https://scholars.lib.ntu.edu.tw/handle/123456789/105293
標題: | Efficient Defense Strategies to Minimize Attackers’ Success Probabilities in Honeynet | 作者: | Lin, F.Y.S. Wang, Y.S. YEONG-SUNG LIN |
公開日期: | 2010 | 起(迄)頁: | 80-85 | 來源出版物: | IAS’10. (EI) | 摘要: | In this paper, we consider the problem of minimizing attackers' success probability in a protected network subject to attacker profile/behavior constraints and defender resource/strategy constraints. Compared with previous research, the following two enhancements are made. First, we no longer assume that perfect knowledge regarding the network topology and defense resource allocation is fully available for attackers (a worst case scenario for the defender). Second, all combinations of attacker classes can be considered, where each attacker class may be associated with any number of attributes, including ratio, intelligence/experience level, available attack resource and sophisticated attack strategies. The problem is modeled as a generic mathematical programming problem, and a novel two-phase solution approach, which well combines mathematical programming and simulation techniques, is proposed. More specifically, in the "Evaluation Phase", efficient and effective simulations are conducted to evaluate the effectiveness of the current defense policy; whereas, in the "Defense Policy Enhancement Phase", specially-proposed and easy-to-collect information from the "Objective Function Evaluation Phase" is adopted to calculate gradients of the decision variables. From computational experiments on honeynet, applicability and effectiveness of the proposed framework and algorithm are clearly demonstrated. © 2010 IEEE. |
URI: | http://ntur.lib.ntu.edu.tw//handle/246246/244686 | DOI: | 10.1109/ISIAS.2010.5604046 | SDG/關鍵字: | Attack strategies; Computational experiment; Decision variables; Defense policy; Defense strategy; Evaluation phase; Framework and algorithms; Honeynet; Honeypots; Imperfect Knowledge; Mathematical programming problem; Network attack; Network survivability; Network topology; Phase solutions; Protected networks; Simulation technique; Worst case scenario; Computer crime; Electric network topology; Function evaluation; Network security; Probability; Mathematical programming |
顯示於: | 資訊管理學系 |
在 IR 系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。