| Summary: | 碩士 === 國立臺灣大學 === 資訊管理學研究所 === 101 === Virtualization plays an important role in the information technology, especially in the enterprise application. Adopting this technology, legitimate users can utilize computing power and storage resources more flexibly without the geography and hardware limitations. Furthermore, it could save a large amount of budget and raise the utilization to the system. Nevertheless, virtualization also brings great problem with high complexity of information security, especially under the threat of collaborative attack, a new attack trend in recent years. As a service provider, the operator has to protect the service from various malicious attacks to serve numerous legitimate users. Meanwhile, the attackers subordinate to a commander would adjust their attack strategy to maximize the probabilities of achieving their goal. Hence, it is an extremely notable issue that how to maximize the survivability of the network under malicious attacks.
Since most attackers only have “incomplete information” regarding the target
system and less knowledge about defense mechanisms, the defender can distract commander and waste their budget and time by deception techniques and dynamic topology reconfiguration. Furthermore, the collaborative attack scenario is adopted to make it realistic, although it raises the complexity of this problem.
Moreover, the defender has to minimize the maximized service compromise probability in a given time period, and guarantee the minimal level of Quality of Service simultaneously.
In this thesis, we model the attack-defense scenario as a mathematical programming model that describes the defense and attack configuration and strategies, and propose a solution approach which combines the mathematical programming and simulation.
|
|---|
