期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

自律入侵容忍系统的模型构建与量化分析 被引量:4

Model construction and quantitative analysis of autonomic intrusion tolerance system
下载PDF
导出
摘要 针对当前入侵容忍系统无自适应能力、缺乏定量分析等问题,提出了一个基于自律计算的自适应分级入侵容忍模型(adaptive hierarchy intrusion tolerance systembased on autonomic computing,AHITAC)。采用功能分级的分层模式,AHITAC的关键模块涵盖了访问连接的信度评估、可疑信息的主动诱骗、应用服务的分级学习与系统功能的分类恢复;同时通过自主实现可信度阈值、系统服务分级和诱骗知识库的学习和自适应过程,AHITAC实现了对入侵、可疑信息的有效容忍,提高了目标网络的自我修复能力和自我优化能力。实验结果表明,加载了AH-ITAC的目标网络服务性能稳定,容忍性能良好。 Aiming at the absence of self-adaptation ability and quantitative analysis on existent intrusion tolerance system, this paper proposed an adaptive hierarchy intrusion tolerance system based on autonomic computing ( AHIT^AC ). Adopting hierarchy modes, the critical modules of AHIT^AC included confidence evaluation of accessing, active trapping on suspicious information, hierarchy study of applications and classed recovery of system function. By implementing the study and adaptive function of confidence threshold, service classification and trap repository, AHIT^AC implemented the tolerance on intrusion and suspicious information, improving the ability of self recovery and self optimization on object network. The simulation results show that the object network with AHIT^AC is stable and tolerant.
作者 李冰洋 王慧强 冯光升
机构地区 哈尔滨工程大学计算机科学与技术学院
出处 《计算机应用研究》 CSCD 北大核心 2009年第5期1883-1887,共5页 Application Research of Computers
基金 国家高技术研究发展计划资助项目(2007AA10Z401) 国家自然科学基金重大研究计划资助项目(90718003)
关键词 自律计算 入侵容忍 信度评估 容侵度 autonomic computing intrusion tolerance confidence evaluation degree of intrusion-tolerance
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献19

  • 1FRAGA J S, POWELL D. A fault and intrusion-tolerant file system [ C]//Proc of the 3rd International Conference on Computer Security. 1985:203-218.
  • 2DOBSON J E, RANDELL B. Building reliable secure systems out of unreliable insecure components [ C ]//Proc of IEEE Symposium On Security and Privacy. Oakland : IEEE Press, 1986 : 187-193.
  • 3WU T,MALKIN M,BONEH D. Building intrusion tolerant applications[ C]//Proc of the 8th Conference on USENIX Security Symposium. Berkeley :USENIX Association, 1999:79-91.
  • 4ZHOU Li-dong,FRED B S, RENESSE R van. COCA:a secure distributed on-line certification authority[ J ]. ACM Trans on Computer Systems, 2002,20 ( 4 ) :329-368.
  • 5MARSH M A,SCHNEIDER F B. CODEX:a robust and secure secret distribution system[ J]. IEEE Trans on Dependable and Secure Computing,2001,1 ( 1 ) :3447.
  • 6LEE G, IM C, LEE T, et al. SITIS: sealable intrusion tolerance middleware for Interuet service survivability [ C ]//Proc of the 5th Pacific Rim Conference on Multimedia. Berlin : Springer,2004:564--571.
  • 7殷丽华,方滨兴.入侵容忍系统安全属性分析[J].计算机学报,2006,29(8):1505-1512. 被引量:27
  • 8荆继武,冯登国.一种入侵容忍的CA方案[J].软件学报,2002,13(8):1417-1422. 被引量:65
  • 9郭世泽,牛冠杰,郑康锋.入侵容忍系统模型构建及量化分析[J].北京邮电大学学报,2007,30(1):36-39. 被引量:14
  • 10JING Ji-wu, LIU Peng, FENG Deng-yuo, et al. ARECA: a highly attack resilient certification authority[ C]//Proc of ACM Workshop on Survivable and Self-regenerative Systems. New York: ACM Press, 2003:53-63.

二级参考文献39

  • 1杨武,方滨兴,云晓春,张宏莉,胡铭曾.一种高性能分布式入侵检测系统的研究与实现[J].北京邮电大学学报,2004,27(4):83-86. 被引量:14
  • 2Goseva-Popstojanova K,Wang F,Wang R,et al.Characterizing Intrusion Tolerant Systems Using a State Transition Model[C].Proc.of DARPA Information Survivability Conference and Exposition II (DISCEX-II),Anaheim,California,2001-06.
  • 3MCNC and Duke University.Sitar:A Scalable Intrusion Tolerant Architecture for Distributed Services[R].Technical Report,Research Proposal to DARPA BAA-00-15,2000.
  • 4Cristian F.Understanding Fault-tolerant Distributed Systems[J].Communications of the ACM,1991,34 (2):56-78.
  • 5[1]Gemmell, P.S. An introduction to threshold cryptography. CryptoBytes, 1977,2(7):7~12.
  • 6[2]Wu, T., Malkin, M., Boneh, D. Building intrusion-tolerant applications. In: Proceedings of the USENIX Security Symposium. 1999. 79~91.
  • 7[3]Shoup, V. Practical threshold signatures. In: Proceedings of the Eurocrypt 2000. Bruges (Brugge): Springer-Verlag, 2000. 207~220.
  • 8[4]Frankel, Y., Gemmell, P., MacKenzie, P.D., et al. Optimal-Resilience proactive public-key cryptosystems. In: IEEE Symposium on Foundations of Computer Science. 1997. 384~393.
  • 9Amoroso E. G.. Intrusion Detection: An Introduction to Internet Surveillance,Correlation,Trace Back,Traps,and Response. Intrusion. Net Books, 1999
  • 10Northcutt S., Novak J.. Network Intrusion Detection: An Analysts' Handbook. New Riders, 2000

共引文献151

同被引文献25

  • 1彭文灵,王丽娜,张焕国.基于随机过程的容侵系统可信性量化方法[J].计算机工程,2005,31(22):7-8. 被引量:3
  • 2张海俊,史忠植.自主计算环境[J].计算机工程,2006,32(7):1-3. 被引量:10
  • 3殷丽华,方滨兴.入侵容忍系统安全属性分析[J].计算机学报,2006,29(8):1505-1512. 被引量:27
  • 4郭世泽,牛冠杰,郑康锋.入侵容忍系统模型构建及量化分析[J].北京邮电大学学报,2007,30(1):36-39. 被引量:14
  • 5赖积保,王慧强,王健.系统可生存性研究综述[J].计算机科学,2007,34(3):237-239. 被引量:7
  • 6FRAGA J, POWELL D. A fault and intrusion-tolerant file system [ C]// Proceedings of the 3rd International Conference on Computer Security. Washington, DC: IEEE Computer Society, 1985: 203- 218.
  • 7DESWARTEY, BLAIN L, FABRE J C. Intrusion tolerance in distributed computing systems [ C]// Proceedings of the 1991 IEEE Symposium on Research in Security and Privacy. Washington, DC: IEEE Computer Society, 1991:110 - 121.
  • 8Organically assured and survivable information system (OASIS) [ EB/OL]. [ 2010 - 01 - 02]. http://www, tolerantsystems, org.
  • 9STROUD R, WELCH I, WARNE J, et al. A qualitative analysis of the intrusion-tolerance capabilities of the MAFTIA architecture [ C]//Proceedings of the 2004 International Conference on Dependable Systems and Networks. Washington, DC: IEEE Computer Society, 2004:453-461.
  • 10Dacier M.Design of an Intrusion Tolerant Intrusion Detection System[R].University of Newcastle,Tech.Rep.:IST-1999 11583,2002.

引证文献4

二级引证文献6

计算机应用研究
2009年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部