a PB of data, the Ministry Kibum as a demonstration pilot project acceptance. Our various components of the Internet industry, we want to give students an internal security, we propose to mimicry of the Internet industry technology system, which I call the tree of mimicry, like Cao Shuji said the flower 5G now Quasi the state tree.
From the soil layer was separated roots, trunk, branches, leaves, fruits, each level has a complete ecological, rather than twelve magic to solve, but an ecosystem. We can see in this ecological, industrial layout state intends Internet products is very rich, from the following chips, devices, modules, can be done. So attractive industry prospects and the five huge market capacity, broad enough space technology and product innovation, giving the Internet industry hardware and software products essential to the security of the endogenous gene, so we may lead the world in technology and IT and OT new trend of industrial development. In this case I emphasize that mimic the structure and diversity of hard and soft components of the case exponentially, technically solved the openness and safety unification, Two Wings answered learning General Secretary, two-wheel drive the starting point for the problem.
Last May set up a quasi-state technology industry alliance, has reached more than 100 members, we hope to achieve change lanes to overtake, I am a director, so there willing to participate could come register, thank you.
This article Source: China Information Industry Net