检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]北京航空航天大学经济管理学院,北京100083 [2]北京工商大学商学院,北京100037
出 处:《北京航空航天大学学报》2008年第1期39-42,共4页Journal of Beijing University of Aeronautics and Astronautics
基 金:国家自然科学基金资助项目(70372011);高校博士点专项科研基金资助项目(20030006009)
摘 要:运用博弈论及信息安全技术有关理论,提出了一个基于成本分析的入侵响应投资模型,得出在此安全技术配置下博弈双方的最优策略,讨论了入侵响应的纳什均衡解,并通过成本分析从理论和实践两方面验证了此模型的合理性.针对现有入侵响应系统中不计成本就进行响应的问题,引入入侵损失和响应成本,通过比较二者关系,分析了系统管理员进行响应的条件成本,从而给出系统管理员灵活调整入侵响应的自适应策略,提高信息系统的安全性及抵抗攻击的能力,且避免不必要的资源浪费,实现信息保护和资源可用之间的平衡.Applying the methodologies of game theory and network security, considering the decision interdependence of the players, a game model of intrusion response based on cost analysis was presented. The study showed the optimal strategies for the players in the deployment of security technique-Intrusion Detection System(IDS), discussed the Nash equilibrium solutions, and verified the model rationality by cost-analysis from the theoretic and empirical aspects. Focusing on the problem of intrusion response without considering cost now, the model was introduced damage cost and response cost. With comparison with the two kinds of cost, the conditional cost of responding was analyzed, thus an adaptive intrusion response strategy to system administrator was made. This method can illustrate the response policy of system administrator in the actual decision further, improve security and avoid wasting unnecessary resource, then achieve the balance between information protection and resource.
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.125
