請用此 Handle URI 來引用此文件:
http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/44153完整後設資料紀錄
| DC 欄位 | 值 | 語言 |
|---|---|---|
| dc.contributor.advisor | 林永松(Yeong-Sung Lin) | |
| dc.contributor.author | Quen-Ting Chen | en |
| dc.contributor.author | 陳冠廷 | zh_TW |
| dc.date.accessioned | 2021-06-15T02:42:20Z | - |
| dc.date.available | 2013-08-22 | |
| dc.date.copyright | 2011-08-22 | |
| dc.date.issued | 2011 | |
| dc.date.submitted | 2011-08-16 | |
| dc.identifier.citation | [1] Symantec, “State of Enterprise Security 2010”, Symantec Corporation, pp. 1-16, 2010.
[2] Symantec, “Symantec Global Internet Security Threat Report trends for 2009”, Symantec Corporation, Volume XV, April 2010. [3] S. Jha and J.M. Wing, “Survivability Analysis of Networked Systems”, Proceedings of the 23rd International Conference on Software Engineering, IEEE, pp. 872- 874, 2001. [4] S. Jhay, J. Wingy, R. Lingerz and T. Longstaffz, “Survivability Analysis of Network Specifications”, International Conference on Dependable Systems and Networks, IEEE, pp. 53-58, 2000. [5] U.S. Department of Commerce, National Telecommunications and Information Administration, Institute for Telecommunications Services, ATIS Telecom Glossary 2007. [6] S. Balasubramaniam, D. Botvich, W. Donnelly and N. Agoulmine, “A Multi-Layered approach towards achieving Survivability in Autonomic Network”, Proceedings of the 2007 IEEE International Conference on Telecommunications and Malaysia International Conference on Communications, May 2007. [7] G. Abbas, “Optic Networking Standards: A Comprehensive Guide”, 2006. [8] F. Xing and W. Wang, “On the Survivability of Wireless Ad Hoc Networks with Node Misbehaviors and Failures”, IEEE Transactions on Dependable and Secure Computing, Volume 7, 2010. [9] W. Jiang, B.X. Fang, H.l. Zhang and Z.H. Tian, “A Game Theoretic Method for Decision and Analysis of the Optimal Active Defense Strategy”, International Conference on Computational Intelligence and Security, 2007. [10] W. Jiang, B.X. Fang, H.l. Zhang and Z.H. Tian, “Optimal Network Security Strengthening Using Attack-Defense Game Model”, Sixth International Conference on Information Technology: New Generations, 2009. [11] Y.S. Lin, P.H. Tsang, C.H. Chen, C.L. Tseng and Y.L. Lin, 'Evaluation of Network Robustness for Given Defense Resource Allocation Strategies', Proceedings of the First International Conference on Availability, Reliability and Security, 2006. [12] F.Y.S. Lin, H.H. Yen, P.Y. Chen and Y.F. Wen, 'Evaluation of Network Survivability Considering Degree of Separation', Proc. HAIS, 2011. [13] F.Y.S. Lin, P.Y. Chen, Y.S. Wang and Y.Y. Chang, 'Network Recovery Strategies for Maximization of Network Survivability under Malicious Attacks ', Proc. IEEE IWCMC, 2011. [14] G. Levitin and K. Hausken, “Parallel systems under two sequential attacks”, Reliability Engineering and System Safety, 2009. [15] G. Levitin and K. Hausken, “Resource Distribution in Multiple Attacks Against a Single Target”, Risk Analysis, Volume 30, 2010. [16] R.J. Ellison, D.A. Fisher, R.C. Linger, H.F. Lipson, T. Longstaff and N.R. Mead, “Survivable Network Systems: An Emerging Discipline”, Technical Report CMU/SEI-97-TR-013, 1997. [17] V.R. Westmark, “A Definition for Information System Survivability”, Proceedings of the 37th Hawaii International Conference on System Sciences, 2004. [18] O.M. Al-Kofahi and A.E. Kamal, “Survivability Strategies in Multihop Wireless Networks”, Wireless Communications, IEEE, 2010. [19] S. Neumayer and E. Modiano, “Network Reliability With Geographically Correlated Failures”, INFOCOM, 2010 Proceedings IEEE, 2010. [20] S. Skaperdas, “Contest Success Functions”, ECONOMIC THEORY, 1996. [21] M. J. Obsborne and A. Rubinstein, “A Course in Game Theory.” MIT Press, 1994. [22] S. Roy, C. Ellis, S. Shiva, D. Dasgupta, V. Shandilya and Q. Wu, “A Survey of Game Theory as Applied to Network Security”, Proceedings of the 43rd Hawaii International Conference on System Sciences, 2010. [23] R. Machado and S. Tekinay, “A Survey of Game-theoretic Approaches in Wireless Sensor Networks” Computer Networks, 2010. [24] H. Hassoun, “Fundamentals of Artificial Neural Networks” MIT Press, 1995. [25] G. Owen, “Game Theory, 3rded” Academic Press, 2001. [26] K. Hausken and V. M. Bier, “Defending against multiple different attackers” European Journal of Operational Research, 2011. [27] G. Levitin and K. Hausken, “Influence of Attacker’s Target Recognition ability on Defense Strategy in Homogeneous Parallel Systems” Reliability Engineering and System Safety, 2010. [28] G. Levitin and K. Hausken, “Protection vs. False Targets in Series Systems” Reliability Engineering and System Safety, 2009. | |
| dc.identifier.uri | http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/44153 | - |
| dc.description.abstract | 網際網路豐富了我們的生活,卻也為個人與企業帶來許多資訊安全威脅。由於網際網路使攻擊者能不限時間與地點的進行攻擊,所以難以保持網路系統能永久的安全。因此,如何評估網路存活度,是一個重要且值得探討的議題。在本篇論文中,我們提出了一個新的網路存活指標稱為平均網路分割度(Average Degree of Disconnectivity, Average DOD )。Average DOD指標結合機率的概念與DOD指標,以評估所有情況下之網路破壞程度,其值越大表示網路破壞的程度越高。
我們模擬一個網路攻防情境問題,並建立一個最佳化資源配置目標之數學模型,並以Average DOD指標評量網路在多階段攻防情境下的網路存活度,以提供網路營運者來預測網路攻防雙方最有可能採取的資源分配策略。在此情境中,每階段中攻擊者利用資源對網路中的節點進行攻擊;同時防禦者透過重新分配資源,並使用防禦資源於修復已被攻克的節點與防禦存活節點上。在求解過程中,採用了「梯度法」及「賽局」技巧協助尋找出攻防雙方的最佳化資源分配決策。 | zh_TW |
| dc.description.abstract | The Internet enriches our lives, but it also brings lots of threats to individuals and cooperates from information security. It is difficult to keep network safe forever because cyber attacker could launch attack through the network unlimited by time and space. Consequently, it is a more and more important and critical issue about how to efficiently evaluate network survivability. In this thesis, an innovative metric called Average Degree of Disconnectivity (Average DOD) is proposed. The Average DOD combining the concept of the probability calculated by contest success function with the DOD metric would be used to evaluate the damage degree of network. The larger value of the Average DOD, the more damage degree of the network would be.
A multi-stage network attack-defense scenario as a mathematical model would be used to support network operators to predict that all the likelihood strategies both cyber attacker and network defender would take. In addition, the Average DOD would be used to evaluate damage degree of network. In each stage, the attacker could use the attack resources to launch attack on the nodes of network. On the other hand, the network defender could reallocate existed resources of defender to recover compromised nodes and allocate defense resources to protect survival nodes of network. In the process of problem solving, the “gradient method” and “game theory” would be adopted to find the optimal resource allocation strategies for both cyber attacker and network defender. | en |
| dc.description.provenance | Made available in DSpace on 2021-06-15T02:42:20Z (GMT). No. of bitstreams: 1 ntu-100-R98725043-1.pdf: 886754 bytes, checksum: 76f2fa3b0bd696da0d6a210d2546d1ad (MD5) Previous issue date: 2011 | en |
| dc.description.tableofcontents | 誌謝 I
論文摘要 III THESIS ABSTRACT V Table of Contents VII List of Figures XI List of Tables XIII Chapter1 Introduction 1 1.1 Background 1 1.2 Motivation 4 1.3 Literature Survey 6 1.3.1 Network Survivability 7 1.3.2 Degree of Disconnectivity 10 1.3.3 Contest Success Function 13 1.3.4 Game Theory 16 1.4 Thesis Organization 19 Chapter2 Problem Formulation 21 2.1 The Average DOD 21 2.1.1 Illustration 21 2.1.2 The Calculation Procedure of the Average DOD 27 2.2 Problem Description 28 2.3 Mathematical Formulation 33 Chapter3 Solution Approach 39 3.1 The Solution Procedure 40 3.2 The Calculation Method of Average DOD Value 41 3.2.1 Gradient Method 41 3.2.2 Using the Gradient Method to Find the Optimal Resource Allocation Strategy 45 3.2.3 Accelerating Calculation of the Average DOD Value 49 3.2.4 The Calculation of Average DOD Value in Multi-Stage 51 3.3 Using Game Theory to Find the Optimal Solution 53 3.4 Time Complexity Analysis 58 Chapter4 Computational Experiments 61 4.1 Experiment Environment 61 4.2 Demonstrated Experiments 66 4.2.1 The First Experiment 67 4.2.2 The Second Experiment 70 4.3 Computational Experiments of Different Weight in Each Stage 73 4.3.1 Experiment Results 73 4.3.2 Discussion of Results 75 4.4 Comparing Results of Three Different Kinds of Network Topology 77 4.4.1 Experiment Results 77 4.4.2 Discussion of Results 79 4.5 Computational Experiments of the Accumulated Experiences of Attacker 81 4.5.1 Experiment Results 81 4.5.2 Discussion of Results 83 4.6 Computational Experiments of the Different Resource Reallocation Policies of Defender 84 4.6.1 Experiment Results 84 4.6.2 Discussion of Results 87 4.7 Computational Experiments of the Different Node Recovery Policies of Defender 89 4.7.1 Experiment Results 90 4.7.2 Discussion of Results 91 Chapter5 Summary and Future Work 93 5.1 Summary 93 5.2 Future Work 95 References 99 | |
| dc.language.iso | en | |
| dc.subject | 平均網路分割度 | zh_TW |
| dc.subject | 網路修復 | zh_TW |
| dc.subject | 資源重分配 | zh_TW |
| dc.subject | 資源分配 | zh_TW |
| dc.subject | 賽局理論 | zh_TW |
| dc.subject | 最佳化 | zh_TW |
| dc.subject | 網路存活度 | zh_TW |
| dc.subject | 梯度法 | zh_TW |
| dc.subject | 競爭成功函數 | zh_TW |
| dc.subject | 多階段網路攻防 | zh_TW |
| dc.subject | Game Theory | en |
| dc.subject | Average Degree of Disconnectivity | en |
| dc.subject | Average DOD | en |
| dc.subject | Contest Success Function | en |
| dc.subject | Gradient Method | en |
| dc.subject | Network Survivability | en |
| dc.subject | Optimization | en |
| dc.subject | Resource Allocation | en |
| dc.subject | Resource Reallocation | en |
| dc.subject | Network Recovery | en |
| dc.subject | Multi-Stage Network Attack and Defense | en |
| dc.title | 考量惡意攻擊情況下多階段防禦資源分配以最大化網路存活度之修復與資源重分配策略 | zh_TW |
| dc.title | Recovery and Resource Reallocation Strategies to Maximize Network Survivability for Multi-Stage Defense Resource Allocation under Malicious Attacks | en |
| dc.type | Thesis | |
| dc.date.schoolyear | 99-2 | |
| dc.description.degree | 碩士 | |
| dc.contributor.oralexamcommittee | 林盈達,趙啟超,莊東穎,呂俊賢 | |
| dc.subject.keyword | 平均網路分割度,競爭成功函數,梯度法,網路存活度,最佳化,資源分配,資源重分配,網路修復,多階段網路攻防,賽局理論, | zh_TW |
| dc.subject.keyword | Average Degree of Disconnectivity,Average DOD,Contest Success Function,Gradient Method,Network Survivability,Optimization,Resource Allocation,Resource Reallocation,Network Recovery,Multi-Stage Network Attack and Defense,Game Theory, | en |
| dc.relation.page | 100 | |
| dc.rights.note | 有償授權 | |
| dc.date.accepted | 2011-08-17 | |
| dc.contributor.author-college | 管理學院 | zh_TW |
| dc.contributor.author-dept | 資訊管理學研究所 | zh_TW |
| 顯示於系所單位: | 資訊管理學系 | |
文件中的檔案:
| 檔案 | 大小 | 格式 | |
|---|---|---|---|
| ntu-100-1.pdf 未授權公開取用 | 865.97 kB | Adobe PDF |
系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。