請用此 Handle URI 來引用此文件:
http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/6519完整後設資料紀錄
| DC 欄位 | 值 | 語言 |
|---|---|---|
| dc.contributor.advisor | 林永松(Yeong-Sung Lin) | |
| dc.contributor.author | Ying-Ju Chen | en |
| dc.contributor.author | 陳瀅如 | zh_TW |
| dc.date.accessioned | 2021-05-17T09:14:21Z | - |
| dc.date.available | 2014-08-19 | |
| dc.date.available | 2021-05-17T09:14:21Z | - |
| dc.date.copyright | 2012-08-19 | |
| dc.date.issued | 2012 | |
| dc.date.submitted | 2012-08-15 | |
| dc.identifier.citation | [1] SAINT, “Integrated Network Vulnerability Scanning and Penetration Testing,” SAINT, 2009.
[2] IBM Internet Security Systems X-Force research and development team, “X-Force 2011 Mid-Year Trend and Risk Report,” IBM, September 2011. [3] R. Robert, “CSI Computer Crime and Security Survey 2010/2011,” Computer Security Institute, 2011. [4] Symantec, “2011 State of Security Survey,” Symantec Corporation, 2011. [5] R.A. Clarke, “Cyber War,” HarperCollins, 2010, http://en.wikipedia.org/wiki/Cyberwarfare. [6] McAfee, “Advanced Persistent Threats,” McAfee, 2010. [7] Jonathan Fildes, “Stuxnet Worm Targeted High-Value Iranian Assets,” BBC news, September 2010, http://www.bbc.com/news/technology-11388018. [8] D.E. Sanger, “Obama Order Sped Up Wave of Cyber Attacks Against Iran,” New York Times, June 2012, http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html?_r=2. [9] Kevin Fogarty, “Iran official threatens retaliation for Stuxnet,” IT World, April, 2011. [10] SANS, “A Detailed Analysis of an Advanced Persistent Threat Malware,” SANS, October, 2011. [11] “Terms and Definitions Related to Quality of Service, Availability, and Reliability,” CCITT Fascicle III. 1Rec. G. 106, 1984. [12] V.R. Westmark, “A Definition for Information System Survivability,” System Sciences, Proceedings of the 37th Annual Hawaii International Conference on, January 2004. [13] R.J. Ellison, D.A. Fisher, R.C. Linger, H.F. Lipson, T. Longstaff, and N.R. Mead, “Survivable Network Systems: An Emerging Discipline,” Technical Report CMU/SEI-97-TR-013, November 1997. [14] W. Jiang, B.X. Fang, H.l. Zhang, and Z.H. Tian, “A Game Theoretic Method for Decision and Analysis of the Optimal Active Defense Strategy,” International Conference on Computational Intelligence and Security, 2007. [15] W. Jiang, B.X. Fang, H.l. Zhang, and Z.H. Tian, “Optimal Network Security Strengthening Using Attack-Defense Game Model,” Sixth International Conference on Information Technology: New Generations, 2009. [16] Y.S. Lin, P.H. Tsang, C.H. Chen, C.L. Tseng, and Y.L. Lin, “Evaluation of Network Robustness for Given Defense Resource Allocation Strategies,” Proceedings of the First International Conference on Availability, Reliability and Security, 2006. [17] F.Y.S. Lin, H.H. Yen, P.Y. Chen, and Y.F. Wen, “Evaluation of Network Survivability Considering Degree of Separation,” Hybrid Artificial Intelligence Systems, 2011. [18] F.Y.S. Lin, P.Y. Chen, Q.T. Chen, “Resource Allocation Strategies to Maximize Network Survivability Considering of Average DOD”, Advances in Intelligent and Soft Computing, Vol. 151, pp. 751-758, 2012. [19] S. Skaperdas, “Contest Success Functions,” Economic Theory, 1996. [20] K. Kark, J. Penn, and A. Dill, “2008 CISO Priorities: The Right Objectives but The Wrong Focus,” Le Magazine de la Securite Informatique, April 2009. [21] J.P. Pironti, “Key Elements of an Information Security Program,” Information Systems Control Journal, vol. 1, 2005. [22] A.Barth, B. Rubinstein, M. Sundararajan, J.C. Mitchell, D. Song, and P.L. Bartlett, “A Learning-Based Approach to Reactive Security,” Proceeding of the Fourteenth International Conference on Financial Cryptography and Data Security, 2010. [23] Y. Xiang, W. Zhou, and M. Chowdhury, “A Survey of Active and Passive Defence Mechanisms against DDoS Attacks,” Technical Report, TR C04/02, School of Information Technology, Deakin University, Australia, 2004. [24] G. Levitin, K. Hausken, and H. Ben Haim, “Active and Passive Defense against Multiple Attack Facilities,” International Game Theory Review, 2010. [25] G. Levitin and K. Hausken, “Preventive Strike vs. False Targets and Protection in Defense Strategy,” Reliability Engineering & System Safety, vol. 96, issue 8, pp. 912–924, 2011. [26] G. Levitin and K. Hausken, “Preventive Strike vs. Protection in Defense Strategy,” Military Operations Research, vol. 15(3), pp. 5-15, 2010. [27] G. Levitin and K. Hausken, “Shield vs. Sword Resource Distribution in K-round Duels,” Central European Journal of Operations Research, vol. 8, pp. 1-15, June 2010. [28] V. Kroening, “Prevention or Preemption? Towards a Clarification of Terminology,” Commonwealth Institute Project on Defense Alternatives Guest Commentary, 2003. [29] T. Sauer, “The Preventive and Pre-Emptive Use of Force,” Ethical Perspectives, vol. 11, no. 2-3, pp. 130-142, 2004. [30] P.S. Ford, “Israel's Attack on Osiraq: A Model for Future Preventive Strikes,” INSS Occasional Paper 59, USAF Institute for National Security Studies, USAF Academy, Colorado, pp. 15, July 2005. [31] B. Bhargava, Y. Zhang, N. Idika, L. Lilien, and M. Azarmi, “Collaborative Attacks in WiMAX Networks,” Security and Communication Networks, vol. 2(5), pp. 373-391, 2009. [32] T. Gong and B. Bhargava, “Immunizing Mobile Ad Hoc Networks against Collaborative Attacks Using Cooperative Immune Model,” Security and Communication Networks, 2011. (Under Review) [33] X. Li and S. Xu, “A Stochastic Modeling of Coordinated Internal and External Attacks,” Technical Report, 2007. [34] S. Xu, “Collaborative Attack vs. Collaborative Defense,” Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol. 10(2), pp. 217-228, 2009. [35] Websense, “Advanced Persistent Threats and Other Advanced Attacks: Threat Analysis and Defense Strategies for SMB, Mid-size, and Enterprise Organizations,” Websense, September 2011. [36] A. Juels and T.F. Yen, “Sherlock Holmes and the Case of the Advanced Persistent Threat,” RSA Laboratories, Cambridge, MA, USA, April 2012. [37] Mandiant, “M-Trends, the Advanced Persistent Threat,” Mandiant, January 2010. [38] Command Five Pty Ltd, “Advanced Persistent Threats: A Decade in Review,” Command Five Pty Ltd, June 2011. [39] Jason Andress, “Advanced Persistent Threat: Attacker Sophistication Continues to Grow,” ISSA Journal, June 2011. [40] M.S. Deutsch and R.R. Willis, “Software Quality Engineering: A Total Technical and Management Approach,” Englewood Cliffs, NJ: Prentice-Hall, 1988. [41] U.S. Department of Commerce, National Telecommunications and Information Administration, Institute for Telecommunications Services, Federal Standard 1037C. [42] P.G. Neumann, “Practical Architectures for Survivable Systems and Networks,” Technical Report, Computer Science Laboratory, SRI International, CA, 2000. [43] J. Knight and K. Sullivan, “On the Definition of Survivability,” Department of Computer Science, University of Virginia, Tech. Rep. CS-00- 33, December 2000. [44] S.D. Moitra and S.L. Konda, “A Simulation Model for Managing Survivability of Networked Information Systems,” SEI, December 2000. [45] S. Jha, J.M. Wing, “Survivability Analysis of Networked Systems,” Proceedings of the Twenty-Third International Conference on Software Engineering, pp. 872-874 2001. [46] H. Kerivin and A.R. Mahjoub, “Design of Survivable Networks: A survey. Networks,” vol. 46(1), pp.1–21, 2005. [47] B. Bassiri and S.S. Heydari,“Network Survivability in Large-Scale Regional Failure Scenarios,” Proceedings of the Second Canadian Conference on Computer Science and Software Engineering, Montreal, Quebec, Canada, pp. 83–87, 2009. [48] P.E. Heegaard and K.S. Trivedi, “Network Survivability Modeling,” Computer Networks, vol. 53(8), pp. 1215-1234, 2009. [49] F. Xing and W. Wang, “On the Survivability of Wireless Ad Hoc Networks with Node Misbehaviors and Failures,” IEEE Transactions on Dependable and Secure Computing, vol. 7, no. 3, pp. 284-299, 2010. [50] D. Chen, S. Garg, and K.S. Trivedi, “Network Survivability Performance Evaluation: A Quantitative Approach with Applications in Wireless Ad-Hoc Networks,” ACM International Workshop on Modeling, Analysis and Simulation of Wireless and Mobile System, ACM, Atlanta, GA, September 2002. [51] G. Zhao, H. Wang, and J. Wang, “A Novel Formal Analysis Method of Network Survivability Based on Stochastic Process Algebra,” Tsinghua Science Technology, vol. 12, pp. 175-179, July 2007. [52] H. Hassoun, “Fundamentals of Artificial Neural Networks,” MIT Press, 1995. [53] S. Roy, C. Ellis, S. Shiva, D. Dasgupta, V. Shandilya, and Q. Wu, “A Survey of Game Theory as Applied to Network Security”, 43rd Hawaii International Conference on System Sciences, January 2010. [54] G. Owen, “Game Theory, 3rded,” Academic Press, 2001. [55] K.P. Mueller, J.J. Castillo, F.E. Morgan, N. Pegahi, and B. Rosen, “Striking First: Preemptive and Preventive Attack in U.S. National Security Policy,” RAND Corporation, 2016. [56] J.J. Mearsheimer, “The Tragedy of Great Power Politics,” New York: W. W. Norton & Company, 2001. [57] Y.K. Wang, “Offensive Realism and the Rise of China,” Issues & Studies, vol. 40, no. 1, pp. 173-201, March 2004. [58] P. Toft, “John J. Mearsheimer: an offensive realist between geopolitics and power,” Journal of International Relations and Development, vol 8, pp. 383-386, December 2005. [59] N.D. Arora, “Political Science for Civil Services Main Examination,” Tata McGraw-Hill, 2010. | |
| dc.identifier.uri | http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/6519 | - |
| dc.description.abstract | 過去探討資訊安全時多以個人或組織企業為主體,然現階段國與國之間的資訊戰議題日益受到重視,資訊安全的範圍延伸至國防安全。當以國家為主體在探討資源分配之策略時,除了防禦資源需做完備之佈建外,亦需分配資源至攻擊上。在傳統國與國之歷史戰爭中有所謂先發制人之攻擊策略,與對方相對應之報復攻擊;此外,一國之資訊專家在國家發動資訊戰時可以召集起來各司其職,不同於一般網路攻擊中通常僅有一位攻擊者的狀況。因此,引用上述概念至研究之情境中,本研究欲以國家為主體,考慮一國具攻防雙重角色並採取多位攻擊者之協同攻擊模式,透過有效地將資源分配至防禦與攻擊上,達成國防安全之目標。
如何有效的評估網路存活度,是一個重要且值得探討的議題。在本篇論文中,我們採用平均網路分割度 (Average Degree of Disconnectivity, Average DOD) 作為衡量網路存活度的指標。平均DOD指標結合機率的概念與DOD指標,用以評估網路破壞程度,其值越大表示其網路破壞的程度越高。在我們的情境裡,考慮兩位玩家,他們皆具攻擊與防禦之雙角色能力,且雙方一開始皆不知其網路弱點資訊,是在被對方攻打後才更新其網路弱點資訊並修補弱點。 我們模擬一個多階段網路攻防情境問題,並建立最佳化資源配置之數學模型且以平均DOD的指標評量其各自之網路在攻防情境下的網路存活度。每階段雙玩家皆可在更新對方網路資訊後分配攻擊資源於彼方網路中的節點進行協同攻擊,同時透過主動防禦與被動防禦策略佈建防禦資源;且每回合皆可重新分配防禦資源、修復已被攻克的節點。在求解過程中,採用了「梯度法」及「數學分析」技巧協助搜尋攻防雙方的最佳化資源分配決策。 | zh_TW |
| dc.description.abstract | In the past, individuals and enterprises are usually the main subjects in the area of information security. Now the issue about information warfare between nation-sates is getting much attention. When discussing the resource allocation based on the subject of a nation-state, except for the allocation of defense resources, the resources allocated on attack should also be concerned. Historically, preventive strike and the corresponding retaliation from another nation-state are common in the war between two nation-states. In addition, there would be various information experts launching an attack together for a nation-state, which is called collaborative attacks that different from the situation of only one attacker in an ordinary cyber attack. Therefore, we consider two players that could attack and defend simultaneously and adopt the concept of collaborative attacks in our research model.
How to efficiently evaluate the network survivability is an important issue and worthy of discussion. In this thesis, the Average Degree of Disconnectivity (Average DOD) metric is adopted to measure the network survivability. The Average DOD combines the concept of probability with DOD metric to evaluate the damage degree of the network. The larger the Average DOD value, the higher the damage degree of the network. In our scenario, there are two players who have the dual-roles as an attacker and a defender; furthermore, both of them do not know the vulnerability information about their networks. However, the counterpart knows some. Therefore, after being attacked, they would update their vulnerabilities information and patch the vulnerabilities. We develop a multi-round network attack-defense scenario, and establish a mathematical model to optimize resource allocation and then predict their own network survivability by the Average DOD. In each round, the players could allocate their attack resources on the nodes of their own network and on another player’s network after updating related information about another player’s. Furthermore, they could reallocate existing defense resources and repair compromised nodes. To solve the problem, the “gradient method” and “game theory” would be adopted to find the optimal resource allocation strategies for both players. | en |
| dc.description.provenance | Made available in DSpace on 2021-05-17T09:14:21Z (GMT). No. of bitstreams: 1 ntu-101-R99725015-1.pdf: 1586279 bytes, checksum: ef22f0c0176303a14e9615e4c537663d (MD5) Previous issue date: 2012 | en |
| dc.description.tableofcontents | 論文摘要 III
THESIS ABSTRACT V List of Figures XIII List of Tables XVII Chapter1 Introduction 1 1.1 Background 1 1.2 Motivation 9 1.3 Literature Survey 14 1.3.1 Defender’s and Attacker’s Behaviors 15 1.3.1.1 Proactive Defense and Reactive Defense 15 1.3.1.2 Preventive Strike 17 1.3.1.3 Collaborative Attacks 19 1.3.1.4 Summary 23 1.3.2 Network Survivability 23 1.4 Thesis Organization 28 Chapter2 Problem Description 29 2.1 Degree of Disconnectivity 29 2.2 Contest Success Function 30 2.3 Average Degree of Disconnectivity 33 2.3.1 Illustration 33 2.3.2 The Calculation Procedure of the Average DOD 38 2.4 Problem Description 39 2.4.1 Dual Role as a Defender 41 2.4.1.1 Defense Strategies 41 2.4.1.2 Resource Reallocation and Node Repairing 42 2.4.1.3 Updating Information: Unknown Vulnerabilities 43 2.4.2 Dual Role as an Attacker 44 2.4.2.1 Collaborative Attacks 44 2.4.2.2 Attack Strategies 47 2.4.2.3 Rewards 48 2.4.2.4 Updating Information: Unknown Vulnerabilities and Defender’s Private Information 48 2.4.3 Summary 50 2.5 Problem Assumption 52 2.6 Mathematical Formulation 55 Chapter3 Solution Approach 67 3.1 The Solution Procedure 68 3.2 The Calculation Method of Average DOD Value 69 3.2.1 Gradient Method 69 3.2.2 Using the Gradient Method to Find the Optimal Resource Allocation Strategy 71 3.2.3 Accelerating Calculation of the Average DOD Value 76 3.2.4 The Calculation of Average DOD Value in Multi-Round 78 3.3 Using Game Theory to Find the Optimal Solution 80 3.4 Time Complexity Analysis 85 Chapter4 Computational Experiments 91 4.1 Experiment Environment 91 4.2 Balanced Bipolarity 98 4.2.1 Complete and Incomplete Information 98 4.2.1.1 Complete Information 98 4.2.1.2 Incomplete Information 102 4.2.1.3 Conclusion 108 4.2.2 The Effect of PS Strategy 109 4.2.2.1 One Player takes PS Strategy 109 4.2.2.2 Two Players take PS Strategy 115 4.2.2.3 Conclusion 121 4.3 Unbalanced Bipolarity 122 4.3.1 Resource Allocation of Attack and Defense 122 4.3.1.1 Resource Allocation Ratio under Attack to Defense is 0.3: 0.7 122 4.3.1.2 Resource Allocation Ratio under Attack to Defense is 0.5: 0.5 and 0.7: 0.3 128 4.3.1.3 Conclusion 133 4.3.2 Insufficient Resource Allocation under Different Objectives 133 4.3.2.1 Experiment 134 4.3.2.2 Conclusion 139 4.4 Balanced Bipolarity vs. Unbalanced Bipolarity 140 4.4.1 Experiment 140 Chapter5 Conclusions and Future Work 153 5.1 Conclusions 153 5.2 Future Work 157 References 163 Appendix 171 Experiment 1: Adjusted PS Strategy 173 Experiment 2: Insufficient Resource Allocation 185 Experiment 3: Different Proportions of Attack to Defense Resource 187 | |
| dc.language.iso | en | |
| dc.subject | 節點修復 | zh_TW |
| dc.subject | 攻防雙重角色 | zh_TW |
| dc.subject | 協同攻擊 | zh_TW |
| dc.subject | 弱點資訊更新 | zh_TW |
| dc.subject | 平均網路分割度 | zh_TW |
| dc.subject | 網路存活度 | zh_TW |
| dc.subject | 先發制人 | zh_TW |
| dc.subject | 先發制人效應 | zh_TW |
| dc.subject | 主動防禦 | zh_TW |
| dc.subject | 被動防禦 | zh_TW |
| dc.subject | 梯度法 | zh_TW |
| dc.subject | 資源分配 | zh_TW |
| dc.subject | Active Defense | en |
| dc.subject | After-Strike Effect | en |
| dc.subject | Passive Defense | en |
| dc.subject | Repair Nodes | en |
| dc.subject | Resource Allocation | en |
| dc.subject | Gradient Method | en |
| dc.subject | Attack-Defense Dual-Role | en |
| dc.subject | Collaborative Attacks | en |
| dc.subject | Update Unknown Vulnerabilities Information | en |
| dc.subject | Average DOD | en |
| dc.subject | Network Survivability | en |
| dc.subject | Preventive Strike | en |
| dc.title | 考慮攻防雙重角色與協同攻擊情況下之資源分配策略 | zh_TW |
| dc.title | Resource Allocation Strategies under Attack-Defense Dual-Role and Collaborative Attacks | en |
| dc.type | Thesis | |
| dc.date.schoolyear | 100-2 | |
| dc.description.degree | 碩士 | |
| dc.contributor.oralexamcommittee | 傅新彬(Hsin-Pin Fu),莊東穎(Tong-Ying Juang),鍾順平(Shun-Ping Chung),呂俊賢(Chun-Hsien Lu) | |
| dc.subject.keyword | 攻防雙重角色,協同攻擊,弱點資訊更新,平均網路分割度,網路存活度,先發制人,先發制人效應,主動防禦,被動防禦,梯度法,資源分配,節點修復, | zh_TW |
| dc.subject.keyword | Attack-Defense Dual-Role,Collaborative Attacks,Update Unknown Vulnerabilities Information,Average DOD,Network Survivability,Preventive Strike,After-Strike Effect,Active Defense,Passive Defense,Gradient Method,Resource Allocation,Repair Nodes, | en |
| dc.relation.page | 190 | |
| dc.rights.note | 同意授權(全球公開) | |
| dc.date.accepted | 2012-08-16 | |
| dc.contributor.author-college | 管理學院 | zh_TW |
| dc.contributor.author-dept | 資訊管理學研究所 | zh_TW |
| 顯示於系所單位: | 資訊管理學系 | |
文件中的檔案:
| 檔案 | 大小 | 格式 | |
|---|---|---|---|
| ntu-101-1.pdf | 1.55 MB | Adobe PDF | 檢視/開啟 |
系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。