請用此 Handle URI 來引用此文件:
http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/40971
標題: | 考慮隨機錯誤與惡意攻擊下資訊洩漏程度最小化之近似最佳化防禦資源分配與資訊切割配置策略 Near Optimal Defense Resource Allocation and Information Dividing-and-Allocation Strategies to Minimize Information Leakage Considering both Random Errors and Malicious Attacks |
作者: | "Chih-Hao, Su" 蘇至浩 |
指導教授: | 林永松 |
關鍵字: | 最佳化,數學規劃,資訊竊取,拉格蘭日鬆弛法,資源配置,資訊切割,秘密分享, Optimization,Mathematical Programming,Information Theft,Lagrangean Relaxation,Resource Allocation,Information Dividing,Secret Sharing, |
出版年 : | 2008 |
學位: | 碩士 |
摘要: | 隨著資訊科技的進步以及儲存設備價格的遞減,不管是個人、企業體、或是政府單位皆大量使用電子化的方式儲存資訊。再者,伴隨著網路使用率的提升以及電子商務的出現,經由網路竊取資訊的犯罪行為也迅速的增加。像是釣魚行為或是安裝木馬程式於受害者的電腦以竊取資訊等的犯罪,對個人或企業體皆造成重大的傷害。因此,如何發展防禦策略以保護儲存在網路上的資訊,已經變成很重要的議題。
在這篇論文中,我們將攻防情境轉化成一個最小-最大化的雙層數學規劃問題。在內層的問題中,攻擊者想在有限的攻擊能量下藉由竊取資訊對網路造成最大的傷害;另一方面,在外層的問題中,防禦者想在有限的防禦預算下利用秘密分享的概念,最佳化防禦資源配置策略以及資訊切割與分配策略來最小化傷害。除此之外,防禦者也必須考慮到合法使用者對存取資訊的服務品質要求。為了解決這個問題,我們採用了拉格蘭日鬆弛法以及次梯度法。我們假設防禦策略已知下,先解決內層攻擊者的選徑問題,再根據內層解完後的結果藉由以次梯度法為基礎的演算法來調整防禦策略。 Information technology has been increasingly progressing, and the storage cost has been reducing. Thus, individuals, enterprises and government organizations are likely to store secret data through electronic way. Moreover, along with the rise of the use of network and the prevalence of e-commerce, the crime of information theft through network has grown in high-speed. Cyber crimes, like phishing or installing Trojan horse in victims’ computers to steal information, will cause serious damage to individuals or enterprises. From the above reasons, to protect secret information stored on networks becomes an essential issue. In this thesis, we formulate the attack-defense scenario as a min-max mathematical programming problem, which is a two-level mathematical problem. In the inner problem, the attacker wants to maximize the total damage by stealing information under limited attack power. In the outer problem, the defender wants to minimize the total damage by defense resource allocation and information-dividing under limited budget. In addition, the defender also has to consider QoS requirements of authorized users. In order to solve the considered problem, we use the Lagrangean Relaxation method and the subgradient method [14][15]. We solve the inner problem under a given defense strategy first, and then propose a subgrandient-based heuristic to adjust the defender’s strategy according to attacker’s attack strategy. |
URI: | http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/40971 |
全文授權: | 有償授權 |
顯示於系所單位: | 資訊管理學系 |
文件中的檔案:
檔案 | 大小 | 格式 | |
---|---|---|---|
ntu-97-1.pdf 目前未授權公開取用 | 1.86 MB | Adobe PDF |
系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。