指導教授：林永松臺灣大學：資訊管理學研究所周聿軒Chou, Yu-HsuanYu-HsuanChou2014-11-292018-06-292014-11-292018-06-292014http://ntur.lib.ntu.edu.tw//handle/246246/263530近年來，由於網際網路與資訊科技的發展，越來越多的交易服務提供都在網路上。越來越多的企業開始在網路上提供服務與創造新的事業，正因如此，持續性的服務提供與可靠的資料儲存對於企業與客戶來說越來越重要。然而，網路世界的駭客也隨著科技發展使得攻擊手法與能力與日俱增，協同攻擊就是一個很好的例子。一群網路上的攻擊者可以一起合作來發動協同攻擊，他能帶給目標網路更大更強的傷害。另一方面，在真實世界上常常會發生許多的天然災害，舉例來說，台灣在1999年發生的921大地震與日本在2011年發生的311大地震伴隨著海嘯，都帶來了巨大的生命財產損失。 由於這些天災人禍，它們可能會對於企業網路產生重大的影響，企業必須要抵抗這些惡意攻擊與天然災害來使得使用者能持續使用網路服務，並且有著安全的資料儲存空間。因此，本研究的目標就是要幫助企業找到一個好的防禦方式來抵抗這些惡意攻擊與天然災害。基於數學規劃與Monte Carlo simulation，我們將採用“Definition of Gradient”與“Local Information Estimation”來找到一個最佳的資源分配方式，讓防禦者能在有限資源下達到對大的防禦效果。Nowadays, more and more transactions and services are provided on internet, thanks to the development of the Internet and information technologies. There are many enterprises provide businesses and services on internet. Therefore, service continuity and data storage reliability are very important to both companies and customers. However, attackers like hackers have being more and more powerful and skillful on cyber-attacks. For example, collaborative attack is a powerful attack method that enables a group of attackers working together and every attacker can cooperate with each other. Therefore, attackers can group together and make more powerful attack on their target network because of collaborative attack. Moreover, enterprise network may be impacted by serious natural disasters. For example, the earthquake on September 21, 1999 in Taiwan and the one on March 11, 2011 in Japan which was followed by a large tsunami. They both caused tremendous damages in society. Enterprises and organizations may face with varieties of threats such as cyber-attacks and natural disasters. These threats could cause serious impact on company network or system. It is important for system or network to improve its robustness by adopting Quality of Service (QoS) requirements on user service satisfaction and data storage, so that all categories of malicious assaults and natural disasters can be prevented. Our goal is to help defender find out the trade-off balance and offer a guideline to allocate defense resources. Since the attacking process might be complicated and non-deterministic, we resort to the Monte Carlo simulation method to simulate a variety of feasible attack strategies. First, we look for a powerful and efficient attack method to attack target network. Then, we carry out an attack-defense simulation and gather information to evaluate the optimal method of allocating defense resources according to the topology and defending strategies.致謝 I Thesis Abstract II 論文摘要 IV Table of Contents VI List of Figures VIII List of Tables X Chapter 1 Introduction 1 1.1 Background 1 1.2 Motivation 9 1.3 Literature Survey 12 1.3.1 Survivability 12 1.3.2 Collaborative Attack 14 1.3.3 Natural disaster 15 1.3.4 Virtualization 18 1.3.5 Dynamic Topology Reconfiguration 19 1.4 Thesis Organization 20 Chapter 2 Problem Formulation 21 2.1 Problem Description 21 2.1.1 Components failure 21 2.1.2 Natural disaster 22 2.1.3 Attacker Perspective 26 2.1.4 Defender Perspective 29 2.2 Attack-defense Scenario 35 2.2.1 The view of a specific node 35 2.2.2 The view of the network 38 2.3 Mathematical Formulation 51 Chapter 3 Solution Approach 60 3.1 Mathematical Programming 60 3.2 Monte Carlo Simulation 61 3.3 Problem Evaluation Process 63 3.4 Policy Enhancement 66 3.4.1 Commander Enhancement 66 3.4.2 Defender Enhancement 67 Chapter 4 Computational Experiment 82 4.1 Experiment Environment 82 4.2 Simulation Result 85 4.2.1 Convergence Evaluation Times 85 4.2.2 Topology Robustness 86 4.2.3 Steal confidential information analysis 89 4.3 Enhancement results 91 4.3.1 Enhancement in proactive and reactive defense resource 91 4.3.2 Enhancement in QoS related reactive defense resource 98 4.3.3 Enhancement in secret sharing strategy 100 Chapter 5 Conclusion and Future Work 102 Reference 1043788051 bytesapplication/pdf論文公開時間：2014/03/08論文使用權限：同意有償授權(權利金給回饋本人)協同攻擊網路攻防網路存活度天然災害最佳化資源分配數學規劃法蒙地卡羅法不完全資訊thesishttp://ntur.lib.ntu.edu.tw/bitstream/246246/263530/1/ntu-103-R00725050-1.pdf