| Summary: | 碩士 === 臺灣大學 === 資訊管理學研究所 === 98 === Because of the rapid advancement of computer and telecommunication technologies in recent years, smaller, less expensive and high performance devices are available for companies and individuals, which accelerate the growth of the Internet and make available to users a variety of new network applications/services. However, our dependency on the Internet has made the PCs and servers connected to the network more vulnerable to attacks, causing great losses to enterprises and individuals. Moreover, an increasing number of new threats, evolution of attack tactics and the emergence of zero-day attacks make it almost impossible for a system or network to keep “safe” at any moment. Therefore, survivability of a network under malicious attacks has become an extremely important issue.
In this thesis, we adopted a novel metric called Degree of Separation (DOS) to evaluate the damage level and survivability of a network. A network attack-defense scenario is converted to a multi-round mathematical programming problem. Each round contains three stages, in the first stage, the defender deploys his limited defense resources on the nodes in the network, in order to increase the attacker’s attack cost. In the second stage, the attacker uses his limited budget to launch attacks, trying to maximize the damage of the network. Finally, the defender tries to minimize network damage by repairing nodes compromised by the attacker, subject to his finite repair budget. The Lagrangean relaxation method is proposed here to obtain solutions for the problem.
|
|---|
