Please use this identifier to cite or link to this item:
http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/43852Full metadata record
| ???org.dspace.app.webui.jsptag.ItemTag.dcfield??? | Value | Language |
|---|---|---|
| dc.contributor.advisor | 林永松 | |
| dc.contributor.author | Yu-Shun Wang | en |
| dc.contributor.author | 王猷順 | zh_TW |
| dc.date.accessioned | 2021-06-15T02:30:34Z | - |
| dc.date.available | 2012-08-19 | |
| dc.date.copyright | 2009-08-19 | |
| dc.date.issued | 2009 | |
| dc.date.submitted | 2009-08-15 | |
| dc.identifier.citation | [1] R. Richardson, CSI Director, “2008 CSI Computer Crime & Security Survey,” 2008.
[2] C. Fung, Y.-L. Chen, X. Wang, J. Lee, M. Anderson, R. Tarquini, Richard L., “Survivability Analysis of Distributed Systems Using Attack Tree Methodology,” IEEE Military Communications Conference, Volume 1, pp.583–589, 2005. [3] D. Zhou, S. Subramaniam, “Survivability in Optical Networks,” IEEE Network, Volume 14, Issue 6, pp.16–23, 2000. [4] A. P. Snow, U. Varshney, A. D. Malloy, “Reliability and Survivability of Wireless and Mobile Networks,” IEEE Computer Society, Volume 33, Issue 7, pp.49–55, 2000. [5] L. Kant, H. Kim, ,D.-P. Hsing, T.-H. Wu, “Modeling and Simulation Study of Survivability Mechanisms in WDM-Based High-Speed Networks,” Global Telecommunications Conference, Volume 1B, pp.1028–1034, 1999. [6] D. Tipper, T. Dahlberg, H. Shin, C. Charnsripinyo, “Providing Fault Tolerance in Wireless Access Networks,” IEEE Communications Magazine, Volume 40, Issue 1, pp.58–64, 2002. [7] S. Balasubramaniam, D. Botvich, W. Donnelly, N. Agoulmine, “A Multi-Layered Approach towards Achieving Survivability in Autonomic Network,” IEEE International Conference on Telecommunications and Malaysia International Conference on Communications, pp.360–365, 2007. [8] R. J. Ellison, D. A. Fisher, R. C. Linger, H. F. Lipson, T. Longstaff, and N. R. Mead, “Survivable Network Systems: An Emerging Discipline,” Technical Report CMU/SEI-97-TR-013, November 1997 (Revised: May 1999). [9] http://www.net-security.org/secworld.php?id=6363 [10] http://www.symantec.com/region/tw/enterprise/article/mantrap.html [11] C. Stoll, “Stalking the Wily Hacker,” Communications of the ACM, Volume 31, No. 5, 1988. [12] B. Cheswick, “An Evening with Berferd in which a Cracker is Lured, Endured, and Studied,” USENIX Conference, pp. 163–174, 1922. [13] C. Seifert, I. Welch, P. Komisarczuk, “Taxonomy of Honeypots,” Technical Report CS-TR-06/12, 2006. [14] A. Avizienis, J.-C. Laprie, B. Randell, and C. Landwehr, “Basic Concepts and Taxonomy of Dependable and Secure Computing,” IEEE Transactions on Dependable and Secure Computing, Volume 1, Issue 1, pp.11–33, 2004. [15] H. Debar, F. Pouget, and M. Dacier, “White Paper: “Honeypot, Honeynet, Honeytoken: Terminological issues”,” Institut Eurécom Research Report RR-03-081, 2003. [16] C. K. Dimitriadis, “Improving Mobile Core Network Security with Honeynets,” IEEE Security & Privacy, Volume 5, Issue 4, pp.40–47, 2007. [17] A. Réka, H. Jeong, A.-L. Barabási, “Error and Attack Tolerance of Complex Networks,” Nature, Volume 406, pp. 378–382, 2000. [18] http://www.blacksheepnetworks.com/security/info/misc/9907.html [19] P.-H. Tsang, F.Y.-S. Lin, C.-W. Chen, “Maximization of Network Survival Time in the Event of Intelligent and Malicious Attacks,” IEEE International Conference on Communications, pp. 1722–1726, 2008. [20] http://honeypots.sourceforge.net/ [21] http://en.wikipedia.org/wiki/Honeypot_(computing) [22] http://www.lib.iup.edu/comscisec/SANSpapers/msink.htm | |
| dc.identifier.uri | http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/43852 | - |
| dc.description.abstract | 由於攻擊者的手法與策略日新月異,對於防禦者而言,網路系統時常被不同類型的攻擊者同時攻擊,因此,如何衡量系統在此種情境下的存活度是防禦者的首要任務。除此之外,從攻擊者的角度而言,其對於欲攻擊的目標通常僅具部分資訊,即「不完美知識」。有鑒於此,發展出了一種欺騙攻擊者與消耗其資源的防禦機制,稱為誘捕系統。該系統除了具備上述的重要功能之外,還可用於學習攻擊者技巧並記錄其所使用之系統漏洞,以降低核心節點被攻克的機率,增進整體系統的存活度。
在本論文中,我們將一個攻防情境轉化成數學規劃問題,用以描述系統被攻擊者攻克的機率,並且透過「評估流程」找出能讓該機率最小化之防禦資源配置模式。該法是利用一連串的評估以及策略強化逐步地提升解的品質,並在每一次的循環中,藉由現有的資訊推導出最適當的修正方向,持續的強化現有的配置方法,以期求得最佳解;此外,該法能夠用於解決具備不完美資訊特質的問題,透過適當的情境描述,加入隨機的變異性情況,使問題更貼近於真實情況,有效地提升對防禦者的正面效益。 | zh_TW |
| dc.description.abstract | Since the attack level and tactics of network systems grow with each passing day. Network systems are usually simultaneously attacked by different types of attackers. Therefore, the most important issue for defenders is to evaluate the system survivability under this scenario. Besides, from the view point of attackers, they usually only have partial information of the targeted system. In other words, they only have “imperfect knowledge”. As a result, a mechanism which is capable to distract attackers and waste their budget is emerged. This defense technique, called honeypot, can not only assist defender to learn attack strategy and record system vulnerabilities attackers used but also allows defender to understand system vulnerabilities. Therefore, whole system compromised probability is reduced. In other words, survivability is raised.
In this thesis, we model the attack defense scenario as a mathematical programming problem that describes attackers’ success probability. The optimal defense resource allocation is discovered by evaluation process. This approach applies a serious of evaluations and policy enhancements gradually improve the quality of solution. For each round, we derive the most appropriate direction to amend and continually enhance the allocation scheme to achieve optimal solution. Besides, this approach can be applied to solve problems with imperfect knowledge property. Through appropriate scenario description and randomness involved, the problem can be closer to realistic, thus enhance the positive benefits effectively for the defenders. | en |
| dc.description.provenance | Made available in DSpace on 2021-06-15T02:30:34Z (GMT). No. of bitstreams: 1 ntu-98-R96725025-1.pdf: 2022843 bytes, checksum: 294684a78238b19dfe7ce40faf9a5aaf (MD5) Previous issue date: 2009 | en |
| dc.description.tableofcontents | 謝誌 I
論文摘要 II THESIS ABSTRACT III Table of Contents V List of Tables VII List of Figures VIII Chapter 1 Introduction 1 1.1 Background 1 1.2 Motivation 5 1.3 Literature Survey 11 1.3.1 Survivability 11 1.3.2 Analytical Mechanisms toward Security Problems 15 1.3.2.1 Worst Case Analysis 15 1.3.2.2 Average Case Analysis 18 1.4 Proposed Approach 22 1.5 Thesis Organization 23 Chapter 2 Problem Formulation 24 2.1 Problem Description 24 2.2 Problem Formulation 26 2.3 Attacker Classification and a Possible Scenario 28 2.3.1 Attacker Classification 29 2.3.2 A Possible Scenario 35 Chapter 3 Solution Approach 44 3.1 Evaluation Process 44 3.2 Policy Enhancement 49 3.3 Initial Allocation Scheme 59 Chapter 4 Computational Experiments 63 4.1 Experiment Environment 63 4.2 Experiment Result 65 4.3 Scenario Analysis 83 Chapter 5 Conclusion and Future Work 93 5.1 Conclusion 93 5.2 Future Work 94 References: 98 | |
| dc.language.iso | en | |
| dc.subject | 不完美知識 | zh_TW |
| dc.subject | 最佳化 | zh_TW |
| dc.subject | 網路 | zh_TW |
| dc.subject | 攻防 | zh_TW |
| dc.subject | 網路 | zh_TW |
| dc.subject | 存活度 | zh_TW |
| dc.subject | 資源配置 | zh_TW |
| dc.subject | 數學規劃 | zh_TW |
| dc.subject | 誘捕系統 | zh_TW |
| dc.subject | Network Survivability | en |
| dc.subject | Mathematical Programming | en |
| dc.subject | Resource Allocation | en |
| dc.subject | Network Attack and Defense | en |
| dc.subject | Optimization | en |
| dc.subject | Imperfect Knowledge | en |
| dc.subject | Honeypots | en |
| dc.title | 考量誘捕系統下攻擊者成功機率最小化之近似最佳化防禦策略 | zh_TW |
| dc.title | Near Optimal Defense Strategies to Minimize Attackers’ Success Probabilities for Networks of Honeypots | en |
| dc.type | Thesis | |
| dc.date.schoolyear | 97-2 | |
| dc.description.degree | 碩士 | |
| dc.contributor.oralexamcommittee | 傅新彬,鐘嘉德,呂俊賢,林盈達 | |
| dc.subject.keyword | 網路,攻防,網路,存活度,最佳化,資源配置,數學規劃,誘捕系統,不完美知識, | zh_TW |
| dc.subject.keyword | Network Attack and Defense,Network Survivability,Optimization, Resource Allocation,Mathematical Programming,Honeypots,Imperfect Knowledge, | en |
| dc.relation.page | 100 | |
| dc.rights.note | 有償授權 | |
| dc.date.accepted | 2009-08-17 | |
| dc.contributor.author-college | 管理學院 | zh_TW |
| dc.contributor.author-dept | 資訊管理學研究所 | zh_TW |
| Appears in Collections: | 資訊管理學系 | |
Files in This Item:
| File | Size | Format | |
|---|---|---|---|
| ntu-98-1.pdf Restricted Access | 1.98 MB | Adobe PDF |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.