管理學院: 資訊管理學研究所指導教授: 林永松王猷順Wang, Yu-ShunYu-ShunWang2017-03-062018-06-292017-03-062018-06-292016http://ntur.lib.ntu.edu.tw//handle/246246/275677本論文探討最大化網路平均存活度之問題,衡量存活度時,網路承擔的風險 (risk) 可作為一個合法的指標,其中攻方受限於一組描述其攻擊行為之參數 (profile) ,而防方受限於有限之總資源與策略,相較於過往研究,本文在攻防情境部份做出以下二點延伸,首先,不再需假設攻方對目標網路之結構與防禦資源配置具有完整資訊,再者,允許攻擊者對單一目標發動可產生綜效 (synergy) 之合作攻擊 (collaborative attack),衡量綜效之方式除採用經濟學之柯布-道格拉斯函數 (Cobb-Douglas function) 外,本文亦提出另一種考量參與者間交互關係之綜效模型。上述情境已塑模 (model) 為二個一般化之數學規劃問題,包括攻擊者問題 (commander problem) 以及防禦者問題 (defender problem) ,同時提出一套融合數學規劃以及模擬技巧之新穎的二階段解題方法。 具體而言,該法包括「目標函數評估階段 (objective function evaluation phase) 」以及「防禦策略優化階段 (defense policy enhancement phase) 」,於目標函數評估階段中,透過模擬 (simulation) 之技巧評估目前防禦策略之效度,而防禦策略優化階段則致力於調整目前之防禦策略使目標函數得以最佳化,本文提出以下三種優化方式: (一)、方向導函數定義法 (definition of directional derivatives) :該法透過數值方法 (numerical procedure) 依照方向導函數 (directional derivatives) 之定義求得每一決策變數之次梯度,進而優化防禦策略,該法在花費至多7.5小時之時間下可優化目標函數至少21%、 (二)、區域資訊估測法 (local information estimation) :此法充分利用目標函數評估階段所花費之運算資源,於模擬過程中收集重要資訊,將其視為次梯度之估測值,降低所需之執行時間,該法在花費至多1.8小時之時間下可優化目標函數至少13%、以及 (三)、混合優化法 (hybrid enhancement) :結合次梯度定義法以及區域資訊估測法之特性所開發出之優化法,以期兼具效率和效果,該法在花費至多2.0小時之時間下可優化目標函數至少28%。透過實驗結果,可清楚呈現上述解題方法與演算法之適用性和有效性。In this dissertation, we consider the problem of maximizing network average survivability in a protected network subject to attacker profile/behavior constraints and defender resource/strategy constraints. When evaluating survivability, the risk of the network can be a legitimate metric. Compared with previous research, the following two enhancements are made. First, we no longer assume that complete information regarding the network topology and defense resource allocation is fully available for attackers. Second, collaborative attack, which produces synergy, is considered in this study. Besides measuring the synergy by Cobb-Douglas Function from economics, another model which takes member’s interrelationship to formulate synergy is proposed. The scenario is modeled as two generic mathematical programming problems (the commander problem and the defender problem), and a novel two-phase solution approach, which well combines mathematical programming and simulation techniques, is proposed. More specifically, in the “Objective Function Evaluation Phase”, efficient and effective simulations are conducted to evaluate the effectiveness of the current defense policy; whereas, in the “Defense Policy Enhancement Phase”, three enhancement methods are proposed and compared, including: (1) definition of directional derivatives, which calculates directional derivatives of each decision variable through numerical procedure, it achieves at least 21% improvement and consumes at most 7.5 hours, (2) local information estimation, which applies easy-to-collect information gathered from the “Objective Function Evaluation Phase” to estimate directional derivatives of each decision variable, it achieves at least 13% improvement and consumes at most 1.8 hours, and (3) hybrid enhancement, which is developed to integrate advantages of above two methods, it achieves at least 28% improvement and consumes at most 2.0 hours. From computational experiments, applicability and effectiveness of the proposed framework and algorithms are clearly demonstrated.3168752 bytesapplication/pdf論文公開時間: 2021/7/6論文使用權限: 同意有償授權(權利金給回饋本人)最佳化網路攻防不完整資訊資源分配數學規劃蒙地卡羅模擬法OptimizationNetwork Attack and DefenseIncomplete InformationResource AllocationMathematical ProgrammingMonte Carlo Simulation以最佳化技術為基礎之網路防禦方式最大化平均系統存活度An Optimization-based Methodology for Network Defense to Maximize Average System Survivabilitythesis10.6342/NTU201600356http://ntur.lib.ntu.edu.tw/bitstream/246246/275677/1/ntu-105-D98725002-1.pdf