一種基於階層式彩色派翠網具入侵容錯之動態取證系統

本文使用彩色派翠網（CPN）以及階層式彩色派翠網（HCPN）[7]，建構一個具有入侵容錯的取證系統，並使用節點選擇方式定義派翠網中事件移動路徑，以及運用模糊控制理論 [8]分析風險程度。在本文研究中，結合派翠網與入侵容錯機制 [5]，令伺服器在受到入侵威脅時，將惡意封包重新導向至影子伺服器，透過派翠網以及模糊控制中輸入作業員的經驗法則，判斷進入伺服器的請求封包之威脅程度，並針對威脅進行取證並儲存，以增加伺服器對惡意入侵的抵抗能力。

關鍵字

階層式彩色派翠網；入侵容錯；模糊控制

並列摘要

In this paper, we propose a dynamic forensics system (DFS) with intrusion tolerance by using Hierarchical Fuzzy Coloured Petri-Nets (HFCPNs), which is utilized to analyze the risk level of the traffic packets received from real server. We improve the intrusion tolerance mechanism [6] by using HFCPNs. When the server is under some threats of intrusion, the malicious packets can be detected by the DFS, and will redirect them to shadow server. By way of using the Coloured Petri Nets and depending on the operator’s experience of fuzzy control, we support more detail design for DFS which can detect more malicious threats than [6]. Therefore, the design of transition will be more flexible for preventing various malicious threats in the DFS.

並列關鍵字

Hierarchical Coloured Petri-Nets ； Intrusion Tolerance ； Fuzzy Contorl

參考文獻

[22] 張兆旭，“Fuzzy 淺談”，初版，松崗科技股份有限公司，台北，1993

[1] A. J. Romiszowski, “A New Look Instruction Design: Part2: Instruction: Integrating One’ S Approach,” British Journal of Educational Technology, pp. 13, 1982.

[2] A. Yasinsac, Y. Manzano. “Honeytraps, a network forensic tool,” Sixth Multi-Conference on Systemics, Cybernetics and Informatics, Orlando, Florida, USA, 2002.

[3] B. D. Liu and C. Y. Huang, “Design and Implementation of the Tree-Based Fuzzy Logic Controller,” IEEE TRANSACTIONS ON SYSTEMS, MAN, AND CYBERNETICS—PART B: CYBERNETICS, Vol. 27, No. 3, pp. 475-487, 1997

[4] E. H. Mamdani, “Application of fuzzy logic to approximate reasoning using linguistic synthesis,” IEEE Trans. Computers, Vol.C-26, 1977.

國際替代計量

一種基於階層式彩色派翠網具入侵容錯之動態取證系統

未授權

主題瀏覽