請用此 Handle URI 來引用此文件:
http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/5964
完整後設資料紀錄
DC 欄位 | 值 | 語言 |
---|---|---|
dc.contributor.advisor | 林永松 | |
dc.contributor.author | Chia-Ling Lee | en |
dc.contributor.author | 李佳玲 | zh_TW |
dc.date.accessioned | 2021-05-16T16:18:50Z | - |
dc.date.available | 2014-08-17 | |
dc.date.available | 2021-05-16T16:18:50Z | - |
dc.date.copyright | 2013-08-17 | |
dc.date.issued | 2013 | |
dc.date.submitted | 2013-08-13 | |
dc.identifier.citation | [1]Symantec, “2011 State of Security Survey”, 2011. http://www.symantec.com/content/en/us/about/media/pdfs/symc_state_of_security_2011.pdf
[2] “2012 Cost of Cyber Crime Study: United Kingdom”, Ponemon Institute October 2012. http://docs.media.bitpipe.com/io_10x/io_102267/item_575599/2012%20UK%20Cost%20of%20Cyber%20Crime%20Study%20FINAL%204.pdf [3] “PlayStation Hackers May Have Stolen Data on 75 Million Users, Sony Says”, Cliff Edwards and Pavel Alpeyev, Apr 27, 2011. http://www.bloomberg.com/news/2011-04-26/sony-says-network-hackers-may-have-stolen-users-personal-data.html [4] “McAfee Threats Report: First Quarter 2012”, McAfee Lab Technical report, 2011. [5] IBM Internet Security Systems X-Force research and development team, “IBM X-ForceR 2012 Mid-Year Trend and Risk Report”, IBM, September 2012. http://public.dhe.ibm.com/common/ssi/ecm/en/wgl03014usen/WGL03014USEN.PDF [6] “2012 Global Security Report”, Trustwave, 2012 [7] R. Richardson, “2010 CSI Computer Crime and Security Survey,” Computer Security Institute, December 2010 [8] UNESCAP, UNISDR “The Asia-Pacific Disaster Report 2010”, The UN Office for Disaster Risk Reduction (UNISDR) and the UN Economic and Social Commission for Asia and the Pacific (ESCAP), October 2010 [9] UNESCAP, UNISDR “The Asia-Pacific Disaster Report 2012”, The UN Office for Disaster Risk Reduction (UNISDR) and the UN Economic and Social Commission for Asia and the Pacific (ESCAP), October 2012 [10] S. Xu, “Collaborative Attack vs. Collaborative Defense,” Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, 2009, Volume 10, Part 2, 217-228, 2009. [11] F. Cohen, “Managing Network Security: Attack and Defence Strategies,” Network Security, Volume 1999, Issue 7, pp. 7-11, July 1999. [12] R. J. Ellison, D. A. Fisher, R.C. Linger, H. F. Lipson, T. Longstaff and N. R. Mead, “Survivable Network Systems: An Emerging Discipline,” Technical Report CMU/SEI-97-TR-013, Novermber 1997. [13] H.F. Lipson, N.R. Mead, and R.C. Linger, “Requirements Definition for Survivable Network Systems,” Proceedings of the 3rd International Conference on Requirements Engineering, pp. 14-23, April 1998. [14] N.R. Mead, “Panel: Issues in Software Engineering for Survivable Systems,” ACM Proceedings of the 21st International Conference on Software Engineering, pp. 592-593, May 1999. [15] D. Medhi and D. Tipper, “Multi-layered Network Survivability-models, Analysis, Architecture, Framework and Implementation: An Overview,” Proceedings of DARPA Information Survivability Conference and Exposition 2000 (DISCEX’00), Volume 1, pp. 173-186, January 2000. [16] A.P. Moore and R.C. Linger, “Foundations for Survivable System Development: Service Traces, Intrusion Traces, and Evaluation Models,” Technical Report CMU/SEI-2001-TR-029, October 2001. [17] V.R. Westmark, “A Definition for Information System Survivability,” Proceedings of the 37th IEEE Hawaii International Conference on System Sciences, pp. 10, January 2004. [18] A. Snow, G. Weckman, and P. Rastogi, “Assessing Dependability of Wireless Networks Using Neural Networks,” IEEE Military Communications Conference, 2005 (MILCOM’05), Vol. 5, pp. 2809-2815, October 2005. [19] D. Tipper, K. Lu, and Y. Qian, “A Design fo Secure and Survivable Wireless Sensor Networks,” IEEE Wireless Communications, Vol. 14, Issue 5, pp. 30-37, October 2007. [20] A.W. Krings and Z. Ma, “Survival Analysis Approach to Reliability, Survivability and Prognostics and Health Management (PHM),” IEEE Aerospace Conference 2008, pp. 1-20, March 2008. [21] P. E. Heegaard and K. S. Trivedi, 'Network Survivability Modeling,' Computer Networks, vol. 53, pp. 1215-1234, 2009. [22] J.Huang, J.Jiang and L. Zhang, 'A Novel Transient System Survivability Quantitative Evaluation Framework,' Computer Engineering and Applications (ICCEA), 2010 Second International Conference on, pp. 34-39, 2010. [23] S.Braynov and M.Jadiwala, “Representation and Analysis of Coordinated Attacks,” Proceedings of the 2003 ACM workshop on Formal methods in security engineering, pp. 43-51, October, 2003. [24] Debby Guha-Sapir, Femke Vos, Regina Below and Sylvain Ponserre, “Annual Disaster Statistical Review 2011- the numbers and trends”, United States Agency for International Development (USAID), 2012 [25] Jiang-Hua Zhang, Jin Li, Zhi-Ping Liu, “Multiple-resource and multiple-depot emergency response problem considering secondary disasters”, Expert Systems with Applications An International Journal, 2012 [26] “Developing a Physics-based Model for Post-Earthquake Ignitions”, Proceedings of the 9th International ISCRAM Conference – Vancouver, Canada, April 2012 [27] Fire and Disaster Management Agency in Japan. http://www.fdma.go.jp/ [28] California. State Earthquake Investigation Commission, “Lawson, Andrew C, The California Earthquake of April 18, 1906. Report of the State Earthquake Investigation Commission, Carnegie Institution of Washington,1906”, Washington, D.C., Carnegie Institution of Washington,1910 [29] U.S. Fire Administration, “U.S. Fire Administration Fire Estimates”, 2010, http://www.usfa.fema.gov/statistics/estimates/index.shtm [30] B. B.M. Shao (2005). “Optimal Redundancy Allocation for Information Technology Disaster Recovery in the Network Economy”. IEEE Transactions on Dependable and Secure Computing, 2(3), 262-267. [31] O. Tannous , L. Xing, P. Rui , M. Xie, S.H, Ng, “Redundancy Allocation for Series-Parallel Warm-Standby Systems”, 2011 IEEE International Conference on Industrial Engineering and Engineering Management (IEEM), 6-9 Dec.2011, page 1261-1265 [32] Gutenberg, R., and C.F. Richter, (1944). “Frequency of earthquakes in California”, Bulletin of the Seismological Society of America, 34, 185-188. [33] Yin Myo Min Htwe, Shen WenBin, “Gutenberg-Richter Recurrence Law to Seismicity Analysis of Southern Segment of the Sagaing Fault and Its Associate Components”, World Academy of Science, Engineering and Technology 26, 2009. [34] U.S. Fire Administration/National Fire Data Center, “Fire in the United States 2003-2007”, FEMA, Fifteenth Edition, October 2009 [35] Michael J. Karter, Jr., “Fire Loss in the United States during 2011”, National Fire Protection Association Fire Analysis and Research Division, September 2012 [36] Fandel, G., et al., “Measuring synergy effects of a Public Social Private Partnership (PSPP) project”, International Journal of Production Economics, 2012 [37] Xuemei Zhang , Hoang Pham and Carolyn R. Johnson, “Reliability models for systems with internal and external redundancy”, International Journal of System Assurance Engineering and Management, December 2010, Volume 1, Issue 4, pp 362-369 [38] Ola Tannous, Liudong Xing and Joanne Bechta Dugan, “Reliability Analysis of Warm Standby Systems using Sequential BDD”, 2011 Proceedings - Annual Reliability and Maintainability Symposium (RAMS), 24-27 Jan. 2011, page 1-7 [39] Jannik Laval, Simon Denier, Stephane Ducasse, Jean-Remy Falleri, “Supporting simultaneous versions for software evolution assessment”, Journal of Science of Computer Programming ,2010 [40] S. Skaperdas, 'Contest success functions,' Economic Theory, vol. 7, pp. 283-290, 1996. [41] R Peng, G Levitin, M Xie and SH Ng, “Optimal defence of single object with imperfect false targets”, Journal of the Operational Research Society (2011), page 134 –141 [42] Rui Peng, Wenbin Wang, Fei Zhao, “Object Defense Strategy With Imperfect False Targets and Disinformation”, 2012 International Conference on Quality, Reliability, Risk, Maintenance, and Safety Engineering (ICQR2MSE), 15-18 June 2012, page 59-62 [43] K. Hausken and G. Levitin, 'Protection vs. false targets in series systems', Reliability Engineering & System Safety, vol. 94, pp. 973-981, 2009. [44] M.H. Kalos and P.A. Whitlock, “Monte Carlo Methods,” John Wilet & Sons Incs, ISBN 978-3-527-40760-6, November 2008. [45] Central Weather Bureau, Taiwan, http://www.cwb.gov.tw [46] S. Nagaraja and R. Anderson, “Dynamic Topologies for Robust Scale-Free Networks,” Bio-Inspired Computing and Communication, Volume 5151, pp. 411-426, 2008. [47] J. Blitzstein and P. Diaconis, “A Sequential Importance Sampling Algorithm for Generating Random Graphs with Prescribed Degrees,” Internet Mathematics, Volume 6, pp. 489-522, March 2011. | |
dc.identifier.uri | http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/5964 | - |
dc.description.abstract | 現在各行各業或是政府幾乎都會使用網路提供服務給客戶,並且公司內部也會使用網路來作為內網的連結,公司內部許多的系統也是要用到網路。駭客就很常針對這些元件、系統來做攻擊,要是攻擊成功,常常會造成很大的損失。最直接的就是無法提供服務,間接的也會造成顧客的不信賴,甚至機密資料遭受竊取所造成的後果更加嚴重。因此每年公司還是會花很多的資金在防止網路攻擊造成的損失,尤其最近很盛行的協同攻擊,容易造成更大的破壞力,公司需要納入考量。
最近天災頻傳,尤其地震帶來的災害更是大面積的破壞,像是日本311大地震、四川大地震,都造成很大的損失,另外地震伴隨的火災也常造成更嚴重的損害。另外火災也常因為擴散性造成整個區域的燒毀,整個廠房常常就付之一炬,並且其發生的頻率更是高過大型的天然災害幾百倍,累加起來的損失也是不容忽視。 我們的目標就是希望能夠找出有效的防禦方法,來幫助企業在面臨惡意攻擊和天然災害仍能維持提供一定水準的服務,維持服務不中斷。本研究採用了在實務界很常使用的方法:redundancy來讓服務不間斷。 本研究使用數學規劃合併Monte Carlo Simulation來解決這個複雜、充滿randomness的問題,用模擬的方式來模擬整個network以更貼近現實,找到有效的防禦方法。並且也會持續做enhancement process以找到最佳的資源配置。 | zh_TW |
dc.description.abstract | Companies or governments rely on Internet to provide all kinds of service to customers and use Internet to propagate them in order to attract more customers to create more profits. Not only external customers, within the company, they also build their own intranet to handle daily operations. Once companies’ network being broken, they cannot provide regular service to user and also cannot run the daily process which may cause serious problem. Therefore, according to some research, cyber-attacks still is the most significant risk that business worried about since cyber-attacks will cause serious damage to company.
In addition, in recent decades, damage caused by natural disaster becomes more and more serious and happened more frequently than before. The number of disaster events reported globally increased from 1,690 to 3,886 and the economic losses also increase dramatically. Hence, in our thesis we want to add natural disaster this environment variable to our scenario. Companies need to start to pay attention on it when they are building their system. We discuss earthquake, secondary disaster-fire and fire in our scenario. In order to provide business continuity, we also adopt redundancy this defense strategy to increase survivability. It is an effective method to prevent service interruption. When nodes damage or temporary shutdown, they can activate redundancy immediately which can prevent service interrupted. There are also other defense strategies to help defender maximize their system survivability such as virtualization, deploying honeypot, and cloud security Our purpose is to help defender find out effective defense strategy and resource allocation. Our problem is a bi-level problem and we use mathematical programming combined Monte Carlo Stimulation to help us solve this complex problem since there are various of attack and defense strategies and full of uncertainty. Furthermore, we will do both commander and defender enhancement process in order to find out better solution. | en |
dc.description.provenance | Made available in DSpace on 2021-05-16T16:18:50Z (GMT). No. of bitstreams: 1 ntu-102-R00725045-1.pdf: 5586077 bytes, checksum: 6b523f66900833c680889b295f5bf4a8 (MD5) Previous issue date: 2013 | en |
dc.description.tableofcontents | 致謝 I
Thesis Abstract II 論文摘要 IV List of Figures VIII List of Tables X Chapter 1 Introduction 1 1.1 Background 1 1.2 Motivation 9 1.3 Literature Survey 11 1.3.1 Survivability 11 1.3.2 Collaborative Attack 14 1.3.3 Natural disaster 15 1.3.4 Redundancy 18 1.4 Thesis Organization 19 Chapter 2 Problem Formulation 20 2.1 Problem Description 20 2.1.1 Natural disaster 20 2.1.2 Commander Perspective 26 2.1.3 Defender Perspective 32 2.2 Attack-defense Scenarios 39 2.2.1 Contest Success Function: 39 2.2.2 Attack-defense Scenario 41 2.3 Mathematical Formulation 56 Chapter 3 Solution Approach 67 3.1 Mathematical Programming 67 3.2 Monte Carlo Simulation 68 3.3 Problem Evaluation Process 69 3.4 Policy Enhancement 72 3.4.1 Commander Enhancement 72 3.4.2 Defender Enhancement 73 3.5 Initial Allocation Scheme 85 3.5.1 Topology Generation 85 3.5.2 Proactive Defense Resource Allocation 85 3.5.3 Reactive Defense Resource Allocation 86 Chapter 4 Computational Simulations 88 4.1 Experiment Environment 88 4.2 Simulation Result 91 4.2.1 Convergence Evaluation Times 91 4.2.2 Robustness Experiment 92 4.3 Enhancement Result 93 4.3.1 Enhancement by local information 94 4.3.2 Enhancement by definition of gradient 102 Chapter 5 Conclusion and Future Work 105 Reference 107 | |
dc.language.iso | en | |
dc.title | 考量惡意攻擊與天然災害下確保服務持續性之有效資源配置策略 | zh_TW |
dc.title | Effective resource allocation strategies to assure service continuity considering malicious attacks and natural disasters | en |
dc.type | Thesis | |
dc.date.schoolyear | 101-2 | |
dc.description.degree | 碩士 | |
dc.contributor.oralexamcommittee | 趙啟超,呂俊賢,莊東穎 | |
dc.subject.keyword | 協同攻擊,天然災害,網路存活度,數學規劃法,模擬,備援,最佳化,資源配置, | zh_TW |
dc.subject.keyword | Collaborative Attack,Network Survivability,Natural Disaster,Secondary Disaster,Redundancy,Resource Allocation,Optimization,Mathematical Programming,Stimulation, | en |
dc.relation.page | 111 | |
dc.rights.note | 同意授權(全球公開) | |
dc.date.accepted | 2013-08-14 | |
dc.contributor.author-college | 管理學院 | zh_TW |
dc.contributor.author-dept | 資訊管理學研究所 | zh_TW |
顯示於系所單位: | 資訊管理學系 |
文件中的檔案:
檔案 | 大小 | 格式 | |
---|---|---|---|
ntu-102-1.pdf | 5.46 MB | Adobe PDF | 檢視/開啟 |
系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。