Abstract: Moving target defense technology is one of the cyberspace revolutionary technologies “change the rules of game” that National Science and Technology Council proposed. Based on the SCIT model, this paper presents a moving target defense system in view of server-based switching and self-cleaning, by introducing software diversity, randomness and unpredictability of the system, so that it makes protection object motorize to improve its security. Experimental results show that the improved system sets an even higher demand on attacker, the rate that system is invaded reduces, system security is further improved.

Key words: moving target defense, software stack diversity, random switch, cyberspace security

摘要： 移动目标防御技术是近年来美国科学技术委员会提出的网络空间“改变游戏规则”的革命性技术之一。在SCIT模型基础上，提出一种基于服务器切换和清洗的移动目标防御系统，通过引入软件的多样性、系统的随机性和不可预测性使防护对象机动化，以改进其安全性。实验结果表明，改进后系统对攻击者的要求更高，系统被入侵的概率显著降低，系统安全性得到进一步提升。

关键词: 移动目标防御, 软件栈多样性, 随机切换, 网络安全