提高系統安全性與服務可用性之機制與實作

Abstract

隨著越來越多使用者與終端設備透過網際網路來存取伺服器所提供的服務，仍有諸多的重要議題迫切地需要檢討與提出解決方案。這些問題包括1)間諜軟體入侵所帶來的安全顧慮，2)同儕式(P2P)通訊環境的連線問題，以及3)郵件伺服器的可靠度議題。 本論文提出一系列的機制與實作來解決這些問題。首先，我們提出具狀態的威脅感知移除系統(STARS)，此系統能動態地監控系統行為，並確保已移除的惡意程式無法自行修復(自癒)。再者透過觀察間諜軟體的惡意行為所建構而成的隱藏馬可夫模型(HMM)，可用來表示資安狀態的轉移機率，並可作為評估惡意軟體入侵可能性之依據。接著，為解決同儕式通訊環境下諸多終端使用者係使用私有IP位址而影響通訊雙方的連線能見度，我們提出具延展性的埠號轉換，其時間與空間複雜度極低，卻可大幅地增強傳統網路位址轉換器(NAT)的連線能力與延展性，諸多優點包括1)降低P2P穿透的競爭情況，2)系統的可用埠號透過多工可超過65,535理論值，以及3)允許單一埠號同時提供更多的應用服務。最末，大量的垃圾郵件湧入郵件轉送代理人(MTA)造成類似阻斷服務的攻擊，不僅降低伺服器的可靠度，亦為收件人帶來諸多困擾。由於沒有單一解決方案可以有效地阻絕垃圾郵件，我們提出可抵禦垃圾郵件之代理人(SRMA)，其結合多種垃圾郵件識別機制，能有效地降低甚至消彌現有的垃圾郵件氾濫之困境。

Nowadays, numerous clients are connected to Internet to access the applications offered by the servers, and has encountered various problems that significantly affect their user experiences. These problems are typically 1) the security concerns for spyware infection, 2) the connectivity issues in Peer-to-Peer (P2P) communications, and 3) the dependability of mail servers as well as the productivity of mail recipients. This thesis aims to propose a suite of mechanisms that offer better security to client system and improved availability to Internet servers. First, a Stateful Threat-Aware Removal System (STARS) is proposed and implemented that at run time monitors critical system behaviors, and ensures that removed spyware does not recover after deletion (so called self-healing). Second, a Hidden Markov Model (HMM) is trained based on visible observations of spyware behaviors. The constructed HMM represents the likelihood of transitions between security states and indicates the risk level of spyware invasion. Third, in order to resolve the visibility problem between peers that used private IPv4 addresses, a scalable port forwarding (SPF) design is proposed and implemented, which introduces negligible time and space complexity. SPF enables a legacy Network Address Translation (NAT) device to significantly improve its connectivity and scalability by 1) lessening the race condition of P2P traversals, 2) multiplexing the port numbers to exceed theoretical upper bound 65,535 and 3) allowing more servers to bind to a specific port. Lastly, bulk volume of spam mails delivering to mail transfer agents (MTA), which is similar to the effect of denial of services (DoS) attacks, dramatically reduces the dependability and efficiency of networking systems. While there is no silver bullet to deter spammers and eliminate spam mails, a spam-resistible mail agent (SRMA) that employed a multi-faceted approach to have most advantages and the least disadvantages of existing anti-spam solutions.