跳到主要內容

臺灣博碩士論文加值系統

(35.174.62.102) 您好!臺灣時間:2021/07/25 03:53
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:陳怡孜
研究生(外文):Yi-Tzu Chen
論文名稱:考慮攻擊者學習效應下之網路存活度衡量
論文名稱(外文):An Evaluation of Network Survivability under the Effect of Discounted Defense Levels by Accumulated Experiences of Attackers
指導教授:林永松林永松引用關係
指導教授(外文):Yeong-Sung Lin
學位類別:碩士
校院名稱:國立臺灣大學
系所名稱:資訊管理學研究所
學門:電算機學門
學類:電算機一般學類
論文種類:學術論文
論文出版年:2007
畢業學年度:95
語文別:英文
論文頁數:45
中文關鍵詞:資訊安全網路攻防存活度資源分配旅行推銷員問題經驗折扣圖形理論節點分裂法一般化最短路徑最佳化
外文關鍵詞:Internet SecurityNetwork Attack and DefenseSurvivabilityResource AllocationTraveling Salesman problem (TSP)Discount CouponGraph ModelingNode SplittingGeneralized Shortest Path ProblemOptimization
相關次數:
  • 被引用被引用:2
  • 點閱點閱:107
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
在九零年代開始,網際網路逐漸演變成全球共通的溝通媒介,許多恐怖份子開始利用其攻擊政府及國家,此一行為嚴重危害國家安全。是故,資訊安全逐漸演變成重要的議題。因此對網路營運者而言,如何有效評估網路攻擊者的威脅,達到提升網路存活度的問題已愈趨重要。
因此,本研究利用數學規劃及圖形理論為工具,建構網路攻防情境的資源分配問題,分別提出AEA(Accumulated Experiences of Attacker)與AAEA(Advanced Accumulated Experiences of Attacker)。於AEA模型中,先轉化存在旅行推銷員問題中,於不同城鎮間購買折扣券以降低旅行成本的概念,茲代表網路在攻擊者利用自身經驗及攻克節點成功時所獲得的經驗,以影響未來攻擊成本之情境,即:所有節點一經攻克後,所獲得之經驗將有效地降低後續發生的攻擊成本,並考慮攻擊者以一節點為入口進入目標網路之後,在經驗值影響下尋求一條最短路徑,俾便攻克網路中的一個目標節點,使目標網路無法存活,且利用圖形理論將問題轉化,運用一般化最短路徑演算法求解之;在AAEA模型中,考慮相同的攻擊者問題下,更考量攻擊者可在節點上花費不同等級之額外成本,以獲取對攻擊其餘網路節點不同等級的資訊(如:使用者權限或是網路拓撲圖…等),達到有效地降低後續攻擊成本,由於此問題藉由圖形理論的轉化,也將AAEA模型利用一般化最短路徑演算法求解之。
Internet has become worldwide, publicly accessible network of interconnected computer networks since 1980s. Specifically, it becomes the tools that terrorists can use to attack the nations and their economy. Thus, any network operator could improve the network’s survivability by effectively evaluating the attacker behavior.
As a result, this thesis focuses on the resource allocation of network attack and defense with mathematical programming and graph modeling to optimize the problems, and adopts a concept, discount coupon which is applied in TSP, to represent the attacker behavior of taking advantage of accumulated experiences from his previous attack actions of minimizing the total attack cost. In AEA, the attacker somehow gains some free experiences from a compromised node which could further reduce the cost of an attack. The attacker’s objective is to minimize the total attack cost, while the core node is compromised and the network could not survive. Here, by transforming AEA with node splitting into a generalized shortest path problem and applying the algorithm to optimally solve it. In AAEA, the attacker not only gains some free experiences from a compromised node but could spend different levels of extra expenses, probing fee, gaining different levels of valuable experiences, such as diverse user’s rights or a network topology. Therefore, AAEA is proposed to describe such behavior which is also analyzed as a mixed nonlinear integer programming optimization problem. With node splitting technique, AAEA is transformed into a shortest path problem and is optimally solved by generalized shortest path algorithm.
論文口試委員審定書 I
謝誌 II
論文摘要 III
THESIS ABSTRACT IV
Table of Contents VI
List of Figures VIII
Chapter 1 Introduction 1
1.1 Background 1
1.2 Motivation 3
1.3 Literature Review 6
1.3.1 Survivability of Quantitative Analysis with Attacker Behavior 6
1.3.2 Traveling Salesman Problem 9
1.4 Proposed Approach 11
1.5 Thesis Organization 12
Chapter 2 Graph Modeling of AEA and AAEA Models 13
2.1 Problem Description and Graph Modeling of AEA 13
2.1.2 Graph Modeling of AEA 14
2.2 Problem Description and Graph Modeling of AAEA 18
2.2.1 Problem Description of AAEA 18
2.2.2 Graph Modeling of AAEA 18
Chapter 3 Problem Formulation 21
3.1 Problem Formulation of AEA 21
3.1.1 Problem Assumptions 21
3.1.2 Notation and Formulation 23
3.2 Problem Formulation of AAEA 26
3.2.1 Problem Assumptions 26
3.2.2 Notation 27
Chapter 4 Solution Approach 30
4.1 Generalized Shortest Path Problem 31
4.2 Solution Approach to AEA 32
4.3 Solution Approach to AAEA 33
Chapter 5 Conclusion and Future Work 34
5.1 Conclusion 34
5.2 Future Work 35
Reference 42
簡歷 46
[1]S. P. Gorman, L. Schintler, R. Kulkarni, and R. Stough, “The Revenge of Distance: Vulnerability Analysis of Critical Information Infrastructure”, Journal of Contingencies and Crisis Management, Volume 12, Number 2, pp. 48-63, June 2004.
[2]B. Blakley, “The Emperor’s Old Armor”, Proceedings of the 1996 New Security Paradigms Workshop, Lake Arrowhead, California, September 17-20, 1996, Association for Computing Machinery, 1997.
[3]H. F. Lipson and D. A. Fisher, “Survivability – A New Technical and Business Perspective on Security”, Proceedings of the 1999 ACM Workshop on New Security Paradigms, pp. 33-39, September 1999.
[4]R. J. Ellison, D. A. Fisher, R. C. Linger, H. F. Lipson, T. A. Longstaff, and N. R. Mead, “Survivable Network Systems: An Emerging Discipline”, Technical Report CMU/SEI-97-TR-013, Software Engineering Institute, Carnegie Mellon University, November 1997 (Revised: May 1999).
[5]J. C. Knight, K. J. Sullivan, M. C. Elder, and C. Wang, “Survivability Architectures: Issues and Approaches”, Proceedings of the DARPA Information Survivability Conference and Exposition, Volume 2, pp.157-171, January 2000.
[6]J. C. Knight and K. J. Sullivan, “On the Definition of Survivability”, Technical Report CS-TR-33-00, Department of Computer Science, University of Virginia, December 2000.
[7]J. C. Knight, E. A. Strunk, and K. J. Sullivan, “Towards a Rigorous Definition of Information System Survivability”, Proceedings of the DARPA Information Survivability Conference and Exposition, Volume 1, pp.78-89, April 2003.
[8]Y. Liu and K. S. Trivedi, “A General Framework for Network Survivability Quantification”, Proceedings of the 12th GI/ITG Conference on Measuring, Modeling and Evaluation of Computer and Communication Systems, September 2004.
[9]Y. Liu, V.B. Mendiratta, and K.S. Trivedi, “Survivability Analysis of Telephone Access Network”, Proceedings of the 15th IEEE International Symposium for Software Reliability Engineering, pp.367-378, November 2004.
[10]Report spells out global attack patterns: More zero-days and phishing, but less critical flaws Computer Fraud & Security, Volume 2007, Number 4, pp. 3-4, April 2007.
[11]http://www.windowsnetworking.com/articles_tutorials/Trust-Relationships-Windows-Server-2003-Environment.html
[12]http://technet.microsoft.com/en-us/windowsserver/default.aspx
[13]E.Jonsson and T. Olovsson, “A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior”, IEEE Transactions of Software Engineering, Volume 23, Number 4, pp. 235-245, April 1997.
[14]R. Ortalo, Y. Deswarte, and M. Kaˆaniche, “Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security”, IEEE Transactions on Software Engineering, Volume 25, Number 5, pp. 633-650, September 1999.
[15]J. McDermott, “Attack-Potential-Based Survivability Modeling for High-Consequence Systems”, Proceedings of the 3rd IEEE International Workshop on Information Assurance, pp. 119-130, March 2005.
[16]C.H. Chen, Y.L. Lin, F.Y.S. Lin, P.H. Tsang, C.L. Tseng and H.H. Yen, “Evaluation of Network Robustness for Given Defense Resource Allocation Strategies, Proceedings of IEEE ARES’06, 2006
[17]G. B. Dantzig, R. Fulkerson, and S. M. Johnson, “Solution of a Large-scale Traveling Salesman Problem”, Operations Research 2, pp.393-410, 1954.
[18]E. L. Lawler and Jan Karel Lenstra and A. H. G. Rinnooy Khan and D. B. Shmoys, “The Traveling Salesman Problem: A Guided Tour of Combinatorial Optimization”, John Wiley & Sons, Inc. ISBN 0-471-90413-9, 1985.
[19]G. Gutin and A. P. Punnen, “The Traveling Salesman Problem and Its Variations”, Springer, ISBN 0-387-44459-9, 2006.
[20]M. R. Garey and D. S. Johnson, “Computers and Intractability: A Guide to the Theory of NP-Completeness”, W.H. Freeman, ISBN 0-7167-1045-5, 1979.
[21]Charles E. Noon. and James C. Bean, “A Lagrangian Based Approach for the Asymmetric Generalized Traveling Salesman Problem”, Operations Research, Volume 39, Number 4, pp. 623-632, 1991.
[22]J. Choi, M. J. Realff_and J. H. Lee, “An Algorithmic Framework for Improving Heuristic Solutions Part I: A Deterministic Discount Coupon Traveling Salesman Problem”, Computers & Chemical Engineering, Volume 28, Number 8, pp. 1285-1296, 2004.
[23]R.K. Ahuja, T.L. MAgnagti and J.B.Orlin, “Network Flows”, Prentice Hall, Englewood Cliffs, ISBN 978-0136175490, 1993.
[24]V. Batagelj, F.J. Brandenburg, P.O.D. Mendez, and A. Sen, “The Generalized Shortest Path Problem”, The Pennsylvania State University CiteSeer Archives, July 2000.
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top