A Self-Cleansing and Virtual-Machine based Defense-in-depth System
碩士 === 義守大學 === 資訊工程學系碩士班 === 98 === This paper proposes a new defense-in-depth information system. This kind systems are usually consist of three subsystems: firewall, intrusion detection system(IDS) and intrusion prevention system(IPS). A virtual-machine based self-cleansing mechanism is proposed...
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Others |
| Language: | zh-TW |
| Published: |
2010
|
| Online Access: | http://ndltd.ncl.edu.tw/handle/71729061135306142236 |
| id |
ndltd-TW-098ISU05392046 |
|---|---|
| record_format |
oai_dc |
| spelling |
ndltd-TW-098ISU053920462015-10-13T18:25:52Z http://ndltd.ncl.edu.tw/handle/71729061135306142236 A Self-Cleansing and Virtual-Machine based Defense-in-depth System 以自我清除及虛擬機器為基礎的縱深防禦系統 Shun-Hsiung Chang 張順雄 碩士 義守大學 資訊工程學系碩士班 98 This paper proposes a new defense-in-depth information system. This kind systems are usually consist of three subsystems: firewall, intrusion detection system(IDS) and intrusion prevention system(IPS). A virtual-machine based self-cleansing mechanism is proposed to integrate into each subsystem. We use Failure Mode and Effects Analysis( FMEA) and Overall Equipment Effectiveness(OEE) method to analyze the defense performance against most of intrusions. For botnet, DNS attack and Trojaned intrusion, the FMEA risk number are reduced at least five times and the OEE value are also increased to 0.91. To valify the proposal’s feasibility, a prototype system is also implemented on a VM-Ware host OS computer. The switching time between servers vary between 15 and 30 seconds.In conclusion, the proposed information system is feasible and has higher availability in non-transaction services. Wen-Kuei Chen Shu-Lin Peng 陳文魁 彭樹琳 2010 學位論文 ; thesis 53 zh-TW |
| collection |
NDLTD |
| language |
zh-TW |
| format |
Others
|
| sources |
NDLTD |
| description |
碩士 === 義守大學 === 資訊工程學系碩士班 === 98 === This paper proposes a new defense-in-depth information system. This kind systems are usually consist of three subsystems: firewall, intrusion detection system(IDS) and intrusion prevention system(IPS). A virtual-machine based self-cleansing mechanism is proposed to integrate into each subsystem. We use Failure Mode and Effects Analysis( FMEA) and Overall Equipment Effectiveness(OEE) method to analyze the defense performance against most of intrusions. For botnet, DNS attack and Trojaned intrusion, the FMEA risk number are reduced at least five times and the OEE value are also increased to 0.91. To valify the proposal’s feasibility, a prototype system is also implemented on a VM-Ware host OS computer. The switching time between servers vary between 15 and 30 seconds.In conclusion, the proposed information system is feasible and has higher availability in non-transaction services.
|
| author2 |
Wen-Kuei Chen |
| author_facet |
Wen-Kuei Chen Shun-Hsiung Chang 張順雄 |
| author |
Shun-Hsiung Chang 張順雄 |
| spellingShingle |
Shun-Hsiung Chang 張順雄 A Self-Cleansing and Virtual-Machine based Defense-in-depth System |
| author_sort |
Shun-Hsiung Chang |
| title |
A Self-Cleansing and Virtual-Machine based Defense-in-depth System |
| title_short |
A Self-Cleansing and Virtual-Machine based Defense-in-depth System |
| title_full |
A Self-Cleansing and Virtual-Machine based Defense-in-depth System |
| title_fullStr |
A Self-Cleansing and Virtual-Machine based Defense-in-depth System |
| title_full_unstemmed |
A Self-Cleansing and Virtual-Machine based Defense-in-depth System |
| title_sort |
self-cleansing and virtual-machine based defense-in-depth system |
| publishDate |
2010 |
| url |
http://ndltd.ncl.edu.tw/handle/71729061135306142236 |
| work_keys_str_mv |
AT shunhsiungchang aselfcleansingandvirtualmachinebaseddefenseindepthsystem AT zhāngshùnxióng aselfcleansingandvirtualmachinebaseddefenseindepthsystem AT shunhsiungchang yǐzìwǒqīngchújíxūnǐjīqìwèijīchǔdezòngshēnfángyùxìtǒng AT zhāngshùnxióng yǐzìwǒqīngchújíxūnǐjīqìwèijīchǔdezòngshēnfángyùxìtǒng AT shunhsiungchang selfcleansingandvirtualmachinebaseddefenseindepthsystem AT zhāngshùnxióng selfcleansingandvirtualmachinebaseddefenseindepthsystem |
| _version_ |
1718033242972487680 |