透過您的圖書館登入
IP:18.213.110.162
  • 學位論文

A Study of Dynamic Propagation and Defense Policy for Malicious Software

A Study of Dynamic Propagation and Defense Policy for Malicious Software

指導教授 : 古政元
若您是本文的作者,可授權文章由華藝線上圖書館中協助推廣。

摘要


惡意軟體威脅企業的資訊安全,導致業務連續性和盈利能力造成負面影響。為了部署防毒對策,有必要了解並探索惡意軟體動態傳播行為。然而資訊安全被視為具穩私性的議題,因此資料取得不易,造成資訊安全管理研究的限制。本研究使用系統動力學克服此障礙,進行惡意軟體動態傳播行為的分析與模擬,並評估防治政策。惡意軟體動態傳播與惡意軟體、使用者行為、防毒軟體及系統/軟體公司有關。因此本研究依據參與者行為繪製因果關係圖,分析防治政策控制點,再依因果關係圖建構模型,模擬惡意軟體動態傳播行為,並對防治政策進行評估。 模擬結果顯示,政策1「加強系統/軟體更新率」最能抑制對惡意軟體傳播,其次是政策5「隔離」;政策3「使用防毒軟體並更新病毒碼」能在最短時間內降低感染累積數量並增加恢復累積數量;政策4「通報機制」對防毒軟體公司能力的提昇最顯著;政策2「減少接觸率」雖然不是最有效,但接觸率對惡意軟體傳播十分敏感。研究結果顯示重要的管理涵養:(1) 個人與企業應重視修補管理。然而,對企業而言,修補程序會增加額外的工作量,且可能造成不兼容的問題,故複雜企業運作修補程序有困難性。因此,發展雲端運算服務有助於改善修補管理的困境;(2) 資訊安全管理政策制定應優先於實體安全。雖然安全技術發展快速且效果顯著,但若無管理政策配合,亦無法減輕惡意軟體的威脅。資訊安全管理和稽核政策應強制執行,並不斷監測、維護和改進。

關鍵字

無資料

並列摘要


Malicious software remains the information security threat for business and result a devastating effect on business continuity and profitability. In order to deploy antivirus countermeasures, it is necessary to understand and explore the computer virus propagation. However, information security is treated as a privacy and serious issue, and the data is not generally available. It leads to the limitations of the study of information security management. In this research, system dynamics is used to overcome this weakness, and focuses on malicious software dynamic propagation and assessment of defense policy. First, the computer viruses propagation model are presented and analysis from system viewpoint. Second, the effectiveness of preventive countermeasures are explored and evaluated. Finally, several considerations for manager to practice are suggested. Results of this research showed: (1) policy 1, Enhance the system/software update/upgrade rate is the most useful on inhibition of computer virus propagation. Policy 5, Quarantine is secondary; (2) policy 3, Use anti-virus software and update virus signatures reduce the infectious and increase the recovered in a short time; policy 4, Report information security events (Notification Process) can enhance significantly antivirus software company ability even though it is not more significant on infectious and infection rate than other policies; policy 2, Reduce user contact rate is not the most significant factor on infection rate, however, the contact rate is very sensitive to spread malicious software. These findings suggest that: (1) patch management should be established especially enterprises. However, installing a patch requires amount of work and patches also have the potential to cause incompatibility problems. Therefore, it highlights the development of cloud computing services; (2) information security management policy development should take precedence over the physical security. Though the security techniques would be developed rapidly and have effects remarkably, they are not sufficient in mitigating computer viruses threats without management policies. Information security management and audit policies should be enforced and continually monitoring, maintaining and improving.

參考文獻


Abu, S. T. (2010). Technological innovations and 3G mobile phone diffusion: Lessons learned from Japan. Telematics and Informatics, 27(4), 418-432. doi:10.1016/j.tele.2010.03.001
Albrechtsen, E. & Hovden, J. (2009). The information security digital divide between information security managers and users. Computers & Security, 28(6), 476-490. doi:10.1016/j.cose.2009.01.003
Anderson, R., & Lee, J. H. (2000). Jikzi - a new framework for security policy, trusted publishing and electronic commerce. Computer Communications, 23(7), pp. 1621-1626. doi:10.1016/S0140-3664(00)00248-6
Anderson, R. M., & May, R. M. (1991). Infectious diseases of humans: Dynamics and Control (pp. 15-21). Oxford, UK: Oxford University Press.
Angerhofer, B. J., Angelides, M. C. (2000). System Dynamics Modeling in Supply Chain Management: Research Review. Proceedings of the 2000 Winter Simulation Conference (Cat. No.00CH37165). 342-351. doi:10.1109/WSC.2000.899737