检索结果-南通市图书馆

SAND: semi-automated adaptive network defense via programmable rule generation and deployment

维普期刊数据库评论

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Science China(Information Sciences) 2022年第7期65卷 121-138页

作者： Haoyu CHEN Deqing ZOU Hai JIN Shouhuai XU Bin YUAN National Engineering Research Center for Big Data Technology and System Services Computing Technology and System LabCluster and Grid Computing Lab School of Computer Science and TechnologyHuazhong University of Science and Technology National Engineering Research Center for Big Data Technology and System Services Computing Technology and System LabHubei Engineering Research Center on Big Data Security School of Cyber Science and EngineeringHuazhong University of Science and Technology Department of Computer Science University of Colorado at Colorado Springs

Cyber security is dynamic as defenders often need to adapt their defense postures. The state-ofthe-art is that the adaptation of network defense is done manually(i.e., tedious and error-prone). The ideal solution is to automate adaptive network defense, which is however a difficult problem. As a first step towards automation, we propose investigating how to attain semi-automated adaptive network defense(SAND). We propose an approach extending the architecture of software-defined networking, which is centered on providing defenders with the capability to program the generation and deployment of dynamic defense rules enforced by network defense tools. We present the design and implementation of SAND, as well as the evaluation of the prototype implementation. Experimental results show that SAND can achieve agile and effective dynamic adaptations of defense rules(less than 15 ms on average for each operation), while only incurring a small performance overhead.

关键词： network defense Network defense adaptive defense automated defense programmable defense security services software-defined networking security management

Using Event-Based Method to Estimate Cybersecurity Equilibrium

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

IEEE/CAA Journal of Automatica Sinica 2021年第2期8卷 455-467页

作者： Zhaofeng Liu Ren Zheng Wenlian Lu Shouhuai XU the School of Mathematical Sciences Fudan UniversityShanghai 200433China the Artificial Intelligence Laboratory SAIC Motor Corporation LimitedShanghai 200041 SAIC Intelligent Technology(Shanghai)Corporation Limited Shanghai 200433China the School of Mathematical Sciences Fudan Universityand Shanghai Center for Mathematical SciencesFudan Universityand also with Shanghai Key Laboratory for Contemporary Applied MathematicsShanghai 200433China the Department of Computer Science University of Texas at San AntonioSan Antonio TX 78249 USA

Estimating the global state of a networked system is an important problem in many application domains.The classical approach to tackling this problem is the periodic(observation)method,which is inefficient because it often observes states at a very high frequency.This inefficiency has motivated the idea of event-based method,which leverages the evolution dynamics in question and makes observations only when some rules are triggered(i.e.,only when certain conditions hold).This paper initiates the investigation of using the event-based method to estimate the equilibrium in the new application domain of cybersecurity,where equilibrium is an important metric that has no closed-form solutions.More specifically,the paper presents an event-based method for estimating cybersecurity equilibrium in the preventive and reactive cyber defense dynamics,which has been proven globally convergent.The presented study proves that the estimated equilibrium from our trigger rule i)indeed converges to the equilibrium of the dynamics and ii)is Zeno-free,which assures the usefulness of the event-based method.Numerical examples show that the event-based method can reduce 98%of the observation cost incurred by the periodic method.In order to use the event-based method in practice,this paper investigates how to bridge the gap between i)the continuous state in the dynamics model,which is dubbed probability-state because it measures the probability that a node is in the secure or compromised state,and ii)the discrete state that is often encountered in practice,dubbed sample-state because it is sampled from some nodes.This bridge may be of independent value because probability-state models have been widely used to approximate exponentially-many discrete state systems.

关键词： Cybersecurity dynamics cybersecurity equilibrium event-based method global state estimation preventive and reactive cyber defense dynamics

Dependence-Induced Risk: Security Metrics and Their Measurement Framework

在线全文

学校读者我要写书评

暂无评论

China Communications 2016年第11期13卷 119-128页

作者： Liqiang Zhang Fei Yan Bo Zhao Shouhuai XU Computer School Wuhan University Key Lab of Aerospace Information Security and Trusted Computing Wuhan University State Key Lab of Software Engineering Wuhan University Department of Computer Science University of Texas at San Antonio

Despite the tremendous effort made by industry and academia,we are still searching for metrics that can characterize Cyberspace and system security risks. In this paper,we study the class of security risks that are inherent to the dependence structure in software with vulnerabilities and exhibit a "cascading" effect. We present a measurement framework for evaluating these metrics,and report a preliminary case study on evaluating the dependence-induced security risks in the Apache HTTP Server. The experiment results show that our framework can not only clearly analyze the root cause of the security risks but also quantitatively evaluate the attack consequence of the risks.

关键词：安全风险评价安全度量框架诱导 HTTP服务器 Apache 定量评估网络空间

A PROBABILISTIC CHARACTERIZATION OF A FAULT-TOLERANT GOSSIPING ALGORITHM

在线全文

学校读者我要写书评

暂无评论

Journal of Systems Science & Complexity 2009年第1期22卷 88-108页

作者： Paul PARKER Department of Computer Science University of Texas at San Antonio One UTSA Circle

Gossiping is a popular technique for probabilistic reliable multicast (or broadcast).However,it is often difficult to understand the behavior of gossiping algorithms in an analytic fashion.Indeed,existing analyses of gossip algorithms are either based on simulation or based on ideas borrowed fromepidemic models while inheriting some features that do not seem to be appropriate for the settingofgossiping.On one hand,in epidemic spreading,an infected node typically intends to spread theinfection an unbounded number of times (or rounds);whereas in gossiping,an infected node (i.e.,anode having received the message in question) may prefer to gossip the message a bounded number oftimes.On the other hand,the often assumed homogeneity in epidemic spreading models (especiallythat every node has equal contact to everyone else in the population) has been silently inherited in thegossiping literature,meaning that an expensive membership protocol is often needed for maintainingnodes' views.Motivated by these observations,the authors present a characterization of a popularclass of fault-tolerant gossip schemes (known as 'push-based gossiping') based on a novel probabilisticmodel,while taking the afore-mentioned factors into consideration.

关键词：容错算法概率模型表征可靠多播流行模式 ip协议节点流行病

在线全文

学校读者我要写书评

暂无评论

使用电子现金的安全系统(英文)

计算机工程 1999年第S1期25卷 129-132,146页

作者：徐寿怀张根度朱洪复旦大学计算机系上海200433

提出了一种新方法来保护使用电子现金的计算机系统，电子现金是一个最近得到广泛研究的概念。该文的第一个贡献在于利用电子现金作为密码，使得在某种程序上这种密码成为对系统一次性密码的扩展。然而，一次性密码的缺陷我解决方案中不... 详细信息

提出了一种新方法来保护使用电子现金的计算机系统，电子现金是一个最近得到广泛研究的概念。该文的第一个贡献在于利用电子现金作为密码，使得在某种程序上这种密码成为对系统一次性密码的扩展。然而，一次性密码的缺陷我解决方案中不再出现。另一贡献是一种基于安全体系的电子现金，这一安全体系是用在诸如计并网络一类应用上的。可以论证，这种电子现金比方文献[3]中提出的解决方案更为简单高效．因为它不需要复杂的下层“映射基础结构”。

关键词：计算机系统密码电子现金