A Review of Endogenous Security Research

The development of society has deepened the application of the Internet in production and daily life. At the same time, network security risks are becoming increasingly severe. For the security problems faced in cyberspace, most of the traditional defenses are currently focused on blocking the discovered vulnerabilities. However, these methods not only rely on prior knowledge of vulnerabilities but also fail to address the security issues brought about by the protection program itself. In view of this, endogenous security, which emphasizes the importance of not relying on a priori knowledge and not bringing in new security problems, has received increasing attention. This review provides a detailed introduction to endogenous security and its related issues, which is lacking in the field of network security. Firstly, this paper outlines the detrimental effects of vulnerabilities, identifies issues within moving target defense, and contrasts it with mimic defense. Additionally, the concepts, models, principles, and application scenarios of endogenous security are introduced. Finally, the challenges encountered by this technology are comprehensively summarized, and potential future development trends are further explored.