基于可变模糊集理论的系统生存性关键技术研究
|
摘要
论文从可生存性态势感知、自动应急响应、可生存系统中的任务管理及系统可生存性的综合评价四个方面对系统的可生存性进行了深入地研究。首先利用可变模糊集理论的多特征融合技术,从不同层次对系统的可生存性态势进行感知,以提高感知的精确性与客观性。其次,在冲突分析模型下分析了冲突参与者策略选择的过程,建立了针对不同的响应目的自动响应策略选择偏序。随后,在可生存性态势感知的基础上构建了动、静相结合的负载均衡算法,并采用可变模糊集优化决策理论优化可生存环境下的任务调度。最后,采用可变模糊集理论对系统的可生存性进行综合评估,并在评估的过程中引入了变权的思想,提出了基于风险事件和威胁与弱点相互关系的变权计算方法,力求综合评估结果能够科学、客观地反映实际情况。
This paper studies four aspects of system survivability in depth, which include survival situation awareness, automatic emergency response, task manager and comprehensive evaluation. First, we are aware of the survival situation of system from different levels to improve accuracy and objectivity, by using multi-feature fusion of variable fuzzy set. Second, the partial orders of automatic response strategies selection are established for different purpose of response, by analyzing the process of strategy selection of conflict participants in the model of conflict analysis. Third, based on awareness of survival situation, a load balancing algorithm, combining dynamic and static characteristics, is described, and optimization decision theory of variable fuzzy set is emptied to optimize the task scheduling under survive environment. Finall, in order to scientifically and objectively reflect the real situation, variable fuzzy set is used to comprehensively evaluate the survivability of system, and the thought of variable weight is introducted. The calculation method of variable weight is presented according to the relationship of threat, weakness and risk events.
This paper studies four aspects of system survivability in depth, which include survival situation awareness, automatic emergency response, task manager and comprehensive evaluation. First, we are aware of the survival situation of system from different levels to improve accuracy and objectivity, by using multi-feature fusion of variable fuzzy set. Second, the partial orders of automatic response strategies selection are established for different purpose of response, by analyzing the process of strategy selection of conflict participants in the model of conflict analysis. Third, based on awareness of survival situation, a load balancing algorithm, combining dynamic and static characteristics, is described, and optimization decision theory of variable fuzzy set is emptied to optimize the task scheduling under survive environment. Finall, in order to scientifically and objectively reflect the real situation, variable fuzzy set is used to comprehensively evaluate the survivability of system, and the thought of variable weight is introducted. The calculation method of variable weight is presented according to the relationship of threat, weakness and risk events.
引文
1. Yurcik William, Doss David, Kruse Hans. Survivability—over—Security:Providing Whole System Assurance. In:the 3rd IEEE/SEI/CERT Information Survivability WorkshoP (ISW-2000). IEEE ComPuter Soc. Press, Los AlaMitos, Calif,2000,201~204.
2. Hollway BA, Neumann PG. Survivable computer—communication systems:The Problem and working group recommendations. Washington:US Army Research Laboratory,1993.
3. Nancy R Mead, Robert J Ellison, Richard C Linger et al. Survivable Network Analysis Method. http://www.cert.org/archive/pdf/00tr013.pdf.
4. R J Ellison, D A Fisher, R C Linger et al. An Approach to Survivable Systems. In:the NATO IST Symposium on Protecting Information Systems in the 21 St Century, Washington, DC,1999,10.
5. Richard C Linger, Howard F Lipson, John McHugh et al. Life-Cycle Models for Survivable Systems. Sledge TECHNICAL REPORT CMU/SEI-2002-TR-026ESC-TR-2002-026.2002,10.
6. Algirdas Aviienis, Jean-Claude Laprie, Brian Randell, and Carl Landwehr. Basic Concepts and Taxonomy of Dependable and Secure Computing. IEEE Transactions on Dependable and Secure Computing,2004, 1(1):11-33.
7. R J Ellison, D A Fischer, R C Linger, H F Lipson, T Longstaff and N R Mead. Survivable Network System: An Emerging Discipline. Technical Report CMU/SEI-97-TR-013, Carnegie Mellon Univ., May 1999.
8. Jiang T Z. A New definition of Survivability of Communication Networks. Military Communication Conferenee: Military Communication in a Changing World, IEEE,1991:2007-2012.
9. [9] U S Department of Commerce. National Telecommunications and Information Administration. in Institute for Telecommunications Services, Federal Standard 1037C.
10. Moitra Soumyo D, Konda Suresh L. A Simulation Model for Managing Survivability of Networked Information Systems.Technical RePort CMU/SE-2000-TR-020,2000.
11. Jha Sanjay K, Wing Jeannette M, Linger Riehard C, et al. Survivability Analysis of Network Specification. Intemational Conference on Dependable Systems and Networks (DSN2000), NewYork, NY, USA:IEEE Computer Soeiety,2000.
12. Kinght John C, Strunk Elisabeth A, Sullivan Kevin J. Towards A Rigorous Definition of Information System Survivability. The DARPA Information Survivability Conference and Exposition (DISCEX'03), Washington.DC:2003.
13.杨超,马建峰.可生存网络系统的形式化定义.电子科技,2004,4:1-4.
14. Information Survivability Workshops.www.cert.org/research/isw.html.
15. Malicious and Accidental-fault Tolerance for Internet Applications.IST Programme RTD Research Project IST-1999-11583. http://www.maftia.org.
16. CCERT. http://www.ccert.edu.cn.
17.关于国家重点基础研究发展计划973计划[EB/OL] http://www.973.gov.cn/mana/contfile/web /234/20051271353429a.doc,2005
18.国家自然科学基金委员会与微软亚洲研究院联合资助项http://www.nsfc.gov.cn/nsfc/cen/ xmzn/2006xmzn/06th/102.htm,2006.
19中华人民共和国科学技术部.先进制造与自动化技术领域现代集成制造系统技术主题课题申请指南[EB/OL],2001.
20. Kant L, Chen W. Service Survivability in Wireless Networks via Multi-layer Self-healing. In:Wireless Communications and Networking Conference,2005, IEEE Volume 4,2005,2446~2452.
21. Jha S, Wing J M. Survivability Analysis of Networked Systems. The 23rd International Coferencc on Software Engineering. Toronto, Ontario, Canada,2001:3007~317.
22.林雪纲,朱淼良,许榕生.信息系统生存性的层次化计算.浙江大学学报,2006,40(11):1960-1965.
23. Lueam P, Liu P. The Design of an Adaptive Intrusion Tolerant Database System. Foundations of intrusion Tolerant Systems, Oasis,2003,14~21.
24. Daskapan S, Vree W G. Self-organizing Trust Principle for Survivable Systems. International Conference on Artificial and Computational Intelligence, Tokyo, Japan,2002,7~12.
25.赵国生,王慧强,王健.一种基于自主配置的网络可生存性增强技术研究.武汉大学学报(理学版),2006,52(5):582-586.
26.赵国生,王慧强,王健CLDF:一种增强关键服务可生存性的应急调度算法.解放军理工大学学报,2008,9(5):528-531.
27. Choi B K, Rho S, Battati R. Fast software component migration for applications survivability in distributed real-time systems. Object-Oriented Real-Time Distributed Computing. In:proceedings Seventh IEEE International Sysposium,2004,269~276.
28.协同信息与系统实验室.海量信息系统可生存性分析方法及软件可生存性增强技术[EB/OL]. http:// cscw.fudan.edu.cn/main-project.htm,2006.
29. TIA1.2Working Group. http://www.tl.ort/tlal/al2-hom.htm.
30.陈守煜.工程模糊集理论与应用[M].北京:国防工业出版社,1998.
31.陈守煜.可变模糊集理论哲学基础.大连理工大学学报(社会科学版),2005,26(1):53-57.
32.陈守煜.工程可变模糊集理论与模型——模糊水文水资源学数学基础.大连理工大学学报,2005,45(2):308-312.
33.陈守煜.可变模糊集合理论——兼论可拓学的数学与逻辑错误.大连理工大学学报,2007,47(4):618-624.
34.陈守煜.可变模糊集合方法及论可拓关联函数基本公式错误.水电能源科学,2005,23(5):1-4.
35.陈守煜.相对隶属函数的系统辩证论哲学基础.系统辩证学学报,1996,4(2):26-29.
36.陈守煜.基于可变模糊集的辩证法三大规律数学定理及其应用.大连理工大学学报,2010,50(5):838—844.
37.陈守煜,袁晶瑄,李亚伟.基于可变模糊集的模糊聚类迭代模型及其应用.大连理工大学学报,2008,48(6):881-886.
38.陈守煜.基于可变模糊集的质变与量变定理——兼论集对分析.数学的实践与认识,2009,39(11):195-201.
39.陈守煜.模糊可变集合的拓展:可变集合——兼论可拓零界关联函数等于零的错误[C].数学及其应用,北京:原子能出版社,2007.
40.陈守煜.可变模糊集合理论与可变模型集.数学的实践与认识,2008,38(18):146-153.
41. Bass T. Multisensor data fusion for next generation distributed intrusion detection systems.1999 IRIS National Symp. On Senso rand Data Fusion.Laurel,1999,24-27.
42. BassT. Intrusion systems and multisensor data fusion:Creating cyberspace situational awareness. Communications of the ACM,2000,43(4):99~105.
43. D'Ambrosio B, Takikawa M. Upper D, et al. Security situation assessment and response evaluation. In: DARPA Information Survivability Conf.& Exposition II. Anaheim,2001,387~394.
44. Porras P, Fong M, Valdes A. A mission.-impact-based approach to INFOSEC alarm correlation. In:Proc. of the 15th Int'l Symp. On Recent Advances in Intrusion Detection. Zurich,2002,95~114.
45. Hariri S, Qu GZ, Dharmagadda T, et al. Impact analysis of faults and attacks in large-scale networks. IEEE Security & Privacy,2003,1(5):49~54.
46. Bearavolu R, Lakkaraju K, Yurcik W. NVisionIP:An Animate State Analysis Tool for Visualizing NetFlows. FLOCON Network Flow Analysis Workshop (Network Flow Analysis for Security Situational Awareness), Sept.2005.
47. Yin X X, Yurcik W, Slagell A. The Design of VisFlowConneet-IP:a Link Analysis System for IP Seeurity Situational Awareness. In:Third IEEE International Workshop on Information Assurance (IWIA),2005
48. Li Z M, Taylor J, Partridge E, etal. UCLog:A Unified, Correlated Logging Aichiteeture for Intrusion Detection. In:12th International ConferenceonTelecommunication Systems Modeling and Analysis(ICTSM), 2004.
49.胡华平.面向大规模网络的入侵检测与预警系统研究.国防科技大学学报,2003,25(1)
50.北京理工大学信息与对抗技术研究中心.网络安全态势评估系统技术白本书http://www.thinkor.eom/produet/download/网络安全态势评估系统技术白皮书 2.doc,2005.
51.陈秀真,郑庆华,管晓宏等.层次化网络安全威胁态势量化评估该方法.软件学报,2006,17(4):885-897.
52. Lai J B, Wang H Q, Zhu L. Study of network security situation awareness model based on simple additive weight and grey theory. International ConferenceonComputational-Intelligence and Security, NOV 03~06, 2006.
53.赵国生,王慧强,王健.基于灰色verhulst的网络安全态势感知模型.哈尔滨工业大学学报,2008,40(5):798-801.
54.赵国生,王慧强,王健.基于灰色关联分析的网络可生存性态势评估方法.小型微型计算机系统,2006,27(10):1861-1864.
55. Hu W, Li J H, Shi J J. A novel approach to cyberspace security situation based on the vulnerabilities analysis. Proeeeding sof the 6th World Congress on Intelligent Control and Automation, June,2006, Dalian, China.
56.刘同明,夏祖勋,解洪成.数据融合技术及其应用.北京:国防工业出版社,1998.
57.康耀红.数据融合理论与应用.西安:西安电子科技大学出版社,1997.
58.刘密霞.网络完全正确态势分析与可生存性评估研究.兰州理工大学博士论文,2008.
59. Keromytis A, et al. A Holistic Approach to Service Survivability[C]. In:Proceedings of the 2003 ACM workshop on Survivable and Self-regenerative systems, In Association with 10th ACM Conference on Computer and Communications Security,2003,11~20.
60.王东霞,窦文华.保证关键服务生存性的ATM网络资源管理.计算机研究与发展.2000,37(1):50-54.
61.史国炜,曹烈光.SDH接入网的网络生存性研究.清华大学学报(自然科学版),2003,43(9):1269-2171.
62. J P Xu, W Wu. The Theory and Method of Multiple Attribute Decision Making [M]. Published by TsingHua University Press,2006,260~261.
63.张维明,毛捍东,陈锋.一种基于图论的网络安全分析方法研究.国防科技大学学报,2008,30(2):97-101
64.王健,王慧强,赵国生.基于序列蒙特卡罗的网络生存态势跟踪预测.哈尔滨工业大学学报,2008,40(5):802-806.
65. Jian Wang, Huiqiang Wang, Guosheng Zhao. Formal modeling and quantitative evaluation for information system survivability based on PEPA. The Journal of China Universities of Posts and Telecommunications, 2008,15(2):88~96.
66.王健,王慧强,赵国生.基于不确定型AHP的网络生存能力模糊综合评估.计算机科学,2006,33(6):73-76.
67.王健,王慧强,赵国生.基于模糊矩阵博弈的网络可生存策略选择模型.武汉大学不宾阳,2007,53(5):531-534.
68王健,王慧强,赵国生.一种增强系统可生存性的多目标资源重配算法.计算机研究与发展,2006,43(52):487-491.
69. Huiqiang Wang, Jian Wang, Guosheng Zhao. A new bio-inspired model for network security and its application. The 8th Asia-Pacific Web Conference,2006,756-759.
70. Huiqiang Wang, Jian Wang, Guosheng Zhao. A comprehensive assessment method for network survivability. 2008 International Conference on Internet Computing in Science and Engineering,2008,335~338.
71. Zhuang Shangyi. A n efficient Web cluster with content aware request distribution on Lnux kernel 2.6[D].T aipei:Department of Information Management, National Chi-Nan Univ ersity,2008.
72. Chiang Meiling, Lin Yuchen, Guo Lianfeng. Design and implementation of an efficient Web cluster with content based request distribution and file caching.Journal of Systems and Software,2008,81(11):2044~ 2058.
73. Sharifian S, Motamedi S A, A kbari M K. A content based load balancing algorthm with admission control for cluster Web servers. Future Generation Computer Systems,2008,24(8):775~787.
74. Benvenuti C. Understanding Linux Network Internals [M]. Beijing:O Reilly Media Inc,2005.
75. Ming Xu. Effective Internet Grid Computing for Industrial Users. IEEE,2001,30~45.
76. A Bucur, D Epema. Local versus Global Queues with Processor Co-Allocation in Multicluster Systems. Workshop on job Scheduling Strategies for Parallel Processing,2002, Vol 2537 ofLNCS,132-200.
77.柳清瑞.中间件的负载均衡技术研究.小型微型计算机系统,2002(3):p21-26
78.燕彩蓉,沈钧毅.一种基于预取的集群服务器调度算法田.控制与决策.2006,21(3):319-322
79. Lei Y C, GongYL, ZhangS, etal. Researeh on Seheduling Algorithm in Web Cluster Servers. Journal of Computer Science and Technology,2003,18(6):703~716
80.苏飞,赵金雁.基于TL_Scheduling的异构集群负载均衡算法的研究与应用.计算机工程与设计,2008,29(15):3878-3880
81.陈亮,王加阳.基于粗糙集的负载均衡算法研究.计算机工程与科学,2010,32(1):101-104.
82.杜鸿,薛弘晔,白欣.一种基于任务表方法的实时集群平台.计算机工程,2005,31(18):76-78.
83.马双良,张英敏,宋丽君.基于LVS和计算任务的实时集群负载均衡方法.计算机工程与设计,2007,28(20):34-37.
84. Buttazzo G, Spuri M, Sensini F. Value VS Deadline Acheduling in Overload Conditions[C]//N proc of the16th IEEE Real time Systems Symp,1995:90~99.
85. Burns A, Prasad D, Bondavalli A, et al. The Meaning and Role of Value in Scheduling Flexible Real Time Systems. Journal of Systems Architecture,2000,46 (4):305-325.
86. Lu C Y, Stankovic J A. Design and Evaluation of a Feedback Control EDF Scheduling Algorithnl. Proceedings of the 20th IEEE Real-Time Systems Symposium. Phoenix, Arizona:IEEE Computer Society, 1999,55-66.
87. Huang J, Stankovic J, Towesly D, etal. Experimental Evaluation of Real-time Transaction processing. Proceedings of the 10th IEEE Real-Time Systems Symposium. Santa Monica:IEEE Computer Society,1989, 144-153.
88.金宏,王宏安,王强等.一种任务优先级的综合设计方法.软件学报,2003,14(3):376-382.
89.王永炎,王强,王宏安等.基于优先级表的实时调度算法及实现.软件学报,2004,15(3):360-370.
90. Cohen F.Simulating Cyber Attacks, Defenses and Consequenees. http://all.net/joumal/ntb/simulate/ simulate.html,1999-3/2009-3.
91. C A Carve, U pooch. A Methodology for Using Intelligent Agent to Provide Automated Intrusion Response. New York:IEEE Sysetms, Man and Cybernetics InofmrationAssurance and Securiyt Workshop, West Point, 2000,163~175.
92. Schnackenberg D, Holliday H, Smith R. Cooperative IntrusionTraceback and Response Architecture (CITRA). In Proeeedings of the 2th DARPA Information Survivability Conference and Exposition,2001.
93.朗波,郑久丹.基于移动代理的自动入侵响应实施方法研究.北京航空航天大学学报,2003,29(10):59-62.
94.张运凯,张玉清.自动入侵响应系统的研究.计算机工程与设计,2004,30(11):5-7.
95 石进,陆音,谢立.基于博弈理论的动态入侵响应.计算机研究与发展,2008,45(5):747-757.
96.郭宇,孙敏.基于SVM成本决策分析模型的入侵响应研究.计算机应用,2007,27(11):2704-2706。
97. Dan Schnackenberg, Harley Holliday, Randall Smith, et al. Cooperative Intrusion Traceback and Response Architecture [C].Proc of DARPA Information Survivability Conference and Exposition. Piscataway, NJ:IEEE Computer Society,2001.
98. Thomas Toth, Christopher Kruegel. Evaluating the impact of automated intrusion response mechanisms. Porc of the 18th Annual Computer Security Application Conference, Washington, DC:IEEE Computer Society, 2002.
99. Wenke Lee. Toward cost-sensitive modeling for intrusion detection and respose. Journal of Computer Security,2002,10(2):5~22.
100. Sapon Tanachaiwiwat, Kai Hwang, Yue Chen. Adaptive intrusion response to minmize risk over multiple network attacks [OL][2002-08-027]. http://ceng.use.edu/~kaihwang/papers/ACM827.pdf.
101. Ashish Gehani, Gershon Kedem. RheoStat:Real-time Risk Management[C]. Proc of the 7th Int'l Symp on Recent Advances in Intrusion Detection. Berlin:Springer,2004.
102.张宁等.基于成本评估模型的入侵响应系统的研究.计算机仿真,2006,23(5):249-253.
103. Fengmin Gong, Katerina Goseva-Popstojanova, Feiyi Wang. Characterizing Intrusion Tolerant Systems Using A State Transition Model.//Proc. Of DARPA Information Survivability Conference and Exposition II. California, USA:IEEE Press,2001,211~221.
104. Curtis A, Carver. Intrusion Response Systems:A Surver[J/OL].http://faculty.cs.tamu.edu/pooch/course/ CPSC665/Spring2001/Lessons/Intrusion_Detection_and_Response,2001-2/2009-3.
105.石进,陆音,谢立.基于博弈理论的动态入侵响应.计算机研究与发展,2008,45(5):747-757.
106. U Lindqvist, E Jonsson. How to Systematically Classify Computer Security Intrusions. Proceeding of 1997 IEEE Symp, on Security and Privacy, Oakland, CA, May4-7,1997.
107.赵国生,王慧强.可生存性网络的形式化建模与分析.通信学报,2006,27(11A):48-52.
108. Zhao Guosheng, Wang Huiqiang, Wang Jian. An Emergency Algorithm for Enhancing Survivability of Key-Service. Journal of Southeast University,2007,23(3):443~446.
109. Zhao Guosheng, Wang Huiqiang, Wang Jian. A Novel Situation Awareness Model for Network Systems' Security, Lecture Notes in Computer Science, ICCS'07, Bingjing, China,2007,1077~1084.
110.刘密霞,张秋余,赵宏等.入侵检测报警相关性及评测数据集研究.计算机应用研究,2008,25(10):3108-3111.
111.张乐君,国林,王巍等.网络系统可生存性评估与增强技术研究概述.计算机科学,2007,34(8):30-33.
112.王树鹏,云晓春,余翔湛.系统生存性增强技术研究.哈尔滨工业大学学报,2007,39(3):452-461
113.赖积保,王慧强,王健.系统可生存性研究综述.计算机科学,2007,34(3):237-239.
114.杨璐,邱代燕,刘彤.网络生存性综述.计算工程与设计,2005,26(5):1225-1227.
115.王超,马建峰,朱建明.网络系统的可生存性研究综述.网络安全技术与应用,2006,6:15-17.
116.李黎,管晓宏,赵千川等.网络生存适应性的多目标评估.西安交通大学学报,2010,44(10):1-7.
117张永,方滨兴,包秀国.网络可生丰研究概述.计算机工程与应用,2005,7:119-121.
118.张益,霍珊珊.网络存储系统可生存下量化评估.清华大学学报,2009,49(S2):2119-2125.
119. Huiqiang Wang, Jian Wang and Guosheng Zhao. Index system of information systems survivability:formal definitions and reasoning. Internation Conference on Internet Computing in Science and Engineering.2008: 294-297.
120. Huiqiang Wang, Jian Wang, Guosheng Zhao. A comprehensive bio-inspired model for network security. The First International Conference on Semantics, Knowledge and Grid,2006.
121.国林,张乐君,杨永田等.随机PETRI网在信息系统服务能力分析中的应用.昆明理工大学学报(理工版),2007,32(6A):206-209.
122.张乐君,王巍,国林等.基于攻击场景的信息系统生存性计算.计算机工程,2008,34(6):137-139.
123.张乐君,周渊,国林,王巍,杨永田.基于自主配置的系统生存性增强算法研究.通信学报,2007,28(12):102-107.
124.张薇,马建峰,王良民等.门限Byzantine quorum系统及其在分布式存储中的应用电子学报,2008,36(2):314-319.
125.张薇,马建峰,柳曙光,王超.可生存的存储网络与Quorum系统.通信学报,2007,28(11A):121-124.
126. Zhang Wei, Ma Jianfen. A reliable and Asymmetric Data Distribution Scheme for Survivable Storage. China Communications,2006,3(4):70~75.
127.杨超,马建峰.可生存网络系统的形式化定义.电子科技,2004,(4):1-4.
128.林雪纲,许榕生.一种信息系统生存性的量化分析框架.电子与信息学报,2006,28(9):1721-1726.
129.包秀国,胡铭曾,张宏莉等.两种网络安全管理系统的生存性定量分析方法.通信学报,2004,25(9):34-41.
130.王超,马建峰.可生存网络系统的构建方法.电子学报,2005,33(B12):2336-2341.
131. Lejun Zhang, Lin Guo, Wu Yang, etal. An efficient survivability Hierarchy Analysis Model for networked information system. Proceedings of the Third international conference on Computational intelligence and security,2007,759~762.
132. Liu Mixiao, Zhang Qiuyu, Zhao Hong. Network security situation assessment based on data fusion. First International Workshop on Knowledge Discovery and Data Ming,2008.
133.王冀鲁,张益,余镇危等.网络存储系统可生存性定量评价研究.计算机工程,2010,36(4):33-35.
134.潘世英.生存性定义研究.科学信息,2007,13:7-8.
135.汪晶晶,杨晓元,董斌.可生存的开放式对等存储系统.计算机工程,2010,36(21):146-148.
136.郝宁波.可生存性网络的容量增强与优化算法.软件导刊,2010,9(11):63-65.
137.王志文,卢柯,王晓飞.基于博弈论的信息系统生存性提升方法研究.计算机科学,2010,37(9):81-84.
138.徐慧,周建美,程学云.基于免疫的可生存网络研究与设计.计算机应用,2010,30(5):1194-1197.
139.孟祥宏.电子政务系统的可生存性策略研究.信息安全与通信保密,2010,3:50-52.
140. Tzi-cker Chiueh, Dhruv Pilania. Design, Implementation, and Evaluation of a Repairable Database management System. In:Proceedings of 21st International Conference on Data Engineering,2005,10024~ 1035.
141. Soulla Louca, A P George Samaras. On network survivability algorithms based on trellis graph transformations. Fourth IEEE Symposium on Computers and Communications, ISCC'99, Red Sea, Egypt~ 1999.
142. T1A1.2 Working Group on Network Survivability Performance, in Technical report on enhanced net-work survivabiiity performance. Technical report,2001.
143. Yonguang Zhang, et al. Heterogeneous networking:A new survivability paradigm. in 10th New Security Paradigm Workshop (NSPW),2001.
144. Ellison R, Fisher D, Linger R. Survivable Network system Analysis:A Case Study. Software, IEEE,1999, 16(4):70~77
145.王益丰,李涛,胡晓勤,宋程.一种基于人上免疫的网络安全实时风险检测方法.电子学报,2005,33(5):945-949.
146. Chi-Hung Kelvin Chu, M.C.. An integrated framework for the assessment of network operations, reliability, and security. Bell Labs Technical Journal,2004.8(4):133~152.
147. Xuegang Lin, M.Z., and Rongsheng Xu. A Framework for Quantifying Information System Survivability. in Proceedings of the Third International Conference on Information Technology and Applications(ICITA'05). 2005, Sydney, Australia.
148. Xuegang Lin, R.X., and Miaoliang Zhu. Survivability Computation of Networked Information Systems. in International Conference on Computational Intelligence and Security(CIS'2005).2005: Springer-Verlag Berlin Heidelberg.
149. A W Krings, M.H.A., A Graph Based Model for Survivability Analysis. in Technical Report, UI-CS-TR-02-024, Computer Science Department, University of Idaho,2004.
150.包秀国,胡铭曾,张绍瑞,张宏莉.两种网络安全管理系统的生存性定量分析方法.通信学报,2004,25(9):34-41.
151. Wang Jian, Wang Huiqiang, Zhao Guosheng. A Novel Quantitative Analysis Model for Information System Survivability Based on Conflict Analysis. Tsinghua Science and Technology,2007,12(S1):217~222.
152. Zhao Guosheng, Wang Huiqiang, WangJian. A Novel Formal Analysis Method of Network Survivability Based on Stochastic Process Algebra. Tsinghua Science and Technology,2007,12(S1):175~179.
153.赵国生,王慧强,王健.信息系统可生存性的定量分析模型.计算机工程,2008,34(6):41-42.
154. Garsva E. Computer system survivability modeling by using stochastic activity network. In:Lecture Notes in Computer Science:Computer Safety, Reliability, and Security,2006,4166:71~84.
155.冯登国,张阳,张玉清.信息安全风险评估综述.通信学报,2004,25(7):10-18.
156.科飞管理咨询公司.信息安全风险评估.中国标准出版社,2005.
157.国务院信息化工作办公室.信息安全风险评估指南(GB征求意见稿).2005.
158.信息安全技术-信息安全风险评估规范.北京:国家标准出版社,2008.
159.张涛,胡铭曾,云晓春,张永铮.计算机网络安全性分析建模研究.通信学报,2005,26(12):100-109.
160. CVSS:http://www.xhocus.net.
161.王永杰,鲜明,刘进等.基于攻击图模型的网络安全评估研究.通信学报,2007,28(3):29-34.
162.朱振国,邹羽,张闽等.一种量化的网络安全态势评估方法.微计算机信息,2007,23(7-3):62-64.
163张永铮,方滨兴,云晓春.一种主机系统安全的量化风险评估方法.计算机工程,2005,31(14):147-149.
164.史亮,庄毅.一种定量的网络安全风险评估系统模型.计算机工程与应用,2007,43(18):146-149.
165.张义荣,鲜明,王国玉.一种基于网络嫡的计算机网络攻击效果定量评估方法.通信学报,2004,25(11):158-265.
166.谷勇浩.信息系统风险管理理论与关键技术研究.博士学位论文,2007.
167.刘胜航.基于层次分析法的网络风险状态评估模型.计算机安全,2006,2:19-24.
168. P T Chang, K C Hung. Applying the Fuzzy-Weighted-Average Approach to Evaluate Network Security Systems. Computers and Mathematies with Applications,2005,49:1797~1814.
169.汪楚娇,林果园.网络安全风险的模糊层次综合评估模型.武汉大学学报(理学版),2006,52(5):622-626
170.朱而刚,张素英.基于灰色评估的信息安全风险评估模型.信息安全与通信保密,2004,07:46-47.
171.王健.信息系统可生存性定量评估指标体系研究.哈尔滨工程大学博士论文,2008.
172高献伟.林雪纲,许榕生.生存性分析方法中的3R量化分析.计算机仿真,2004,21(11):125-128.
173. Lin Xuegang, Zhu Miaoliang, Xu Rongsheng. A Framework for Quantiyfing Inofmration System Survivability. In:the 3rd International Conefreneeon Inofrmation Technology and Applieations, July,2005, 552-555.
174.刘海波.自然权重原理及其在煤矿安全评价中的应用.中南大学博士论文,2006.
175.龙百元,谢冬表,万里平.基于近似权重计算的网络安全威胁评估方法.计算技术与自动化,2008,27(1):88-91.
176.李放歌,柏继云,赵红杰.层次分析积因子位次赋值数据求权重研究.运筹与管理,2005.6(14):60-63.
177.楼文高,姜丽,孟祥辉.计算机网络安全综合评价的神经网络模型.计算机工程与应用,2007,43(32):128-131.
178.韩立岩,汪培庄.应用模糊数学.北京:首都经济贸易大学出版社,1989,209-213。
179.蔡佳,罗继勋,旷艾喜等.基于变权模糊综合评判的目标威胁评估算法.电光与控制,2009,16(12):80-84.
180.林闯,汪洋,李泉林.网络安全的随机模型方法与评价技术.计算机学报,2005,28(12):1943-1955.
181.李书刚.概率论与数据统计.北京:科学出版社,2010.
2. Hollway BA, Neumann PG. Survivable computer—communication systems:The Problem and working group recommendations. Washington:US Army Research Laboratory,1993.
3. Nancy R Mead, Robert J Ellison, Richard C Linger et al. Survivable Network Analysis Method. http://www.cert.org/archive/pdf/00tr013.pdf.
4. R J Ellison, D A Fisher, R C Linger et al. An Approach to Survivable Systems. In:the NATO IST Symposium on Protecting Information Systems in the 21 St Century, Washington, DC,1999,10.
5. Richard C Linger, Howard F Lipson, John McHugh et al. Life-Cycle Models for Survivable Systems. Sledge TECHNICAL REPORT CMU/SEI-2002-TR-026ESC-TR-2002-026.2002,10.
6. Algirdas Aviienis, Jean-Claude Laprie, Brian Randell, and Carl Landwehr. Basic Concepts and Taxonomy of Dependable and Secure Computing. IEEE Transactions on Dependable and Secure Computing,2004, 1(1):11-33.
7. R J Ellison, D A Fischer, R C Linger, H F Lipson, T Longstaff and N R Mead. Survivable Network System: An Emerging Discipline. Technical Report CMU/SEI-97-TR-013, Carnegie Mellon Univ., May 1999.
8. Jiang T Z. A New definition of Survivability of Communication Networks. Military Communication Conferenee: Military Communication in a Changing World, IEEE,1991:2007-2012.
9. [9] U S Department of Commerce. National Telecommunications and Information Administration. in Institute for Telecommunications Services, Federal Standard 1037C.
10. Moitra Soumyo D, Konda Suresh L. A Simulation Model for Managing Survivability of Networked Information Systems.Technical RePort CMU/SE-2000-TR-020,2000.
11. Jha Sanjay K, Wing Jeannette M, Linger Riehard C, et al. Survivability Analysis of Network Specification. Intemational Conference on Dependable Systems and Networks (DSN2000), NewYork, NY, USA:IEEE Computer Soeiety,2000.
12. Kinght John C, Strunk Elisabeth A, Sullivan Kevin J. Towards A Rigorous Definition of Information System Survivability. The DARPA Information Survivability Conference and Exposition (DISCEX'03), Washington.DC:2003.
13.杨超,马建峰.可生存网络系统的形式化定义.电子科技,2004,4:1-4.
14. Information Survivability Workshops.www.cert.org/research/isw.html.
15. Malicious and Accidental-fault Tolerance for Internet Applications.IST Programme RTD Research Project IST-1999-11583. http://www.maftia.org.
16. CCERT. http://www.ccert.edu.cn.
17.关于国家重点基础研究发展计划973计划[EB/OL] http://www.973.gov.cn/mana/contfile/web /234/20051271353429a.doc,2005
18.国家自然科学基金委员会与微软亚洲研究院联合资助项http://www.nsfc.gov.cn/nsfc/cen/ xmzn/2006xmzn/06th/102.htm,2006.
19中华人民共和国科学技术部.先进制造与自动化技术领域现代集成制造系统技术主题课题申请指南[EB/OL],2001.
20. Kant L, Chen W. Service Survivability in Wireless Networks via Multi-layer Self-healing. In:Wireless Communications and Networking Conference,2005, IEEE Volume 4,2005,2446~2452.
21. Jha S, Wing J M. Survivability Analysis of Networked Systems. The 23rd International Coferencc on Software Engineering. Toronto, Ontario, Canada,2001:3007~317.
22.林雪纲,朱淼良,许榕生.信息系统生存性的层次化计算.浙江大学学报,2006,40(11):1960-1965.
23. Lueam P, Liu P. The Design of an Adaptive Intrusion Tolerant Database System. Foundations of intrusion Tolerant Systems, Oasis,2003,14~21.
24. Daskapan S, Vree W G. Self-organizing Trust Principle for Survivable Systems. International Conference on Artificial and Computational Intelligence, Tokyo, Japan,2002,7~12.
25.赵国生,王慧强,王健.一种基于自主配置的网络可生存性增强技术研究.武汉大学学报(理学版),2006,52(5):582-586.
26.赵国生,王慧强,王健CLDF:一种增强关键服务可生存性的应急调度算法.解放军理工大学学报,2008,9(5):528-531.
27. Choi B K, Rho S, Battati R. Fast software component migration for applications survivability in distributed real-time systems. Object-Oriented Real-Time Distributed Computing. In:proceedings Seventh IEEE International Sysposium,2004,269~276.
28.协同信息与系统实验室.海量信息系统可生存性分析方法及软件可生存性增强技术[EB/OL]. http:// cscw.fudan.edu.cn/main-project.htm,2006.
29. TIA1.2Working Group. http://www.tl.ort/tlal/al2-hom.htm.
30.陈守煜.工程模糊集理论与应用[M].北京:国防工业出版社,1998.
31.陈守煜.可变模糊集理论哲学基础.大连理工大学学报(社会科学版),2005,26(1):53-57.
32.陈守煜.工程可变模糊集理论与模型——模糊水文水资源学数学基础.大连理工大学学报,2005,45(2):308-312.
33.陈守煜.可变模糊集合理论——兼论可拓学的数学与逻辑错误.大连理工大学学报,2007,47(4):618-624.
34.陈守煜.可变模糊集合方法及论可拓关联函数基本公式错误.水电能源科学,2005,23(5):1-4.
35.陈守煜.相对隶属函数的系统辩证论哲学基础.系统辩证学学报,1996,4(2):26-29.
36.陈守煜.基于可变模糊集的辩证法三大规律数学定理及其应用.大连理工大学学报,2010,50(5):838—844.
37.陈守煜,袁晶瑄,李亚伟.基于可变模糊集的模糊聚类迭代模型及其应用.大连理工大学学报,2008,48(6):881-886.
38.陈守煜.基于可变模糊集的质变与量变定理——兼论集对分析.数学的实践与认识,2009,39(11):195-201.
39.陈守煜.模糊可变集合的拓展:可变集合——兼论可拓零界关联函数等于零的错误[C].数学及其应用,北京:原子能出版社,2007.
40.陈守煜.可变模糊集合理论与可变模型集.数学的实践与认识,2008,38(18):146-153.
41. Bass T. Multisensor data fusion for next generation distributed intrusion detection systems.1999 IRIS National Symp. On Senso rand Data Fusion.Laurel,1999,24-27.
42. BassT. Intrusion systems and multisensor data fusion:Creating cyberspace situational awareness. Communications of the ACM,2000,43(4):99~105.
43. D'Ambrosio B, Takikawa M. Upper D, et al. Security situation assessment and response evaluation. In: DARPA Information Survivability Conf.& Exposition II. Anaheim,2001,387~394.
44. Porras P, Fong M, Valdes A. A mission.-impact-based approach to INFOSEC alarm correlation. In:Proc. of the 15th Int'l Symp. On Recent Advances in Intrusion Detection. Zurich,2002,95~114.
45. Hariri S, Qu GZ, Dharmagadda T, et al. Impact analysis of faults and attacks in large-scale networks. IEEE Security & Privacy,2003,1(5):49~54.
46. Bearavolu R, Lakkaraju K, Yurcik W. NVisionIP:An Animate State Analysis Tool for Visualizing NetFlows. FLOCON Network Flow Analysis Workshop (Network Flow Analysis for Security Situational Awareness), Sept.2005.
47. Yin X X, Yurcik W, Slagell A. The Design of VisFlowConneet-IP:a Link Analysis System for IP Seeurity Situational Awareness. In:Third IEEE International Workshop on Information Assurance (IWIA),2005
48. Li Z M, Taylor J, Partridge E, etal. UCLog:A Unified, Correlated Logging Aichiteeture for Intrusion Detection. In:12th International ConferenceonTelecommunication Systems Modeling and Analysis(ICTSM), 2004.
49.胡华平.面向大规模网络的入侵检测与预警系统研究.国防科技大学学报,2003,25(1)
50.北京理工大学信息与对抗技术研究中心.网络安全态势评估系统技术白本书http://www.thinkor.eom/produet/download/网络安全态势评估系统技术白皮书 2.doc,2005.
51.陈秀真,郑庆华,管晓宏等.层次化网络安全威胁态势量化评估该方法.软件学报,2006,17(4):885-897.
52. Lai J B, Wang H Q, Zhu L. Study of network security situation awareness model based on simple additive weight and grey theory. International ConferenceonComputational-Intelligence and Security, NOV 03~06, 2006.
53.赵国生,王慧强,王健.基于灰色verhulst的网络安全态势感知模型.哈尔滨工业大学学报,2008,40(5):798-801.
54.赵国生,王慧强,王健.基于灰色关联分析的网络可生存性态势评估方法.小型微型计算机系统,2006,27(10):1861-1864.
55. Hu W, Li J H, Shi J J. A novel approach to cyberspace security situation based on the vulnerabilities analysis. Proeeeding sof the 6th World Congress on Intelligent Control and Automation, June,2006, Dalian, China.
56.刘同明,夏祖勋,解洪成.数据融合技术及其应用.北京:国防工业出版社,1998.
57.康耀红.数据融合理论与应用.西安:西安电子科技大学出版社,1997.
58.刘密霞.网络完全正确态势分析与可生存性评估研究.兰州理工大学博士论文,2008.
59. Keromytis A, et al. A Holistic Approach to Service Survivability[C]. In:Proceedings of the 2003 ACM workshop on Survivable and Self-regenerative systems, In Association with 10th ACM Conference on Computer and Communications Security,2003,11~20.
60.王东霞,窦文华.保证关键服务生存性的ATM网络资源管理.计算机研究与发展.2000,37(1):50-54.
61.史国炜,曹烈光.SDH接入网的网络生存性研究.清华大学学报(自然科学版),2003,43(9):1269-2171.
62. J P Xu, W Wu. The Theory and Method of Multiple Attribute Decision Making [M]. Published by TsingHua University Press,2006,260~261.
63.张维明,毛捍东,陈锋.一种基于图论的网络安全分析方法研究.国防科技大学学报,2008,30(2):97-101
64.王健,王慧强,赵国生.基于序列蒙特卡罗的网络生存态势跟踪预测.哈尔滨工业大学学报,2008,40(5):802-806.
65. Jian Wang, Huiqiang Wang, Guosheng Zhao. Formal modeling and quantitative evaluation for information system survivability based on PEPA. The Journal of China Universities of Posts and Telecommunications, 2008,15(2):88~96.
66.王健,王慧强,赵国生.基于不确定型AHP的网络生存能力模糊综合评估.计算机科学,2006,33(6):73-76.
67.王健,王慧强,赵国生.基于模糊矩阵博弈的网络可生存策略选择模型.武汉大学不宾阳,2007,53(5):531-534.
68王健,王慧强,赵国生.一种增强系统可生存性的多目标资源重配算法.计算机研究与发展,2006,43(52):487-491.
69. Huiqiang Wang, Jian Wang, Guosheng Zhao. A new bio-inspired model for network security and its application. The 8th Asia-Pacific Web Conference,2006,756-759.
70. Huiqiang Wang, Jian Wang, Guosheng Zhao. A comprehensive assessment method for network survivability. 2008 International Conference on Internet Computing in Science and Engineering,2008,335~338.
71. Zhuang Shangyi. A n efficient Web cluster with content aware request distribution on Lnux kernel 2.6[D].T aipei:Department of Information Management, National Chi-Nan Univ ersity,2008.
72. Chiang Meiling, Lin Yuchen, Guo Lianfeng. Design and implementation of an efficient Web cluster with content based request distribution and file caching.Journal of Systems and Software,2008,81(11):2044~ 2058.
73. Sharifian S, Motamedi S A, A kbari M K. A content based load balancing algorthm with admission control for cluster Web servers. Future Generation Computer Systems,2008,24(8):775~787.
74. Benvenuti C. Understanding Linux Network Internals [M]. Beijing:O Reilly Media Inc,2005.
75. Ming Xu. Effective Internet Grid Computing for Industrial Users. IEEE,2001,30~45.
76. A Bucur, D Epema. Local versus Global Queues with Processor Co-Allocation in Multicluster Systems. Workshop on job Scheduling Strategies for Parallel Processing,2002, Vol 2537 ofLNCS,132-200.
77.柳清瑞.中间件的负载均衡技术研究.小型微型计算机系统,2002(3):p21-26
78.燕彩蓉,沈钧毅.一种基于预取的集群服务器调度算法田.控制与决策.2006,21(3):319-322
79. Lei Y C, GongYL, ZhangS, etal. Researeh on Seheduling Algorithm in Web Cluster Servers. Journal of Computer Science and Technology,2003,18(6):703~716
80.苏飞,赵金雁.基于TL_Scheduling的异构集群负载均衡算法的研究与应用.计算机工程与设计,2008,29(15):3878-3880
81.陈亮,王加阳.基于粗糙集的负载均衡算法研究.计算机工程与科学,2010,32(1):101-104.
82.杜鸿,薛弘晔,白欣.一种基于任务表方法的实时集群平台.计算机工程,2005,31(18):76-78.
83.马双良,张英敏,宋丽君.基于LVS和计算任务的实时集群负载均衡方法.计算机工程与设计,2007,28(20):34-37.
84. Buttazzo G, Spuri M, Sensini F. Value VS Deadline Acheduling in Overload Conditions[C]//N proc of the16th IEEE Real time Systems Symp,1995:90~99.
85. Burns A, Prasad D, Bondavalli A, et al. The Meaning and Role of Value in Scheduling Flexible Real Time Systems. Journal of Systems Architecture,2000,46 (4):305-325.
86. Lu C Y, Stankovic J A. Design and Evaluation of a Feedback Control EDF Scheduling Algorithnl. Proceedings of the 20th IEEE Real-Time Systems Symposium. Phoenix, Arizona:IEEE Computer Society, 1999,55-66.
87. Huang J, Stankovic J, Towesly D, etal. Experimental Evaluation of Real-time Transaction processing. Proceedings of the 10th IEEE Real-Time Systems Symposium. Santa Monica:IEEE Computer Society,1989, 144-153.
88.金宏,王宏安,王强等.一种任务优先级的综合设计方法.软件学报,2003,14(3):376-382.
89.王永炎,王强,王宏安等.基于优先级表的实时调度算法及实现.软件学报,2004,15(3):360-370.
90. Cohen F.Simulating Cyber Attacks, Defenses and Consequenees. http://all.net/joumal/ntb/simulate/ simulate.html,1999-3/2009-3.
91. C A Carve, U pooch. A Methodology for Using Intelligent Agent to Provide Automated Intrusion Response. New York:IEEE Sysetms, Man and Cybernetics InofmrationAssurance and Securiyt Workshop, West Point, 2000,163~175.
92. Schnackenberg D, Holliday H, Smith R. Cooperative IntrusionTraceback and Response Architecture (CITRA). In Proeeedings of the 2th DARPA Information Survivability Conference and Exposition,2001.
93.朗波,郑久丹.基于移动代理的自动入侵响应实施方法研究.北京航空航天大学学报,2003,29(10):59-62.
94.张运凯,张玉清.自动入侵响应系统的研究.计算机工程与设计,2004,30(11):5-7.
95 石进,陆音,谢立.基于博弈理论的动态入侵响应.计算机研究与发展,2008,45(5):747-757.
96.郭宇,孙敏.基于SVM成本决策分析模型的入侵响应研究.计算机应用,2007,27(11):2704-2706。
97. Dan Schnackenberg, Harley Holliday, Randall Smith, et al. Cooperative Intrusion Traceback and Response Architecture [C].Proc of DARPA Information Survivability Conference and Exposition. Piscataway, NJ:IEEE Computer Society,2001.
98. Thomas Toth, Christopher Kruegel. Evaluating the impact of automated intrusion response mechanisms. Porc of the 18th Annual Computer Security Application Conference, Washington, DC:IEEE Computer Society, 2002.
99. Wenke Lee. Toward cost-sensitive modeling for intrusion detection and respose. Journal of Computer Security,2002,10(2):5~22.
100. Sapon Tanachaiwiwat, Kai Hwang, Yue Chen. Adaptive intrusion response to minmize risk over multiple network attacks [OL][2002-08-027]. http://ceng.use.edu/~kaihwang/papers/ACM827.pdf.
101. Ashish Gehani, Gershon Kedem. RheoStat:Real-time Risk Management[C]. Proc of the 7th Int'l Symp on Recent Advances in Intrusion Detection. Berlin:Springer,2004.
102.张宁等.基于成本评估模型的入侵响应系统的研究.计算机仿真,2006,23(5):249-253.
103. Fengmin Gong, Katerina Goseva-Popstojanova, Feiyi Wang. Characterizing Intrusion Tolerant Systems Using A State Transition Model.//Proc. Of DARPA Information Survivability Conference and Exposition II. California, USA:IEEE Press,2001,211~221.
104. Curtis A, Carver. Intrusion Response Systems:A Surver[J/OL].http://faculty.cs.tamu.edu/pooch/course/ CPSC665/Spring2001/Lessons/Intrusion_Detection_and_Response,2001-2/2009-3.
105.石进,陆音,谢立.基于博弈理论的动态入侵响应.计算机研究与发展,2008,45(5):747-757.
106. U Lindqvist, E Jonsson. How to Systematically Classify Computer Security Intrusions. Proceeding of 1997 IEEE Symp, on Security and Privacy, Oakland, CA, May4-7,1997.
107.赵国生,王慧强.可生存性网络的形式化建模与分析.通信学报,2006,27(11A):48-52.
108. Zhao Guosheng, Wang Huiqiang, Wang Jian. An Emergency Algorithm for Enhancing Survivability of Key-Service. Journal of Southeast University,2007,23(3):443~446.
109. Zhao Guosheng, Wang Huiqiang, Wang Jian. A Novel Situation Awareness Model for Network Systems' Security, Lecture Notes in Computer Science, ICCS'07, Bingjing, China,2007,1077~1084.
110.刘密霞,张秋余,赵宏等.入侵检测报警相关性及评测数据集研究.计算机应用研究,2008,25(10):3108-3111.
111.张乐君,国林,王巍等.网络系统可生存性评估与增强技术研究概述.计算机科学,2007,34(8):30-33.
112.王树鹏,云晓春,余翔湛.系统生存性增强技术研究.哈尔滨工业大学学报,2007,39(3):452-461
113.赖积保,王慧强,王健.系统可生存性研究综述.计算机科学,2007,34(3):237-239.
114.杨璐,邱代燕,刘彤.网络生存性综述.计算工程与设计,2005,26(5):1225-1227.
115.王超,马建峰,朱建明.网络系统的可生存性研究综述.网络安全技术与应用,2006,6:15-17.
116.李黎,管晓宏,赵千川等.网络生存适应性的多目标评估.西安交通大学学报,2010,44(10):1-7.
117张永,方滨兴,包秀国.网络可生丰研究概述.计算机工程与应用,2005,7:119-121.
118.张益,霍珊珊.网络存储系统可生存下量化评估.清华大学学报,2009,49(S2):2119-2125.
119. Huiqiang Wang, Jian Wang and Guosheng Zhao. Index system of information systems survivability:formal definitions and reasoning. Internation Conference on Internet Computing in Science and Engineering.2008: 294-297.
120. Huiqiang Wang, Jian Wang, Guosheng Zhao. A comprehensive bio-inspired model for network security. The First International Conference on Semantics, Knowledge and Grid,2006.
121.国林,张乐君,杨永田等.随机PETRI网在信息系统服务能力分析中的应用.昆明理工大学学报(理工版),2007,32(6A):206-209.
122.张乐君,王巍,国林等.基于攻击场景的信息系统生存性计算.计算机工程,2008,34(6):137-139.
123.张乐君,周渊,国林,王巍,杨永田.基于自主配置的系统生存性增强算法研究.通信学报,2007,28(12):102-107.
124.张薇,马建峰,王良民等.门限Byzantine quorum系统及其在分布式存储中的应用电子学报,2008,36(2):314-319.
125.张薇,马建峰,柳曙光,王超.可生存的存储网络与Quorum系统.通信学报,2007,28(11A):121-124.
126. Zhang Wei, Ma Jianfen. A reliable and Asymmetric Data Distribution Scheme for Survivable Storage. China Communications,2006,3(4):70~75.
127.杨超,马建峰.可生存网络系统的形式化定义.电子科技,2004,(4):1-4.
128.林雪纲,许榕生.一种信息系统生存性的量化分析框架.电子与信息学报,2006,28(9):1721-1726.
129.包秀国,胡铭曾,张宏莉等.两种网络安全管理系统的生存性定量分析方法.通信学报,2004,25(9):34-41.
130.王超,马建峰.可生存网络系统的构建方法.电子学报,2005,33(B12):2336-2341.
131. Lejun Zhang, Lin Guo, Wu Yang, etal. An efficient survivability Hierarchy Analysis Model for networked information system. Proceedings of the Third international conference on Computational intelligence and security,2007,759~762.
132. Liu Mixiao, Zhang Qiuyu, Zhao Hong. Network security situation assessment based on data fusion. First International Workshop on Knowledge Discovery and Data Ming,2008.
133.王冀鲁,张益,余镇危等.网络存储系统可生存性定量评价研究.计算机工程,2010,36(4):33-35.
134.潘世英.生存性定义研究.科学信息,2007,13:7-8.
135.汪晶晶,杨晓元,董斌.可生存的开放式对等存储系统.计算机工程,2010,36(21):146-148.
136.郝宁波.可生存性网络的容量增强与优化算法.软件导刊,2010,9(11):63-65.
137.王志文,卢柯,王晓飞.基于博弈论的信息系统生存性提升方法研究.计算机科学,2010,37(9):81-84.
138.徐慧,周建美,程学云.基于免疫的可生存网络研究与设计.计算机应用,2010,30(5):1194-1197.
139.孟祥宏.电子政务系统的可生存性策略研究.信息安全与通信保密,2010,3:50-52.
140. Tzi-cker Chiueh, Dhruv Pilania. Design, Implementation, and Evaluation of a Repairable Database management System. In:Proceedings of 21st International Conference on Data Engineering,2005,10024~ 1035.
141. Soulla Louca, A P George Samaras. On network survivability algorithms based on trellis graph transformations. Fourth IEEE Symposium on Computers and Communications, ISCC'99, Red Sea, Egypt~ 1999.
142. T1A1.2 Working Group on Network Survivability Performance, in Technical report on enhanced net-work survivabiiity performance. Technical report,2001.
143. Yonguang Zhang, et al. Heterogeneous networking:A new survivability paradigm. in 10th New Security Paradigm Workshop (NSPW),2001.
144. Ellison R, Fisher D, Linger R. Survivable Network system Analysis:A Case Study. Software, IEEE,1999, 16(4):70~77
145.王益丰,李涛,胡晓勤,宋程.一种基于人上免疫的网络安全实时风险检测方法.电子学报,2005,33(5):945-949.
146. Chi-Hung Kelvin Chu, M.C.. An integrated framework for the assessment of network operations, reliability, and security. Bell Labs Technical Journal,2004.8(4):133~152.
147. Xuegang Lin, M.Z., and Rongsheng Xu. A Framework for Quantifying Information System Survivability. in Proceedings of the Third International Conference on Information Technology and Applications(ICITA'05). 2005, Sydney, Australia.
148. Xuegang Lin, R.X., and Miaoliang Zhu. Survivability Computation of Networked Information Systems. in International Conference on Computational Intelligence and Security(CIS'2005).2005: Springer-Verlag Berlin Heidelberg.
149. A W Krings, M.H.A., A Graph Based Model for Survivability Analysis. in Technical Report, UI-CS-TR-02-024, Computer Science Department, University of Idaho,2004.
150.包秀国,胡铭曾,张绍瑞,张宏莉.两种网络安全管理系统的生存性定量分析方法.通信学报,2004,25(9):34-41.
151. Wang Jian, Wang Huiqiang, Zhao Guosheng. A Novel Quantitative Analysis Model for Information System Survivability Based on Conflict Analysis. Tsinghua Science and Technology,2007,12(S1):217~222.
152. Zhao Guosheng, Wang Huiqiang, WangJian. A Novel Formal Analysis Method of Network Survivability Based on Stochastic Process Algebra. Tsinghua Science and Technology,2007,12(S1):175~179.
153.赵国生,王慧强,王健.信息系统可生存性的定量分析模型.计算机工程,2008,34(6):41-42.
154. Garsva E. Computer system survivability modeling by using stochastic activity network. In:Lecture Notes in Computer Science:Computer Safety, Reliability, and Security,2006,4166:71~84.
155.冯登国,张阳,张玉清.信息安全风险评估综述.通信学报,2004,25(7):10-18.
156.科飞管理咨询公司.信息安全风险评估.中国标准出版社,2005.
157.国务院信息化工作办公室.信息安全风险评估指南(GB征求意见稿).2005.
158.信息安全技术-信息安全风险评估规范.北京:国家标准出版社,2008.
159.张涛,胡铭曾,云晓春,张永铮.计算机网络安全性分析建模研究.通信学报,2005,26(12):100-109.
160. CVSS:http://www.xhocus.net.
161.王永杰,鲜明,刘进等.基于攻击图模型的网络安全评估研究.通信学报,2007,28(3):29-34.
162.朱振国,邹羽,张闽等.一种量化的网络安全态势评估方法.微计算机信息,2007,23(7-3):62-64.
163张永铮,方滨兴,云晓春.一种主机系统安全的量化风险评估方法.计算机工程,2005,31(14):147-149.
164.史亮,庄毅.一种定量的网络安全风险评估系统模型.计算机工程与应用,2007,43(18):146-149.
165.张义荣,鲜明,王国玉.一种基于网络嫡的计算机网络攻击效果定量评估方法.通信学报,2004,25(11):158-265.
166.谷勇浩.信息系统风险管理理论与关键技术研究.博士学位论文,2007.
167.刘胜航.基于层次分析法的网络风险状态评估模型.计算机安全,2006,2:19-24.
168. P T Chang, K C Hung. Applying the Fuzzy-Weighted-Average Approach to Evaluate Network Security Systems. Computers and Mathematies with Applications,2005,49:1797~1814.
169.汪楚娇,林果园.网络安全风险的模糊层次综合评估模型.武汉大学学报(理学版),2006,52(5):622-626
170.朱而刚,张素英.基于灰色评估的信息安全风险评估模型.信息安全与通信保密,2004,07:46-47.
171.王健.信息系统可生存性定量评估指标体系研究.哈尔滨工程大学博士论文,2008.
172高献伟.林雪纲,许榕生.生存性分析方法中的3R量化分析.计算机仿真,2004,21(11):125-128.
173. Lin Xuegang, Zhu Miaoliang, Xu Rongsheng. A Framework for Quantiyfing Inofmration System Survivability. In:the 3rd International Conefreneeon Inofrmation Technology and Applieations, July,2005, 552-555.
174.刘海波.自然权重原理及其在煤矿安全评价中的应用.中南大学博士论文,2006.
175.龙百元,谢冬表,万里平.基于近似权重计算的网络安全威胁评估方法.计算技术与自动化,2008,27(1):88-91.
176.李放歌,柏继云,赵红杰.层次分析积因子位次赋值数据求权重研究.运筹与管理,2005.6(14):60-63.
177.楼文高,姜丽,孟祥辉.计算机网络安全综合评价的神经网络模型.计算机工程与应用,2007,43(32):128-131.
178.韩立岩,汪培庄.应用模糊数学.北京:首都经济贸易大学出版社,1989,209-213。
179.蔡佳,罗继勋,旷艾喜等.基于变权模糊综合评判的目标威胁评估算法.电光与控制,2009,16(12):80-84.
180.林闯,汪洋,李泉林.网络安全的随机模型方法与评价技术.计算机学报,2005,28(12):1943-1955.
181.李书刚.概率论与数据统计.北京:科学出版社,2010.