移动通信2024,Vol.48Issue(7):122-126,5.DOI:10.3969/j.issn.1006-1010.20240512-0001
基于拟态防御技术的API网关安全防护方法
API Gateway Security Protection Method Based on Mimetic Defense Technology
姚俊1
作者信息
- 1. 中国电信股份有限公司上海分公司,上海 200120
- 折叠
摘要
Abstract
Given the challenges posed by conventional defense methods in effectively protecting API gateways from vulnerabilities,viruses,and backdoor threats,we propose an API gateway security method based on mimetic defense technology.Initially,the gateway constructs decision metrics for executors using entropy-based heterogeneity and internal-external security evaluations.Next,a randomized scheduling mechanism is employed to select trusted executors.Finally,a feedback mechanism dynamically adjusts the trusted executors,achieving a closed-loop security defense that adapts to threats without relying on any predetermined execution conditions.Experimental results demonstrate that the proposed algorithm offers practical advantages over priority-based scheduling algorithms.关键词
拟态防御/数据安全/API网关/动态调度Key words
Mimetic defense/data security/API gateway/dynamic scheduling分类
信息技术与安全科学引用本文复制引用
姚俊..基于拟态防御技术的API网关安全防护方法[J].移动通信,2024,48(7):122-126,5.
