考量攻防雙方採用協同合作在多回合情境下最佳化資源配置策略之研究

Jen-Hua Chi; 紀人華

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/55645

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	林永松(Yeong-Sung Lin)
dc.contributor.author	Jen-Hua Chi	en
dc.contributor.author	紀人華	zh_TW
dc.date.accessioned	2021-06-16T04:14:40Z	-
dc.date.available	2017-08-25
dc.date.copyright	2014-08-25
dc.date.issued	2014
dc.date.submitted	2014-08-20
dc.identifier.citation	[1] R. Colbaugh and K. Glass(2012), 2012 SANDIA REPORT. California: Sandia Corporation [2] R. Richardson (2010), 2010/2011 CSI Computer Crime and Security Survey. New York: Computer Security Institute. [3] Symantec (2013). 2013 Internet Security Threat Report, Vol. 18. California. [4] Valentina Viduto (2011). A risk assessment and optimization model for minimizing network security risk and cost. University of Bedfordshire Repository. [5] Hossein, R. Z. and Azizah B. A. M. (2010). Botnet Detection by Monitoring Similar Communication Patterns. International Journal of Computer Science and Information Security. Vol. 7, No. 3. [6] Christos Douligeris and Aikaterini Mitrokotsa (2004). DDOS Attacks and defense Mechanisms: a Classification. Computer Networks, 44 (2004), 643–666. [7] Symantec (2011). 2011 State of Security Survey. California. [8] J. Zhuang and V. M. Bier (2007). Balancing Terrorism and Natural Disasters-Defensive Strategy with Endogenous Attacker Effort. Operations Research, Vol. 55, Issue 5, pp. 976-991. [9] T. Sandler and D. G. Arce (2003). Terrorism and Game Theory. Simulation & Gaming, Vol. 34, Issue 3, pp. 319-337. [10] C. Harsanyi (1995). Games with Incomplete Information. The Americould Economic Review, Vol. 85, No. 3, pp. 291-303. [11] V. R. Westmark (2004). A Definition for Information System Survivability. System Sciences. Proceeding of the 37th Annual Hawaii International Conference. [12] R. J. Ellison, D. A. Fisher, R. C. Linger, H. F. Lipson (1997), T. Longstaff and N. R. Mead. Survivable Network Systems: An Emerging Discipline. Technical Report CMU/SEI-97-TR-013. [13] W. Jiang, B. Fang, H. Zhang and Z. H. Tian (2007). A Game Theoretic Method for Decision and Analysis of the Optimal Active Defense Strategy. International Conference on Computational Intelligence and Security. [14] W. Jiang, B. Fang, H. Zhang and Z. H. Tian (2009). Optimal Network Security Strengthening Using Attack-Defense Game Model. Sixth International Conference on Information Technology: New Generations. [15] Y. S. Lin, P. H. Tsang, C. H. Chen, C. I. Tseng and Y. L. Lin (2006). Evaluation of Network Robustness for Given Defense Resource Allocation Strategies. Proceeding of the First International Conference on Availability, Reliability and Security. [16] F. Y. S. Lin, H. H. Yen, P. Y. Chen and Y. F. Wen (2011). Evaluation of Network Survivability Considering Degree of Separation. Hybrid Artificial Intelligence Systems. [17] K. Kark, J. Penn and A. Dill (2009). 2008 CISO Priorities: The Right Objectives but The Wrong Focus. Le Magazine de la Securite Informatique. [18] J. P. Pironti (2005). Key Elements of an Information Security Program. Information systems Control Journal, Vol.1. [19] Frank Yeong-Sung Lin, Yu-Shun Wang, and Ming-Yang Huang (2013). Effective Proactive and Reactive Defense Strategies against Malicious Attacks in a Virtualized Honeynet. Journal of Applied Mathematics, Vol. 2013 (2013), pp. 11. [20] Valentina Viduto, Carsten Maple, Wei Huang and David Lopez-Perez (2012). Decision Support Systems, Vol. 53, Issue 3, pp. 599–610 [21] Feng Zhang, Shijie Zhou, Zhiguang Qin and Jinde Liu (2003). Honeypot: a Supplemented Active Defense System for Network Security. Fourth International Conference on Parallel and Distributed Computing, Applications and Technologies. [22] Y. Xiang, W. Zhou and M. Chowdhury (2004). A survey of Active and Passive Defense Mechanisms Against DDoS Attacks. Technical Reports, TR C04/02, School of Information Technology. Australia: Deakin University. [23] Michael Liljenstam and DavidM. Nicol (2004). Comparing Passive and Active Worm Defenses. First International Conference on the Quantitative Evaluation of Systems. [24] G. Levitin, K. Hausken and H. Ben Haim (2010). Active and Passive Defense against Multiple Attack Facilities. International Game Theory Review. [25] George Oikonomou, Peter Reiher and Max Robinson (2006). A Framework for A Collaborative DDoS Defense. Proceedings of the 22nd Annual Computer Security Applications Conference. [26] Wen-Yi Hsin, Shian-Shyong Tseng and Shun-Chieh Lin (2005). A Study of Alert-Based Collaborative Defense. Proceedings of the 8th International Symposium on Parallel Architectures, Algorithms and Networks. [27] CCITT (1984). Terms and Definitions Related to Quality of Service, Availability and Reliability. CCITT Fascicle III. 1Rec. G. 106. [28] V. R. Westmark (2004). A Definition for Information System Survivability. System Sciences, Proceeding of the 37th Annual Hawaii International Conference on. [29] M. S. Deutsch and R. R. Willis (1988). Software Quality Engineering: A Total Technical and Management Approach. Englewood Cliffs. NJ: Prentice-Hall. [30] U. S. Department of Commerce. National Telecommunications and Information Administration. Institute for Telecommunication Services, Federal Standard 1037C. [31] P. G. Neumanm. Practical Architecture for Survivable Systems and Networks. Technical Report, Computer Science Laboratory, SRI International, CA 2000. [32] J. Knight and K. Sullivan. On The Definition of Survivability (2000). Department of Computer Science, University of Virginia, Tech. Rep. CS-00-33. [33] S. D. Morita and S. L. Konda (2000). A Simulation Model for Managing Survivability of Networked Information Systems. SEI. [34] S. Jha and J. M. Wing (2001). Survivability Analysis of Networked Systems. Proceedings of the 23th International Conference on Software Engineering, pp.872-874. [35] Yun Liu and Kishor S. Trivedi (2005). A General Framework for Network Survivability Quantificaiton. 12th GI/ITG Conference on Measuring, Modelling and Evaluation of Computer and Communication Systems. [36] H. Kerivin and A. R. Mahjoub (2005). Design of Survival Networks: A Survey. Research Report LIMOS/RR-05-04. [37] B. Bassiri and S. S Heydan (2009). Network Survivability in Large-scale Regional Failure Scenarios. Proceeding of the second Couldadian Conference on Computer Science and Software Engineering. Montreal, Quebec, Couldada, pp.83-87. [38] P. E. Heegaand and K. S. Trivedi (2009). Network Survivability Modeling. Computer networks, Vol.53(8), pp.1215-1234. [39] F. Xing and W. Wang (2010). On the Survivability of Wireless Ad Hoc Networks with Nodes Misbehaviors and Failures. IEEE Transactions on Dependable and Secure Computing, Vol.7, no. 3, pp. 284-299. [40] F. Y. S. Lin, H. H. Yen, P. Y. Chen and Y. F. Wen (2011). Evaluation of Network Survivability Considering Degree of Separation. Hybrid Artificial Intelligence Systems. [41] P. G. Neumann. Practical Architectures for Survivable Systems and Networks (2000). Technical Report. Computer Science Laboratory, Sri International, CA. [42] Stergios Skaperdas (1996). Contest success functions. Economic Theory 7, 283-290. [43] S. Skaperdas (1996). Contest Success Functions. Economic Theory. [44] H. Hassoun (1995). Fundamentals of Artificial Neural Networks. MIT Press. [45] G. Owen (2001). Game Theory, 3rded. Academic Press.
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/55645	-
dc.description.abstract	許多企業與組織利用網路管理內部私密資料以及與外部使用者聯繫，然而隨著使用者對網路依賴度的提升，資訊安全的問題也越演越烈，目前資訊安全領域的問題延伸觸角至企業中，其所能造成的損失也隨之增加。在這種情況下，如何以有限的資源，進行有效率的偵測攻擊者行為、預防攻擊事件甚至是阻擋攻擊者已經成為營運者必須正視的嚴峻問題，不僅防禦資源需要進行策略性的布建，亦須分配資源至網路節點上，並修復已經被攻克的節點以增強網路存活度。　　目前統計較容易造成資料重大危害的攻擊方式為協同攻擊，但許多防禦者仍採用單一防禦的方式，為了因應攻擊者的策略變化．我們提出了協同防禦來加強防禦效果。然而，如何有效率的評估網路存活度是一個重要且值得探討的議題，我們採用平均網路分割度(Average Degree of Disconnectivity)作為衡量網路存活度的指標，並且將平均DOD指標結合機率的概念，用以評估網路的破壞程度，其值越大表示其網路破壞的程度越高。在我們的情境裡，考慮兩群玩家，他們會從中選出領導者來帶領防禦或是攻擊行為。　　我們模擬一個多階段網路攻防問題，並建立最佳化資源配置策略之數學模型，且以平均DOD指標評量網路在攻防情境下的網路存活度，每一階段中，玩家皆可在更新網路弱點後再分配資源於網路中的節點以進行協同防禦或協同攻擊；此外，每回合皆可重新佈署資源於不同節點上以加強網路存活度或是修復已被攻克的節點。而在求解過程中我們使用了「窮舉法」以及「次梯度法」來協助搜尋雙方的最佳資源配置策略。	zh_TW
dc.description.abstract	Many corporations and organizations conduct daily business through Internet. With the accumulating population using network, the problems of information security become a critical issue. Nowadays, the problems of network security have been extended from personal to organizational. Furthermore, the attack events bring more threat to business than before. Therefore, it is a significant problems to detect attack preference, prevent attack events and even deter the attackers in advance with limited resources for the corporations. The not only have to deploy the network with defense resources but also allocate resources to the attack event. Furthermore, the defender have to decide whether to repair the compromised nodes or not. 　　Currently, the most common type of attack is collaborative attack but most of the defender still defend lonely. Therefore, we propose hierarchical collaborative，defense model to increase the defense effect and strengthen the network survivability. However, how to evaluate network survivability efficiently is an important issue. In our research, the Average Degree of Disconnectivity is adopted to measure the network survivability. We further combine the concept of Average DOD with probability. This method is used to evaluate the damage degree of the network. The larger the Average DOD value is, the higher the damage degree of the network. In our scenario, we take two groups of players into account, both of them choose a leader to lead the defense actions or attack actions. In the beginning, the defender does not know where the vulnerabilities are in the network until they encounter attack events. After they face the attack events, the defender begin to repair the network nodes in the next round. We develop a multi-round network attack-defense scenario and establish a mathematical model to optimize resource allocation and then predict the defender’s network survivability through the Average DOD value. In each round, the players could allocate the resources on the nodes after they update the information about the opponent. Furthermore, they could reallocate the defense resources and repair the compromised nodes. To solve the problem, the method base on subgradient and the exhaustive search would be adopted to find the optimal resources allocation strategies for both groups of players.	en
dc.description.provenance	Made available in DSpace on 2021-06-16T04:14:40Z (GMT). No. of bitstreams: 1 ntu-103-R01725022-1.pdf: 1072315 bytes, checksum: 2c3c3ee76e859bd5e93849b57a1e0a7b (MD5) Previous issue date: 2014	en
dc.description.tableofcontents	Contents 致謝 I 論文摘要 III Thesis Abstract V Chapter1 Introduction 1 1.1 Background 1 1.2 Motivation 7 1.3 Literature Review 11 1.3.1 Defender’s and Attacker’s Behaviors 11 1.3.1.1 Proactive Defense and Reactive Defense 11 1.3.1.2 Active Defense and Passive Defense 13 1.3.2 Collaborative defense 14 1.3.3 Network survivability 14 1.4 Thesis Organization 17 Chapter2 Problem Formulation 19 2.1 Degree of Disconnectivity 19 2.2 Contest Success Function 20 2.3 Average Degree of Disconnectivity 22 2.3.1 Illustration 22 2.4 Problem Description 26 2.4.1 Identity of Defender 28 2.4.1.1 Collaborative Defense 28 2.4.1.2 Defense Strategies 30 2.4.1.3 Resource Allocation and Node Repairing: Local Attack Events 31 2.4.2 Identity of Attacker 33 2.4.2.1 Collaborative Attacks 34 2.4.2.2 Attack Strategies 36 2.4.2.3 Rewards 36 2.4.2.4 Updating Information: Unknown Vulnerabilities and Defender’s private Information 37 2.4.3 The Attack-defense Interaction in Multiple Rounds 38 2.5 Problem Assumption 39 2.6 Mathematical Formulation 42 Chapter3 Solution Approach 45 3.1 The Solution Procedure 45 3.2 The Calculation Method of Average DOD Value 46 3.2.1 The Exhaustive Search Method 46 3.2.2 The Method Based on Subgradient 47 3.2.3 Finding the Optimal Allocation Strategy 48 3.2.4 The Calculation of Average DOD Value in Multi-Round 51 Chapter4 Computational Experiments 53 4.1 Experiment Environment 53 4.2 Maximization of Average DOD Value 54 Chapter5 Summary and Future Work 60 5.1 Summary 60 5.1.1 Resources Allocation Strategy for the Attacker 60 5.2 Future Work 60 5.2.1 The DOD value 61 5.2.2 The Scale Size of Both Players Strategies in each Round 61 5.2.3 The Contest Intensity 61 References 62
dc.language.iso	en
dc.subject	資源配置	zh_TW
dc.subject	資訊安全	zh_TW
dc.subject	網路存活度	zh_TW
dc.subject	協同防禦	zh_TW
dc.subject	協同攻擊	zh_TW
dc.subject	Collaborative defense	en
dc.subject	Information security	en
dc.subject	Network survivability	en
dc.subject	Synergy effect	en
dc.subject	Resource allocation	en
dc.subject	Collaborative attack	en
dc.title	考量攻防雙方採用協同合作在多回合情境下最佳化資源配置策略之研究	zh_TW
dc.title	Optimal Resource Allocation Strategies Under Collaborative Defense and Collaborative Attack in Multiple Rounds	en
dc.type	Thesis
dc.date.schoolyear	102-2
dc.description.degree	碩士
dc.contributor.oralexamcommittee	呂俊賢(Chun-Hsien Lu),鍾順平(Shun-Ping Chung),林盈達(Ying-Ta Lin)
dc.subject.keyword	資訊安全,網路存活度,資源配置,協同攻擊,協同防禦,	zh_TW
dc.subject.keyword	Information security,Network survivability,Synergy effect, Resource allocation,Collaborative attack,Collaborative defense,	en
dc.relation.page	68
dc.rights.note	有償授權
dc.date.accepted	2014-08-20
dc.contributor.author-college	管理學院	zh_TW
dc.contributor.author-dept	資訊管理學研究所	zh_TW
顯示於系所單位：	資訊管理學系

文件中的檔案：

檔案	大小	格式
ntu-103-1.pdf 未授權公開取用	1.05 MB	Adobe PDF

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。