- 學位論文
考量攻防雙方採用協同合作在多回合情境下最佳化資源配置策略之研究
Optimal Resource Allocation Strategies Under Collaborative Defense and Collaborative Attack in Multiple Rounds
摘要
許多企業與組織利用網路管理內部私密資料以及與外部使用者聯繫,然而隨著使用者對網路依賴度的提升,資訊安全的問題也越演越烈,目前資訊安全領域的問題延伸觸角至企業中,其所能造成的損失也隨之增加。在這種情況下,如何以有限的資源,進行有效率的偵測攻擊者行為、預防攻擊事件甚至是阻擋攻擊者已經成為營運者必須正視的嚴峻問題,不僅防禦資源需要進行策略性的布建,亦須分配資源至網路節點上,並修復已經被攻克的節點以增強網路存活度。 目前統計較容易造成資料重大危害的攻擊方式為協同攻擊,但許多防禦者仍採用單一防禦的方式,為了因應攻擊者的策略變化.我們提出了協同防禦來加強防禦效果。然而,如何有效率的評估網路存活度是一個重要且值得探討的議題,我們採用平均網路分割度(Average Degree of Disconnectivity)作為衡量網路存活度的指標,並且將平均DOD指標結合機率的概念,用以評估網路的破壞程度,其值越大表示其網路破壞的程度越高。在我們的情境裡,考慮兩群玩家,他們會從中選出領導者來帶領防禦或是攻擊行為。 我們模擬一個多階段網路攻防問題,並建立最佳化資源配置策略之數學模型,且以平均DOD指標評量網路在攻防情境下的網路存活度,每一階段中,玩家皆可在更新網路弱點後再分配資源於網路中的節點以進行協同防禦或協同攻擊;此外,每回合皆可重新佈署資源於不同節點上以加強網路存活度或是修復已被攻克的節點。而在求解過程中我們使用了「窮舉法」以及「次梯度法」來協助搜尋雙方的最佳資源配置策略。
並列摘要
Many corporations and organizations conduct daily business through Internet. With the accumulating population using network, the problems of information security become a critical issue. Nowadays, the problems of network security have been extended from personal to organizational. Furthermore, the attack events bring more threat to business than before. Therefore, it is a significant problems to detect attack preference, prevent attack events and even deter the attackers in advance with limited resources for the corporations. The not only have to deploy the network with defense resources but also allocate resources to the attack event. Furthermore, the defender have to decide whether to repair the compromised nodes or not. Currently, the most common type of attack is collaborative attack but most of the defender still defend lonely. Therefore, we propose hierarchical collaborative,defense model to increase the defense effect and strengthen the network survivability. However, how to evaluate network survivability efficiently is an important issue. In our research, the Average Degree of Disconnectivity is adopted to measure the network survivability. We further combine the concept of Average DOD with probability. This method is used to evaluate the damage degree of the network. The larger the Average DOD value is, the higher the damage degree of the network. In our scenario, we take two groups of players into account, both of them choose a leader to lead the defense actions or attack actions. In the beginning, the defender does not know where the vulnerabilities are in the network until they encounter attack events. After they face the attack events, the defender begin to repair the network nodes in the next round. We develop a multi-round network attack-defense scenario and establish a mathematical model to optimize resource allocation and then predict the defender’s network survivability through the Average DOD value. In each round, the players could allocate the resources on the nodes after they update the information about the opponent. Furthermore, they could reallocate the defense resources and repair the compromised nodes. To solve the problem, the method base on subgradient and the exhaustive search would be adopted to find the optimal resources allocation strategies for both groups of players.
參考文獻
延伸閱讀
- 林怡蓁(2014)。考量攻擊優先性以及多重偽裝方法下之資源分配策略〔碩士論文,國立臺灣大學〕。華藝線上圖書館。https://doi.org/10.6342/NTU.2014.01741
- Shih, I. J. (2012). 考量不完全資訊情況下多階段防禦資源分配以及防禦訊息策略選擇演算法以最大化網路存活度 [master's thesis, National Taiwan University]. Airiti Library. https://doi.org/10.6342/NTU.2012.01348
- Chen, P. Y. (2016). 運用最佳化技術決定多階段網路攻防情境中之防禦資源分配策略以優化系統之存活度 [doctoral dissertation, National Taiwan University]. Airiti Library. https://doi.org/10.6342/NTU201610075
- Chen, Y. J. (2012). 考慮攻防雙重角色與協同攻擊情況下之資源分配策略 [master's thesis, National Taiwan University]. Airiti Library. https://doi.org/10.6342/NTU.2012.01638
- Wang, J. K. (2020). Optimal Development Policy under Heterogeneous Collateral Constraint [master's thesis, National Taiwan University]. Airiti Library. https://doi.org/10.6342/NTU202003332