期刊文献+

Optimal configuration of firewall, IDS and vulnerability scan by game theory 被引量:7

基于博弈论的防火墙、入侵检测系统和漏洞扫描技术的最优配置(英文)
下载PDF
导出
摘要 The integrated linkage control problem based on attack detection is solved with the analyses of the security model including firewall, intrusion detection system (IDS) and vulnerability scan by game theory. The Nash equilibrium for two portfolios of only deploying IDS and vulnerability scan and deploying all the technologies is investigated by backward induction. The results show that when the detection rates of IDS and vulnerability scan are low, the firm will not only inspect every user who raises an alarm, but also a fraction of users that do not raise an alarm; when the detection rates of IDS and vulnerability scan are sufficiently high, the firm will not inspect any user who does not raise an alarm, but only inspect a fraction of users that raise an alarm. Adding firewall into the information system impacts on the benefits of firms and hackers, but does not change the optimal strategies of hackers, and the optimal investigation strategies of IDS are only changed in certain cases. Moreover, the interactions between IDS & vulnerability scan and firewall & IDS are discussed in detail. 为了解决基于攻击检测的综合联动控制问题,用博弈论方法对防火墙、入侵检测系统(IDS)和漏洞扫描技术的安全组合模型进行分析.采用逆序归纳法研究了仅配置IDS和漏洞扫描技术组合、配置所有技术组合的Nash均衡.结果表明,当IDS和漏洞扫描技术检测率较低时,公司不仅需要监测每个报警的用户,还需监测未报警的一部分用户;当IDS和漏洞扫描技术检测率足够高时,公司无需监测未报警用户,只需监测一部分报警的用户.在信息系统中增加配置防火墙会影响公司和黑客的收益,但黑客的最优策略没有变化,IDS的最优调查策略仅在一定情况下会改变.此外,讨论了IDS与漏洞扫描、防火墙与IDS的配置交互问题.
出处 《Journal of Southeast University(English Edition)》 EI CAS 2011年第2期144-147,共4页 东南大学学报(英文版)
基金 The National Natural Science Foundation of China(No.71071033) the Innovation Project of Jiangsu Postgraduate Education(No.CX10B_058Z)
关键词 economics of information systems FIREWALL intrusion detection system (IDS) vulnerability scan securityportfolio strategy 信息安全经济学 防火墙 入侵检测系统 漏洞扫描 安全组合策略
  • 相关文献

参考文献11

  • 1朱建明,Srinivasan Raghunathan.基于博弈论的信息安全技术评价模型[J].计算机学报,2009,32(4):828-834. 被引量:42
  • 2Kong-wei Lye,Jeannette M. Wing.Game strategies in network security[J]. International Journal of Information Security . 2005 (1-2)
  • 3Holden G.Guide to firewalls and network security:with in-trusion detection and VPNs. . 2004
  • 4Gal-Or E,Ghose A.The economic incentives for sharing security information. Information Systems Research . 2005
  • 5Zhang Hongqi.Information security technology. . 2008
  • 6Cavusoglu H,Raghunathan S.Configuration of detection software:A comparison of decision and game theory approaches. Decision Analysis . 2004
  • 7Piessens F.A Taxonomy of Causes of Software Vulnerabilities in Internet Software. Proc.of the13th International Symposium on Software Reliability Engineering . 2002
  • 8Huseyin Cavusoglu,Srinivasan Raghunathan,Hasan Cavusoglu.The Case of Firewalls and Intrusion Detection Systems. Information Systems Research Archive . 2009
  • 9Cavusoglu H,,Mishra B,Raghunat H S.The Value of Intrusion Detection Systems in Information Technology Security Architecture. Information Systems Research . 2005
  • 10Gouda M,Liu X.Firewall design: consistency, completeness, and compactness. Proceedings of the 24th IEEE International Conference on Distributed Computing Systems (ICDCS’04) . 2004

二级参考文献12

  • 1卿斯汉,蒋建春,马恒太,文伟平,刘雪飞.入侵检测技术研究综述[J].通信学报,2004,25(7):19-29. 被引量:234
  • 2穆成坡,黄厚宽,田盛丰.入侵检测系统报警信息聚合与关联技术研究综述[J].计算机研究与发展,2006,43(1):1-8. 被引量:70
  • 3Cavusoglu H, Mishra B, Raghunathan S. The value of intrusion detection systems in IT security. Information Systems Research, 2005, 16(1): 28-46
  • 4Athanasiades N, Abler R, Levine Jet al. Intrusion detection testing and benehmarking methodologies//Proceedings of the 1st IEEE International Workshop on Information Assurance. Darmstadt, Germany: IEEE Computer Society, 2003: 63-72
  • 5Ulvila J W, Gaffney J E. A decision analysis method for evaluating computer intrusion detection systems. Decision Analysis, 2004, 1(1): 39-54
  • 6Ryu Y U, Rhee H S. Evaluation of intrusion detection systems under a resource constraint. ACM Transactions on Information and Systems Security, 2008, 11(4):20.1 -20. 24
  • 7Sabahi F, Movaghar A. Intrusion detection: A survey//Proceedings of the 3rd International Conference on Systems and Networks Communications (ICSNC' 08). Sliema, Malta, 2008:23-26
  • 8Poe James, Li Tao. BASS: A benchmark suit for evaluating architectural security systems. ACM SIGARCH Computer Architecture News, 2006, 34(4): 26-33
  • 9Cavusoglu Huseyin, Mishra Birendra, Raghunathan Srinivasan. A model for evaluating IT security investments. Communications of the ACM, 2004, 47(7): 87-91
  • 10Zhu Jian-Ming, Wang Chao, Ma Jian-Feng. Intrusion-tolerant based survivable model of database system. Chinese Journal of Electronics, 2006, 14(3): 481-484

共引文献41

同被引文献52

  • 1时予.发展入侵检测及漏洞扫描技术 为全网安全提供技术支撑——“2004年中国网络安全系统入侵检测及漏洞扫描技术与应用大会”侧记[J].计算机安全,2004(7):2-3. 被引量:1
  • 2王庆,刘嘉勇,胡勇.基于Windows下溢出漏洞扫描技术的网络渗透分析与实现[J].成都信息工程学院学报,2007,22(1):26-30. 被引量:2
  • 3Singh Y, Chaba Y, Rani P. Integrating VPN and IDS- An approach to networks security [ J ]. International Journal of Uomputer Science and Security, 2007, 1 (3) : 1 - 13.
  • 4黄鼎隆.信息安全感知模型及其应用[D].北京:清华大学,2008.
  • 5王昭顺.网络安全防御技术实践教程[M].北京:清华大学出版社,2010.
  • 6Gordon LA, Loeb MP. The economics of information security investment [ J]. ACM Transactions on Information and System Security, 2002, 5(4): 438-457.
  • 7Cezar A, Cavusoglu H, Raghunathan S. Outsourcing information security management: contracting issues and security implications [ A]. In: Stuart Schechter. Proceedings of the Ninth Workshop on the Economics of Information Security [ C ]. MA : Harvard University, 2010 : 1 - 52.
  • 8Cavusoglu H, Raghunathan S, Yue WT. Decision-theoretic and game-theoretic approaches to IT security investment[ J]. Journal of Management Information Systems, 2008, 25 (2) : 281 - 304.
  • 9Lee W, Fan W, Miller M, et al. Toward cost-sensitlve modeling for intrusion detection and response [J]. Journal of Computer Security, 2002, (10) : 5 -22.
  • 10Cavusoglu H, Mishra B, Raghunathan S. The value of intrusion detection systems in information technology security architecture [ J]. Information Systems Research, 2005, 16( 1 ) : 28 -46.

引证文献7

二级引证文献21

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部