考量不完全資訊情況下多階段防禦資源分配以及防禦訊息策略選擇演算法以最大化網路存活度

I-Ju Shih; 施怡如

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/64486

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	林永松(Yeong-Sung Lin)
dc.contributor.author	I-Ju Shih	en
dc.contributor.author	施怡如	zh_TW
dc.date.accessioned	2021-06-16T17:50:03Z	-
dc.date.available	2014-08-19
dc.date.copyright	2012-08-19
dc.date.issued	2012
dc.date.submitted	2012-08-13
dc.identifier.citation	[1] Symantec, 'Symantec Report on Attack Kits and Malicious Websites', Symantec Corporation, January 2011. [2] R. Richardson, '2010/2011 CSI Computer Crime and Security Survey', Computer Security Institute, December 2010. [3] Symantec, 'Symantec Internet Security Threat Report Trends for 2010', Symantec Corporation, Vol. 16, April 2011. [4] Symantec, '2011 State of Security Survey', Symantec Corporation, pp. 1-19, 2011. [5] J. Hoffer, 'Backing Up Business – Industry Trend or Event', Health Management Technology, January 2001. [6] V.M. Bier, S. Oliveros and L. Samuelson, 'Choosing What to Protect: Strategic Defensive Allocation Against an Unknown Attacker', Journal of Public Economic Theory, Vol. 9, Issue 4, pp. 563–587, August 2007. [7] J. Zhuang and V.M. Bier, 'Balancing Terrorism and Natural Disasters - Defensive Strategy with Endogenous Attacker Effort', Operations Research, Vol. 55, Issue 5, pp. 976–991, September 2007. [8] T. Sandler and D.G. Arce, 'Terrorism and Game Theory', Simulation & Gaming, Vol. 34, Issue 3, pp.319–337, September 2003. [9] C. Harsanyi, 'Games with Incomplete Information', The American Economic Review, Vol. 85, No. 3, pp. 291-303, June 1995. [10] F.Y.S. Lin, P.Y. Chen, and P.H. Tsang, 'An Evaluation of Network Survivability When Defense Levels Are Discounted by the Accumulated Experience of Attackers', Proceedings of the Annual Security Conference, 2009. [11] R. Peng, G. Levitin, M. Xie and S.H. Ng, 'Defending Simple Series and Parallel Systems with Imperfect False Targets', Reliability Engineering & System Safety, Vol. 95, Issue 6, pp. 679-688, June 2010. [12] V.M. Bier, A. Nagaraja and V. Abhichandani, 'Protection of Simple Series and Parallel Systems with Components of Different Values', Reliability Engineering & System Safety, Vol. 87, Issue 3, pp. 315-323, March 2005. [13] K. Hausken and V.M. Bier, 'Defending against Multiple Different Attackers', European Journal of Operational Research, Vol. 211, Issue 2, pp. 370-384, June 2011. [14] J. Zhuang, V.M. Bier and O. Alagoz, 'Modeling Secrecy and Deception in a Multiple-period Attacker–defender Signaling Game', European Journal of Operational Research, Vol. 203, Issue 2, pp. 409–418, June 2010. [15] J. Zhuang and V.M. Bier, 'Secrecy and Deception at Equilibrium, with Applications to Anti-terrorism Resource Allocation', Defence and Peace Economics, Vol. 22, No. 1, pp. 43-61, February 2011. [16] N.S. Dighe, J. Zhuang and V.M. Bier, 'Secrecy in Defensive Allocations as a Strategy for Achieving More Cost-effective', International Journal of Performability Engineering, Vol. 5, No. 1, pp. 31-43, January 2009. [17] R. Powell, 'Allocating Defensive Resources with Private Information about Vulnerability', American Political Science Review, Vol. 101, No. 4, pp. 799–809, November 2007. [18] N.C. Rowe, 'Deception in Defense of Computer Systems from Cyber Attack', Cyber Warfare and Cyber Terrorism, pp. 97-104, 2008. [19] N.C. Rowe and H.S. Rothstein, 'Two Taxonomies of Deception for Attacks on Information Systems', Journal of Information Warfare, Vol. 3, No. 2, pp. 27-39, July 2004. [20] K. Hausken, 'Strategic Defense and Attack for Reliability Systems', Reliability Engineering & System Safety, Vol. 93, Issue 11, pp. 1740-1750, November 2008. [21] M.N. Azaiez and V.M. Bier, 'Optimal Resource Allocation for Security in Reliability Systems', European Journal of Operational Research, Vol. 181, Issue 2, pp. 773-786, September 2007. [22] F.Y.S. Lin, P.H. Tsang, P.Y. Chen and H.T. Chen, 'Maximization of Network Robustness Considering the Effect of Escalation and Accumulated Experience of Intelligent Attackers', Proc. World Multiconference on Systemics, Cybernetics and Informatics, 2009. [23] G. Levitin and K. Hausken, 'Resource Distribution in Multiple Attacks Against a Single Target', Risk Analysis, Vol. 30, No. 8, pp. 1231–1239, August 2010. [24] T. Alpcan and T. Baser, 'A Game Theoretic Analysis of Intrusion Detection in Access Control Systems', Proceeding of the 43rd IEEE Conference on Decision and Control, 2004. [25] K. Hausken, 'Defense and Attack of Complex and Dependent Systems', Reliability Engineering & System Safety, Vol. 95, Issue 1, pp. 29-42, January 2010. [26] J. Grossklags, N. Christin, J. Chuang, 'Secure or Insure? A Game-Theoretic Analysis of Information Security Games', Proceedings of the 17th International World Wide Web Conference, April 2008. [27] R.J. Ellison, D.A. Fisher, R.C. Linger, H.F. Lipson, T. Longstaff and N.R. Mead, 'Survivable Network Systems: An Emerging Discipline', Technical Report CMU/SEI-97-TR-013, 1997. [28] F.Y.S. Lin, H.H. Yen, P.Y. Chen and Y.F. Wen, 'Evaluation of Network Survivability Considering Degree of Disconnectivity', Lecture Notes in Artificial Intelligence, Vol. 6678, pp. 51-58, 2011. [29] F.Y.S. Lin, P.Y. Chen and Q.T. Chen, 'Resource Allocation Strategies to Maximize Network Survivability Considering of Average DOD', Advances in Intelligent and Soft Computing, Vol. 151, pp. 751-758, 2012. [30] S. Skaperdas, 'Contest Success Functions', Economic Theory, 1996. [31] S. Roy, C. Ellis, S. Shiva, D. Dasgupta, V. Shandilya and Q. Wu, 'A Survey of Game Theory as Applied to Network Security', Proceedings of the 43rd Hawaii International Conference on System Sciences, 2010. [32] G. Owen, 'Game Theory, 3rded', Academic Press, 2001.
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/64486	-
dc.description.abstract	隨著網際網路的快速發展，我們隨時隨地都可以連上網路，網路帶來了許多商機，但也讓企業面對許多的挑戰。企業為了24小時都能服務顧客，它必須保持不間斷的系統服務，但是隨著網路攻擊工具包的取得越來越容易，網路攻擊不再是駭客的專利，讓企業面臨許多資訊安全的問題。因此，如何分配防禦資源以有效的減少攻擊者所帶來的傷害，以及如何評估系統存活度以幫助企業保持營運就成為了重要的議題。在我們的攻防情境中，我們考慮攻防雙方並不完全了解對方擁有的資訊，也就是考慮不完全資訊，並建立一個最佳化資源配置目標之數學模型，且利用一個網路存活度的指標平均網路分割度(Average Degree of Disconnectivity)來衡量在多階段攻防情境下的網路存活度，以提供網路營運者預測攻防雙方可能採取的資源分配策略。在此情境的每一個階段裡，防禦者需要分配資源在不同的節點上，透過重新分配或回收資源做更好的防禦資源利用，使用防禦資源修復已被攻克的節點，以及修補漏洞或是利用滲透測試修補漏洞，另外防禦者還可以選擇是否要釋放訊息，其訊息可能為真實、欺騙或是保密的訊息來混淆攻擊者，藉此達到更好的防禦效率；而攻擊者則會利用資源對網路中的節點進行攻擊。在求解的過程中，我們採用「梯度法」與「賽局」技巧來協助找出攻防雙方最佳的資源分配策略。	zh_TW
dc.description.abstract	With Internet rapidly expanding, we can connect to Internet at anytime in anywhere. Internet brings many businesses for enterprises, but Internet also lets enterprises face many challenges. In order to serve their customers at all day, enterprises should keep operation continuously. With attack toolkits become easily to obtain, cyber attacks are not hackers’ specialization. So, enterprises face many challenges of cyber security. Therefore, how to efficiently allocate defensive resources to reduce damages which was caused by cyber attackers and how to evaluate system survivability to help enterprises keeping operate became important issues. In this multi-round attack-defense model, both cyber attacker and network defender without completely understanding the information about each other is considered. In other words, incomplete information in this model is considered and we conduct a mathematical model for this problem. Besides, we use Average DOD to evaluate damage degree of network to help network operators to predict all possible strategies which both cyber attacker and network defender would take. In each round, network defender could allocate resources on each node, reallocate or recycle resources for better use. And network defender could also repair compromised nodes, patch system vulnerabilities or use penetration test to patch system vulnerabilities. Moreover, network defender could release message which might be doing nothing at all, truth, secrecy or deception to confuse cyber attacker to achieve better defense efficiency. In each round, cyber attacker would allocate resources to attack nodes of the network. In the process of problem solving, the 'gradient method' and 'game theory' would be used to obtain the optimal resource allocation strategies for both cyber attacker and network defender.	en
dc.description.provenance	Made available in DSpace on 2021-06-16T17:50:03Z (GMT). No. of bitstreams: 1 ntu-101-R99725003-1.pdf: 1339798 bytes, checksum: dbecb6ea347d5c175e1833f0d005109f (MD5) Previous issue date: 2012	en
dc.description.tableofcontents	致謝 i 論文摘要 ii THESIS ABSTRACT iii Table of Contents v List of Figures viii List of Tables xii Chapter 1 Introduction 1 1.1 Background 1 1.2 Motivation 8 1.3 Literature Survey 11 1.3.1 Incomplete Information 11 1.3.2 Multi-round 16 1.3.3 High Availability 17 1.3.4 Average Degree of Disconnectivity (ADOD) 19 1.4 Thesis Organization 23 Chapter 2 Problem Formulation 24 2.1 Average Degree of Disconnectivity (ADOD) 24 2.1.1 Illustration 24 2.1.2 The Procedure of Calculating Average DOD 29 2.2 Problem Description 30 2.2.1 The Attacker and the Defender’s Characteristics 32 2.2.2 Defensive Messaging 41 2.2.3 The Defender’s Network Topology 45 2.3 Mathematical Formulation 56 Chapter 3 Solution Approach 67 3.1 The Solution Procedure 68 3.2 Gradient Method 69 3.3 Accelerating Calculation of the Average DOD Value 73 3.4 The Calculation of Average DOD Value in Multi-Round 74 3.5 Using Game Theory to Find the Optimal Solution 75 3.6 Time Complexity Analysis 78 Chapter 4 Computational Experiments 84 4.1 Experiment Environment 84 4.2 The Experiments of Same Weight in Three Rounds 92 4.2.1 The Experiments of Incomplete Information 92 4.2.2 The Experiments of Complete Information 111 4.2.3 The Experiments of Considering High Availability System 120 4.2.4 Experiments Comparison 123 4.3 The Experiments of Different Weight in Three Rounds 126 4.3.1 Experiments Results 126 4.3.2 Experiments Comparison 129 4.4 The Experiments of Different Total Resources 131 4.4.1 The Experiments of the Defender Having More Total Resources 132 4.4.2 The Experiments of the Attacker Having More Total Resources 134 4.4.3 Experiments Comparison 136 4.5 The Experiments of Other Networks 138 4.5.1 The Experiments Results of Complete Information 140 4.5.2 The Experiments Results of Incomplete Information 144 Chapter 5 Summary and Future Work 149 5.1 Summary 149 5.2 Future Work 153 References 157
dc.language.iso	en
dc.subject	最佳化	zh_TW
dc.subject	資源分配	zh_TW
dc.subject	多階段	zh_TW
dc.subject	網路修復	zh_TW
dc.subject	不完全資訊	zh_TW
dc.subject	賽局理論	zh_TW
dc.subject	梯度法	zh_TW
dc.subject	平均網路分割度	zh_TW
dc.subject	滲透測試	zh_TW
dc.subject	存活度	zh_TW
dc.subject	Optimization	en
dc.subject	Average DOD	en
dc.subject	Gradient Method	en
dc.subject	Game Theory	en
dc.subject	Incomplete Information	en
dc.subject	Survivability	en
dc.subject	Average Degree of Disconnectivity	en
dc.subject	Resource Allocation	en
dc.subject	Multi-round	en
dc.subject	Network Recovery	en
dc.subject	Penetration Test	en
dc.title	考量不完全資訊情況下多階段防禦資源分配以及防禦訊息策略選擇演算法以最大化網路存活度	zh_TW
dc.title	Maximization of Multi-Round Network Survivability under Considerations of Defensive Messaging Strategies and Incomplete Information for Both the Attacker and the Defender	en
dc.type	Thesis
dc.date.schoolyear	100-2
dc.description.degree	碩士
dc.contributor.oralexamcommittee	呂俊賢,傅新彬,莊東穎,鍾順平
dc.subject.keyword	平均網路分割度,梯度法,賽局理論,不完全資訊,存活度,最佳化,資源分配,多階段,網路修復,滲透測試,	zh_TW
dc.subject.keyword	Average Degree of Disconnectivity,Average DOD,Gradient Method,Game Theory,Incomplete Information,Survivability,Optimization,Resource Allocation,Multi-round,Network Recovery,Penetration Test,	en
dc.relation.page	162
dc.rights.note	有償授權
dc.date.accepted	2012-08-14
dc.contributor.author-college	管理學院	zh_TW
dc.contributor.author-dept	資訊管理學研究所	zh_TW
顯示於系所單位：	資訊管理學系

文件中的檔案：

檔案	大小	格式
ntu-101-1.pdf 未授權公開取用	1.31 MB	Adobe PDF

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。