Intrusion response goals and corresponding strategies 被引量：1

Intrusion response goals and corresponding strategies

下载PDF

导出

摘要 The effects of strategy on the network security defense and the related research on intrusion response strategy are briefly presented, with the focus on the status and function of intrusion re- sponse strategy in the intrusion response decision-making. Some specific response strategies for specific response goals are presented as well. The relevant knowledge of the planning, and a classification of response tasks are proposed. The intrusion response planning methods and models based on hierarchical task network （HTN） are described in detail. On this basis, the model of combining the response measure decision-making with the response time decision-making is expounded. The proposed model can integrate response strategy into response decision-making mechanism. In addition, the results of the intrusion response experiments are provided to verify the ability of using different response strategies to achieve different response goals. At last, the application needs of response strategy in network security are analyzed, and the approaches of the response strategy applied in in- trusion response system are summarized. The effects of strategy on the network security defense and the related research on intrusion response strategy are briefly presented, with the focus on the status and function of intrusion re- sponse strategy in the intrusion response decision-making. Some specific response strategies for specific response goals are presented as well. The relevant knowledge of the planning, and a classification of response tasks are proposed. The intrusion response planning methods and models based on hierarchical task network （HTN） are described in detail. On this basis, the model of combining the response measure decision-making with the response time decision-making is expounded. The proposed model can integrate response strategy into response decision-making mechanism. In addition, the results of the intrusion response experiments are provided to verify the ability of using different response strategies to achieve different response goals. At last, the application needs of response strategy in network security are analyzed, and the approaches of the response strategy applied in in- trusion response system are summarized.

作者穆成坡韩操正帅冰

机构地区 School of Mechatronical Engineering

出处《Journal of Beijing Institute of Technology》 EI CAS 2012年第2期185-191,共7页 北京理工大学学报（英文版）

关键词 intrusion response strategy intrusion response decision-making intrusion detection hierarchical task network planning network security intrusion response strategy intrusion response decision-making intrusion detection hierarchical task network planning network security

分类号 TP393.08 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献1

1穆成坡,黄厚宽,田盛丰.入侵进程的层次化在线风险评估[J].计算机研究与发展,2010,47(10):1724-1732. 被引量：8

二级参考文献11

1穆成坡,黄厚宽,田盛丰,林友芳,秦远辉.基于模糊综合评判的入侵检测报警信息处理[J].计算机研究与发展,2005,42(10):1679-1685. 被引量：49
2Mu Chengpo,Huang Houkuan,Tian Shengfeng.Intrusion detection alert verification based on multi-level fuzzy comprehensive evaluation[C]//LNAI 3801:Proc of 2005 Int Conf on Computational Intelligence and Security.Berlin:Springer,2005:9-16.
3ISO/IEC.Common Criteria for Information Technology Security Evaluation (CC),V2.1[OL].1999[2009-09-20].http://www.commoncriteria.org.
4Stephen S Yau,Zhang Xinyu.Computer network intrusion detection assessment and prevention based on security dependency relation[C]//Proc of COMPSAC99.Los Alamitos,CA:IEEE Computer Society,1999:86-91.
5Porras P A,Fong M W.Valdes A.A mission-impact-based approach to INFOSEC alarm correlation[C]//Proc of the 5th Int Symp on Recent Advances in Intrusion Detection.Berline:Springer,2002:95-114.
6Ourston D,Matzner S,Stump W,et al.Coordinated Internet attacks:Responding to attack complexity[J].Journal of Computer Security,2004,12(2):165-190.
7Boyer S,Dain O,Cunningham R.Stellar:A fusion system for scenario construction and security risk assessment[C]//Proc of the 3rd IEEE Int Workshop on Information Assurance.Los Alamitos,CA:IEEE Computer Society,2005:105-116.
8Mu C P,Li X J,Huang H K,et al.Online risk assessment of intrusion scenarios using D-S evidence theory[C]// LNCS 5283:Proc of the 13th European Symp on Research in Computer Security.Berline:Springer,2008:35-48.
9Bass T,Robichaux R.Defence-in-depth:Qualitative risk analysis methodology for complex network centric operation[C]//Proc of IEEE Military Communications Conf.Piscataway,NJ:IEEE,2001:64-70.
10McCabe B,Ford D.Using belief networks to assess risk[C] //Proc of the 2001 Winter Simulation Conf.Washington DC:IEEE Computer Society,2001:1541-1546.

共引文献7

1马刚,杜宇鸽,荣江,甘家瑞,史忠植,安波.基于威胁传播的复杂信息系统安全风险评估[J].清华大学学报（自然科学版）,2014,54(1):35-43. 被引量：7
2吴天水,赵刚.基于网络分析与D-S证据理论的信息安全风险评估[J].计算机与数字工程,2014,42(10):1801-1807. 被引量：3
3宫璐,李俊生,白加德,赵相健,赵彩云.外来入侵物种管理中的排序体系研究进展[J].生态科学,2015,34(2):179-186. 被引量：1
4马刚,杜宇鸽,安波,张博,王伟,史忠植.基于威胁传播采样的复杂信息系统风险评估[J].计算机研究与发展,2015,52(7):1642-1659. 被引量：7
5任肖肖,罗军勇,尹美娟,何升.基于推理模型的报警关联分析方法[J].信息工程大学学报,2015,16(4):483-487. 被引量：1
6马刚,杜宇鸽,杨熙,张博,史忠植.复杂系统风险评估专家系统[J].清华大学学报（自然科学版）,2016,56(1):66-76. 被引量：1
7冯馨.基于监控工具与入侵检测的实时通讯以防治蠕虫设计[J].电脑知识与技术,2012,8(5X):3534-3537.

同被引文献14

1Sun Deheng,Gao Ling.The performance prediction and early warning of network based on grey model[J].Advances in information Sciences and Service Sciences,2011,3(10):497-504.
2Zhang Jie,Tang Jun,Pei Fang.A method for network security risk assessment and decision-making based on the cloud model[J].Journal of Convergence Information Technology,2012,7(6):146-153.
3Yan Zhihui,Liu Zhigang,Deng Gengsheng.An approach to evaluating the network security in triangular fuzzy environment[J].International Journal of Digital Content Technology and its Applications,2012,6(19):410-416.
4Chuang Liyeh,Chihjen Hsiao,Yang Chenghong.Chaotic particle swarm optimization for data clustering[J].Expert Systems with Applications,2011,38:14555-14563.
5You Minglei,Jiang Ting.New method for target identification in a foliage environment using selected bispectra and chaos particle swarm optimisationbased support vector machine[J].IET Signal Processing,2014,8(1):76-84.
6姜伟,方滨兴,田志宏,张宏莉.基于攻防博弈模型的网络安全测评和最优主动防御[J].计算机学报,2009,32(4):817-827. 被引量：153
7ZHANG GuoPeng,YANG Kun,DING EnJie.Power allocation scheme for selfish cooperative communications based on game theory and particle swarm optimizer[J].Science China(Information Sciences),2010,53(9):1908-1912. 被引量：9
8谢柏林,余顺争.基于应用层协议分析的应用层实时主动防御系统[J].计算机学报,2011,34(3):452-463. 被引量：27
9徐文星,耿志强,朱群雄,顾祥柏.基于SQP局部搜索的混沌粒子群优化算法[J].控制与决策,2012,27(4):557-561. 被引量：22
10胥小波,蒋琴琴,郑康锋,武斌,杨义先.基于混沌粒子群的IDS告警聚类算法[J].通信学报,2013,34(3):105-110. 被引量：13

引证文献1

1李纪真,孟相如,崔文岩,庄绪春.双重三角模糊矩阵博弈主动预警响应决策模型[J].华中科技大学学报（自然科学版）,2015,43(8):92-97. 被引量：1

二级引证文献1

1赵洪斌,陈奕延.基于三角模糊数的不完全信息静态库诺特博弈模型及其应用[J].生产力研究,2021(10):17-21. 被引量：1

1夏磊,蒋建中,高志昊.入侵诱骗、入侵检测、入侵响应三位一体的网络安全新机制[J].计算机应用与软件,2007,24(4):171-173. 被引量：6
2Yi Ping,Zou Futai,Jiang Xinghao,Li Jianhua.Multi-agent cooperative intrusion response in mobile adhoc networks[J].Journal of Systems Engineering and Electronics,2007,18(4):785-794. 被引量：6
3何向荣,沈佐民,吴璞,王汝传.移动代理入侵检测系统中的自适应技术的研究[J].计算机技术与发展,2006,16(2):229-231. 被引量：1
4Ziyan Shi Guolin Zhao Qiaolin Hu.A Design of the Network Security Evaluation System[J].International Journal of Technology Management,2014(9):103-105.
5李红霞,王光,孙宁,刘腊梅.基于移动Agent的主动网络自适应入侵响应系统的研究[J].计算机安全,2009(2):49-52. 被引量：1
6Zhang Yibin Yan Zequan.Researches On The Network Security Evaluation Method Based Bn BP Neural Network[J].International Journal of Technology Management,2014(9):93-95.
7宋承继.基于数据挖掘技术在软件项目风险管理决策系统的研究[J].中国新技术新产品,2010(2):24-24. 被引量：1
8石进,郭山清,陆音,谢立.一种基于攻击图的入侵响应方法[J].软件学报,2008,19(10):2746-2753. 被引量：17
9Frank L. Lewis.Special issue on Networked sensing,decision-making and control[J].控制理论与应用（英文版）,2010,8(1):1-1.
10游凤芹,吴国新.基于主动网的自适应入侵响应系统的研究[J].计算机工程与设计,2007,28(4):792-795. 被引量：2

Journal of Beijing Institute of Technology

2012年第2期

浏览历史

内容加载中请稍等...