With the universal application of Internet technologies, a safe and stable network space environment is required more and more, thus network information security is of critical importance. However, various safety risks exist in the network environment. Such risks includes: loopholes existing on the hardware, software or system; backdoors created in the software by a programmer, through which the safety control can be bypassed to obtain an access right on the program or system; and trapdoors established for debugging and testing the program, which are “machineries” set in a certain system or a certain file and by which security policies are allowed to be violated when certain input data are provided. For example, a logon processing subsystem is allowed to process a certain user identification code so as to bypass ordinary password check. Moreover, such loopholes, backdoors and trapdoors are usually unavoidable in a network system.
The network space field includes various software/hardware devices with certain service functions. Such software/hardware devices may be systems, subsystems, components, modules, elements and even apparatuses, and the structural state of such software/hardware devices which is represented outward is referred to as structural characterization. Generally, for a software/hardware device with a given function, a certain mapping relation exists between its external structural form and its internal structural form, and such a mapping relation usually is static and determinate on the technical architecture of the network space field. At the same time, a design deficiency (loophole) or an embedded trapdoor (backdoor) based on this architecture has universality and stability at the systematic level, thus it tends to be utilized by an attacker. For example, based on such a determinate mapping relation, the attacker may detect or utilize a defect (loophole) or a trapdoor (backdoor) that exists or may exist on the internal structure of a device to attain an attack purpose. Once the attacker utilizes such an undetected defect (loophole) or an unknown trapdoor (backdoor), it will cause great asymmetry between the costs of the attacking party and the defending party on the network space, and it will be harmful to the network security environment.
In the prior art, a defensive measure for network space security is to accurately detect the safety of the network space field and take a corresponding measure; however, in such a defensive measure, measures will be taken only when an attack on the network is detected, and an unknown risk caused by the design deficiency (loophole) or the embedded trapdoor (backdoor) on the network space architecture cannot be coped with. As a result, such a defensive measure cannot defend against a network attack in advance.