期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

入侵容忍的计算机网络系统研究 被引量:3

Study on intrusion-tolerant computer networks
下载PDF
导出
摘要 提出了入侵容忍的计算机网络系统结构,实现了局域网中的入侵容忍机制。该机制可以容忍流量攻击,并提高入侵检测准确率以及保证系统结果的正确一致性和可用性。实验分析了入侵检测准确率和系统的可用性,结果表明,入侵容忍机制可以明显提高计算机网络的安全性能。 An architecture of intrusion-tolerant networked system is proposed and some intrusion-tolerance approaches are implemented in the Local Area Networks(LAN). These approaches can be used to tolerate the traffic attacks, increase the intrusion detection accuracy and guarantee the correct consistency of results. The system availability and detection accuracy are also analyzed in the experiments. The results show that the intrusion-tolerant approaches can improve the security of computer networks.
作者 周华 贺文辉 马建锋
机构地区 西安通信学院
出处 《计算机工程与应用》 CSCD 2012年第16期111-116,共6页 Computer Engineering and Applications
基金 国家自然科学基金项目(No.60774091) 陕西省自然科学基金项目(No.2011JQ8039)
关键词 入侵容忍 网络系统 前端子系统 入侵检测 可信实时计算基 intrusion tolerance networked system front-end subsystem intrusion detection trusted timely computing base
分类号 TP309.2 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献14

  • 1Correia M,Neves N F, Lung L C, et al.Byzantine-resis- tant consensus based on a novel approach to intrusion tolerance[C]//Fast Abstract in Supplement of the 10th Pacific Rim International Symposium on Dependable Computing, 2004.
  • 2Moniz H, Neves N F, Correia M.Randomized intru- sion-tolerant asynchronous services[C]//Proceedings of the International Conference on Dependable Systems and Networks(DSN' 06), 2006: 568-577.
  • 3Correia M, Verissimo P, Neves N EThe design of a COTS real-time distributed security kemel[C]//Proceed- ings of the Fourth European Dependable Computing Conference, 2002 : 234-252.
  • 4Correia M, Neves N F, Verissimo RHow to tolerate half less one byzantine nodes in practical distributed systems[C]//Proceedings of the 23rd IEEE Symposium on Reliable Distributed Systems, 2004 : 174-183.
  • 5Dunlap G, King S, Cinar S, et al.ReVirt: enabling intru- sion analysis through virtual-machine logging and re- play[C]//Proceedings of the 2002 Symposium on OSDI,2002:211-224.
  • 6S Wen-Chen, C Yi-Ming.On the design of an global in- trusion tolerance network architecture against the inter- net catastrophes[J].The Journal of Systems and Soft- ware,2009,82(8) : 1313-1325.
  • 7Kahn C,Porras P, Staniford-Chen S, et al.A common in- trusion detection framework[EB/OL]. ( 1998).http://citese- erx.ist.psu.edu/viewdoc/download?doi= 10.1.1.3.3678&rep= rep 1 &type=pdf.
  • 8Cupqq[EB/OL].http://kdd.ics.uci.edu/databases/kddcup99/ kddcup99.html.
  • 9Correia M, Verissimo P, Neves N F.The design of a COTS real-time distributed security kernel(extended ver- sion), DI/FCUL TR-01-12[R].Portugal: Department of Com-puter Science,University of Lisbon,2001.
  • 10Verissimo P, Rodrigues L, Baptism M.AMP: a highly parallel atomic multicast protocol[C]//Proceedings of the ACM SIGCOMM, 1989: 83-93.

二级参考文献8

  • 1VERiSSIMO P, NEVES N F, CACHIN C. Intrusion-tole rant middleware: the road to automatic security[ J]. IEEE Security & Privacy, 2006, 4(4) :54-62.
  • 2CORREIA M, NEVES N F, LUNG L C, et al. Byzantine-resistant consensus based on a novel approach to intrusion tolerance [ C ]//Proc of the 10th Pacific Rim International Symposium on Dependable Computing. Tahiti, French Polynesia: [ s. n. ] ,2004.
  • 3MONIZ H, NEVES N F, CORREIA M. Randomized intrusion-tole rant asynchronous services [ C ]//Proc of International Conference on Dependable Systems and Networks. 2006:568-577.
  • 4REITER M K. A secure group membership protocol[ J]. IEEE Trans on Software Engineering, 1996, 22(1 ):31-42.
  • 5CORREIA M, NEVES N F, VERiSSIMO P. How to tolerate half less one Byzantine nodes in practical distributed systems [ C ]//Proc of the 23rd IEEE Symposium on Reliable Distributed Systems. 2004:174-183.
  • 6LUNG L C, CORREIA M, NEVES N F, et al. A simple intrusion- tolerant reliable multicast protocol using the TTCB [ EB/OL ] . (2003). http: //www. di. fc. ul. pt/-nuno/PAPERS/ SBRC03. pdf.
  • 7CORREIA M, VERiSSIMO P, NEVES N F. The design of a COTS real-time distributed security kernel[ C ]// Proc of the 4th European Dependable Computing Conference. 2002 :234-252.
  • 8MENEZES A J, OORSCHOT P C, VANSTONE S A. Handbook of applied cryptography[ M]. [ S.l. ] : CRC Press, 1996.

共引文献1

同被引文献18

  • 1Todd J.Compiler-generated software diversity[M]//Moving target defense.[S.l.]:Springer,2011:77-98.
  • 2Kc G S,Keromytis A D,Prevelakis V.Countering codeinjection attacks with instruction-set randomization[C]//Proceedings of the 10th ACM Conference on Computer and Communications Security(CCS),2003.
  • 3Boyd S W.On the general applicability of instruction-set randomization[J].IEEE Transactions on Dependable and Secure Computing,2010,7(3):255-270.
  • 4Al-Shaer E.Toward network configuration randomization for moving target defense[J].Moving Target Defense,2011:153-159.
  • 5Huang Y,Ghosh A K,Bracewell T,et al.A security evaluation of a novel resilient web serving architecture:lessons learned through industry/academia collaboration[C]//Dependable Systems and Networks Workshops,2010:188-193.
  • 6Huang Y,Sood A.Self-cleansing systems for intrusion containment[C]//Proceedings of Workshop on Self-Healing,Adaptive,and Self-Managed Systems(SHAMAN),2002.
  • 7Sushil J,Anup K G,Vipin S.Moving target defense-creating asymmetric uncertainty for cyber threats[M].[S.l.]:Springer,2011.
  • 8Al-Shaer E.Introducing diversity and uncertainty to create moving attack surfaces for web services[J].Moving Target Defense,2011:131-151.
  • 9Franz M.E unibus pluram:massive-scale software diversity as a defense mechanism[C]//Proceedings of the2010 Workshop on New Security Paradigms(NSPW),2010.
  • 10吴贤达.基于网络安全的人侵容忍技术[J].科技展望,2014.

引证文献3

二级引证文献5

计算机工程与应用
2012年 第16期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部