网络信息系统可生存性的若干关键技术研究
|
摘要
随着社会发展的日趋网络化和信息化,网络信息系统在政府、国防、工业及商业等各个部门都扮演着举足轻重的角色。然而面对网络大规模化和信息系统内外环境的复杂化,以及网络攻击和破坏行为的多样化,网络攻击和入侵已经不可避免,防不胜防。任何系统都不能保证是绝对安全的,因此,传统的安全防御和检测技术已经不能满足网络信息系统发展的实际需求,现阶段人们更关注的是系统在遭到破坏以后能否继续向用户提供满意的服务,这就是网络信息系统的可生存性。
网络信息系统可生存性研究主要包括可生存性的评估、预测分析和可生存性的增强技术三个重要领域,其中可生存性评估技术就是使用各种方法对目标系统进行简化并建立合适的模型以便进行定性及定量的生存性分析。可生存评估目的在于及时地获得运行中的各关键任务的生存态势,以便对其进行恰当应急响应,并为实施相适应的增强策略和技术提供了科学的依据和判定准则。而可生存预测技术主要是根据之前的历史数据建立有效的数学预测模型,以便更好的了解未来的生存性走势,提前采取防范措施,保证系统关键服务的正常运行。
由于网络信息系统的可生存性研究历史不长,大部分工作都是研究者按照自己的理解和思路给出的评估框架,并未形成统一、公认的标准,并且很多的研究都聚焦在理论的评估分析中,距离可真正进行实际应用还存在较大的差距。
本文对网络信息系统可生存性的量化评估和预测工作进行了深入的探讨,主要涉及以下几个方面的研究。
提出了一种3R1A层次化量化评估模型。作为可生存的网络信息系统必须要满足3R1A四种特性。在分析了可生存的网络信息系统的可抵抗性、可识别性、可恢复性和自适应性这4种关键属性含义的基础上,建立了一种基于3R1A层次化结构模型。首先提出了基于权限的属性攻击图算法来描述攻击情景。其中可抵抗性可进一步通过攻击情景的危害度和攻击情景的阻抗率进行刻画;可识别性可以借助攻击情景识别率和识别时间进行描述;可恢复性可以采用恢复程度、恢复时间以及恢复率进行阐述;而自适应性则可以通过自适应周期和演化延迟进行描述。在详细的解释了各个指标的含义之后,建立了这些指标的数学计算模型。最后归纳出计算系统可生存性的统一数学模型,以便有效地进行系统可生存性能的对比分析。
提出了一种面向主机和关键服务的基于攻击树的生存性量化评估模型。在研究了漏洞对网络信息系统的影响,分析了国内外基于攻击图进行安全评估的优缺点之后,扩展了从系统目标出发,以获得系统最高权限为目的系统生存性评估算法。对每个主机借助于漏洞利用和特权提升的方法生成一棵攻击树,逆向的深度优先遍历一棵树而产生独立的漏洞利用场景集合。通过漏洞利用场景描述各个关键服务的可生存态势,继而通过对整个目标系统产生的漏洞利用场景集合进行有效分析,最终得到整个系统的生存性量化评估方法。同时算法中给出了影响系统的主要因素的计算方法,实例分析表明了该算法时间上的优越性和生存性评估模型的有效性。
提出了一种基于灰色格贴近度和改进的TOPSIS相结合的生存性量化评估模型。在该模型中,首先使用传统的AHP方法分别确定了系统关键服务集和指标集的权重,避免了由经验直接给出权重的主观性。在分析关键服务的可生存状况时,使用灰色关联度分别计算出关键服务与最优解和最劣解的关联程度,然后通过灰色格贴近度确定每个关键服务综合的可生存状况,最后通过可生存函数量化出网络信息系统整体的可生存结果。通过一个实例详细阐述了该方法的计算步骤,并通过两次实验对比验证了该方法的合理性和有效性。
最后,提出了基于残差修正的GM(1,1)和ARMA(p,q)组合预测的可生存计算模型。在该模型中首先使用灰色的GM(1,1)对原始序列建立预测模型,为了提高预测的精度,对尾段残差再次建立GM(1,1)预测模型,并通过残差模型修正了原有的GM(1,1)预测模型,并得到此模型的平均绝对误差百分比。然后,又使用ARMA(p,q)系列模型对原始序列进行建模,通过候选模型的参数对比,最终选取了MA(2)作为适合的预测模型,并同样得到该模型的平均绝对误差百分比。最后通过基于残差修正的GM(1,1)模型和MA(2)模型建立了组合预测模型,并通过各种参数对比,验证了组合预测模型的有效性和准确性。
综上所述,本文主要针对网络信息系统可生存性的量化评估分析和预测模型进行了深入研究,从三种不同的角度探讨了具体的可生存评估模型和计算方法,从组合预测的角度探讨了系统可生存预测技术。从3R1A的角度,详细描述了每个关键属性的可度量指标,并建立了完善的层次模型,为日后具体实施可生存的量化分析提供了有力保障。使用逆向深度优先攻击树模型能够较快地完成搜索,并通过漏洞利用场景的实现难易度和对系统的影响严重性定量分析出系统整体的可生存状况。使用灰色格贴近度和TOPSIS结合的方法,能够充分展示出关键服务的可生存性,也间接表明了整个系统的可生存状况。最后通过较为新颖的组合模型预测出未来的可生存性能。本文的研究结果有一定的理论意义和应用价值,为网络信息系统可生存性的研究提供了借鉴和参考。
With the social development of an increasing network and information, networkinformation system plays an important role in various departments such as government,defense, industry and commerce. However, it is inevitable and hard to detect all kinds ofattacks and intrusions as a result of large-scale network, complex internal and externalenvironment of information system, as well as the diversification of network attacks andvandalism. Any system cannot guarantee that it is perfectly safe. Therefore, the traditionalsecurity defenses and detection technology cannot meet the actual needs of the networkinformation systems and at this stage people are more concerned about whether the systemcan continue to provide users with satisfying service after the destruction, which is thesurvivability of the network information system.
The survivable study of network information system includes three important areas: thesurvivability assessment, forecast and survival enhancement technology. Assessment is to usevarious methods to simplify and establish a favorable model on the target system forqualitative and quantitative survival analysis. The purpose of the survivability assessment istimely to access the survival situation of critical mission, in order to take appropriateemergency measures and it provides a scientific basis and criteria for the implementation ofcompatible enhanced strategies and technologies. Forecasting techniques may establish aneffective mathematical prediction model based on historical data so as to better understand thefuture trend of survivability and take precautionary measures in advance to ensure the normaloperation of the system critical services.
As the survivable history of network information system is not long, most of the work isto present assessment framework by the researchers according to their own understanding and ideas and it does not form a unified, accepted standards. Furthermore, many studies havefocused on the theory assessment analysis and there is a big gap to a real practical application.
This paper discusses the quantitative survivable assessment and forecast of the networkinformation system in details, which is composed of the following aspects.
A quantitative assessment method based on3R1A characteristics is provided. Resistance,recognition, recovery and adaptation are the four key attributes of the survivable networkinformation systems. After analyzing the meanings of these four attributes, a hierarchicalstructure model set up. Moreover, resistance can be further divided into the damage degree ofattack scenarios and the impedance rate of the attack scenarios; recognition can be describedby use of the recognition rate and the recognition time of the attack scenario; Recovery can beelaborated to make use of the recovery degree, recovery time and recovery rate; Adaptationcan be portrayed through the adaptive cycle and the adaptive evolution delay. Hereafter, thecalculation methods of these indicators are established, and a unified computing mathematicalmodel of the system survivability is concluded.
A critical service-oriented quantitative evaluation of survivability is presented based onthe attack scenario. After studying on the impact of vulnerabilities on the network informationsystem and analyzing the advantages and disadvantages of security assessment based onattack graph at home and abroad, a survival assessment process for critical services isconducted by the attack tree. An attack tree is generated for each key service on the basis ofthe privilege escalation, and a separate set of intrusion scenario is produced by the reversedepth-first traversal. Firstly, the survival trend for key services is described by intrusionscenarios. Then, effective analysis is made up with the intrusion scenario collection of theentire forest. Ultimately, get quantitative evaluation method of the entire system's survivability.The analysis and comparison of an instance show the superiority of space and correctness ofthe algorithm.
Combining grey grid closeness and Improved TOPSIS can evaluate the survivability ofthe network information system. The first is to use the traditional AHP method to determinethe system and the weights of critical set of services and the index set, which avoids thesubjectivity of experience which gives the weight directly. When analyze the survivability ofkey services, grey correlation degree is used to calculate the degree of association between thekey services and the optimal solution and the worst solution, and then use the grey gridcloseness to determine the degree of each critical service integrated survivability. Finally, through survival function is used to quantify the overall survival results of the networkinformation system. Elaborate an example of the method of calculation steps, and comparingtwo experiments verifies the rationality and effectiveness of the method.
Finally, a combination forecasting model is proposed based on residual amendmentGM(1,1) and ARMA(p,q). In this model, the first is to use the grey GM(1,1) model toestablish the original series prediction. In order to improve the prediction accuracy, the use ofresiduals on the tail section re-establishes GM(1,1) prediction model, and through the residualmodel amends the original GM(1,1) prediction model and meanwhile the prediction modelobtains mean absolute percentage error. Then, we use the ARMA(p,q) models to build theoriginal sequence by comparing the candidate model parameters, and ultimately select theMA(2) as appropriate for the prediction model. The model also gives the mean absolutepercentage error. Finally, combination forecasting model is established based on residualmodified GM(1,1) model and the MA(2) model, and By comparing various parameters, weverify the effectiveness of combined forecasting model and accuracy.
In summary, this paper deeply studies the quantitative assessment and forecast of thenetwork information system’s survivability. It explores the specific survival evaluation modeland calculation method from three different angles and a combination forecast model. Fromthe3R1A point of view, it describes the metrics of each of the key attributes, and theestablishment of a sound-level model in detail, which provides a strong guarantee to thespecific implementation of the survival of the quantitative analysis for the future. Reversedepth-first attack tree model can be faster to complete the search, and through quantitativeanalysis of the attack-scenario difficulty shows integrated survival conditions. The use ofcombining grey grid closeness with TOPSIS method can fully demonstrate the survivability ofthe critical services which expresses the living conditions of the entire system indirectly.Finally, a novel combined model is proposed to predict the future survival performance.Thisarticle's findings have some theoretical significance and it can provide a useful reference forthe survivability of the network information system.
网络信息系统可生存性研究主要包括可生存性的评估、预测分析和可生存性的增强技术三个重要领域,其中可生存性评估技术就是使用各种方法对目标系统进行简化并建立合适的模型以便进行定性及定量的生存性分析。可生存评估目的在于及时地获得运行中的各关键任务的生存态势,以便对其进行恰当应急响应,并为实施相适应的增强策略和技术提供了科学的依据和判定准则。而可生存预测技术主要是根据之前的历史数据建立有效的数学预测模型,以便更好的了解未来的生存性走势,提前采取防范措施,保证系统关键服务的正常运行。
由于网络信息系统的可生存性研究历史不长,大部分工作都是研究者按照自己的理解和思路给出的评估框架,并未形成统一、公认的标准,并且很多的研究都聚焦在理论的评估分析中,距离可真正进行实际应用还存在较大的差距。
本文对网络信息系统可生存性的量化评估和预测工作进行了深入的探讨,主要涉及以下几个方面的研究。
提出了一种3R1A层次化量化评估模型。作为可生存的网络信息系统必须要满足3R1A四种特性。在分析了可生存的网络信息系统的可抵抗性、可识别性、可恢复性和自适应性这4种关键属性含义的基础上,建立了一种基于3R1A层次化结构模型。首先提出了基于权限的属性攻击图算法来描述攻击情景。其中可抵抗性可进一步通过攻击情景的危害度和攻击情景的阻抗率进行刻画;可识别性可以借助攻击情景识别率和识别时间进行描述;可恢复性可以采用恢复程度、恢复时间以及恢复率进行阐述;而自适应性则可以通过自适应周期和演化延迟进行描述。在详细的解释了各个指标的含义之后,建立了这些指标的数学计算模型。最后归纳出计算系统可生存性的统一数学模型,以便有效地进行系统可生存性能的对比分析。
提出了一种面向主机和关键服务的基于攻击树的生存性量化评估模型。在研究了漏洞对网络信息系统的影响,分析了国内外基于攻击图进行安全评估的优缺点之后,扩展了从系统目标出发,以获得系统最高权限为目的系统生存性评估算法。对每个主机借助于漏洞利用和特权提升的方法生成一棵攻击树,逆向的深度优先遍历一棵树而产生独立的漏洞利用场景集合。通过漏洞利用场景描述各个关键服务的可生存态势,继而通过对整个目标系统产生的漏洞利用场景集合进行有效分析,最终得到整个系统的生存性量化评估方法。同时算法中给出了影响系统的主要因素的计算方法,实例分析表明了该算法时间上的优越性和生存性评估模型的有效性。
提出了一种基于灰色格贴近度和改进的TOPSIS相结合的生存性量化评估模型。在该模型中,首先使用传统的AHP方法分别确定了系统关键服务集和指标集的权重,避免了由经验直接给出权重的主观性。在分析关键服务的可生存状况时,使用灰色关联度分别计算出关键服务与最优解和最劣解的关联程度,然后通过灰色格贴近度确定每个关键服务综合的可生存状况,最后通过可生存函数量化出网络信息系统整体的可生存结果。通过一个实例详细阐述了该方法的计算步骤,并通过两次实验对比验证了该方法的合理性和有效性。
最后,提出了基于残差修正的GM(1,1)和ARMA(p,q)组合预测的可生存计算模型。在该模型中首先使用灰色的GM(1,1)对原始序列建立预测模型,为了提高预测的精度,对尾段残差再次建立GM(1,1)预测模型,并通过残差模型修正了原有的GM(1,1)预测模型,并得到此模型的平均绝对误差百分比。然后,又使用ARMA(p,q)系列模型对原始序列进行建模,通过候选模型的参数对比,最终选取了MA(2)作为适合的预测模型,并同样得到该模型的平均绝对误差百分比。最后通过基于残差修正的GM(1,1)模型和MA(2)模型建立了组合预测模型,并通过各种参数对比,验证了组合预测模型的有效性和准确性。
综上所述,本文主要针对网络信息系统可生存性的量化评估分析和预测模型进行了深入研究,从三种不同的角度探讨了具体的可生存评估模型和计算方法,从组合预测的角度探讨了系统可生存预测技术。从3R1A的角度,详细描述了每个关键属性的可度量指标,并建立了完善的层次模型,为日后具体实施可生存的量化分析提供了有力保障。使用逆向深度优先攻击树模型能够较快地完成搜索,并通过漏洞利用场景的实现难易度和对系统的影响严重性定量分析出系统整体的可生存状况。使用灰色格贴近度和TOPSIS结合的方法,能够充分展示出关键服务的可生存性,也间接表明了整个系统的可生存状况。最后通过较为新颖的组合模型预测出未来的可生存性能。本文的研究结果有一定的理论意义和应用价值,为网络信息系统可生存性的研究提供了借鉴和参考。
With the social development of an increasing network and information, networkinformation system plays an important role in various departments such as government,defense, industry and commerce. However, it is inevitable and hard to detect all kinds ofattacks and intrusions as a result of large-scale network, complex internal and externalenvironment of information system, as well as the diversification of network attacks andvandalism. Any system cannot guarantee that it is perfectly safe. Therefore, the traditionalsecurity defenses and detection technology cannot meet the actual needs of the networkinformation systems and at this stage people are more concerned about whether the systemcan continue to provide users with satisfying service after the destruction, which is thesurvivability of the network information system.
The survivable study of network information system includes three important areas: thesurvivability assessment, forecast and survival enhancement technology. Assessment is to usevarious methods to simplify and establish a favorable model on the target system forqualitative and quantitative survival analysis. The purpose of the survivability assessment istimely to access the survival situation of critical mission, in order to take appropriateemergency measures and it provides a scientific basis and criteria for the implementation ofcompatible enhanced strategies and technologies. Forecasting techniques may establish aneffective mathematical prediction model based on historical data so as to better understand thefuture trend of survivability and take precautionary measures in advance to ensure the normaloperation of the system critical services.
As the survivable history of network information system is not long, most of the work isto present assessment framework by the researchers according to their own understanding and ideas and it does not form a unified, accepted standards. Furthermore, many studies havefocused on the theory assessment analysis and there is a big gap to a real practical application.
This paper discusses the quantitative survivable assessment and forecast of the networkinformation system in details, which is composed of the following aspects.
A quantitative assessment method based on3R1A characteristics is provided. Resistance,recognition, recovery and adaptation are the four key attributes of the survivable networkinformation systems. After analyzing the meanings of these four attributes, a hierarchicalstructure model set up. Moreover, resistance can be further divided into the damage degree ofattack scenarios and the impedance rate of the attack scenarios; recognition can be describedby use of the recognition rate and the recognition time of the attack scenario; Recovery can beelaborated to make use of the recovery degree, recovery time and recovery rate; Adaptationcan be portrayed through the adaptive cycle and the adaptive evolution delay. Hereafter, thecalculation methods of these indicators are established, and a unified computing mathematicalmodel of the system survivability is concluded.
A critical service-oriented quantitative evaluation of survivability is presented based onthe attack scenario. After studying on the impact of vulnerabilities on the network informationsystem and analyzing the advantages and disadvantages of security assessment based onattack graph at home and abroad, a survival assessment process for critical services isconducted by the attack tree. An attack tree is generated for each key service on the basis ofthe privilege escalation, and a separate set of intrusion scenario is produced by the reversedepth-first traversal. Firstly, the survival trend for key services is described by intrusionscenarios. Then, effective analysis is made up with the intrusion scenario collection of theentire forest. Ultimately, get quantitative evaluation method of the entire system's survivability.The analysis and comparison of an instance show the superiority of space and correctness ofthe algorithm.
Combining grey grid closeness and Improved TOPSIS can evaluate the survivability ofthe network information system. The first is to use the traditional AHP method to determinethe system and the weights of critical set of services and the index set, which avoids thesubjectivity of experience which gives the weight directly. When analyze the survivability ofkey services, grey correlation degree is used to calculate the degree of association between thekey services and the optimal solution and the worst solution, and then use the grey gridcloseness to determine the degree of each critical service integrated survivability. Finally, through survival function is used to quantify the overall survival results of the networkinformation system. Elaborate an example of the method of calculation steps, and comparingtwo experiments verifies the rationality and effectiveness of the method.
Finally, a combination forecasting model is proposed based on residual amendmentGM(1,1) and ARMA(p,q). In this model, the first is to use the grey GM(1,1) model toestablish the original series prediction. In order to improve the prediction accuracy, the use ofresiduals on the tail section re-establishes GM(1,1) prediction model, and through the residualmodel amends the original GM(1,1) prediction model and meanwhile the prediction modelobtains mean absolute percentage error. Then, we use the ARMA(p,q) models to build theoriginal sequence by comparing the candidate model parameters, and ultimately select theMA(2) as appropriate for the prediction model. The model also gives the mean absolutepercentage error. Finally, combination forecasting model is established based on residualmodified GM(1,1) model and the MA(2) model, and By comparing various parameters, weverify the effectiveness of combined forecasting model and accuracy.
In summary, this paper deeply studies the quantitative assessment and forecast of thenetwork information system’s survivability. It explores the specific survival evaluation modeland calculation method from three different angles and a combination forecast model. Fromthe3R1A point of view, it describes the metrics of each of the key attributes, and theestablishment of a sound-level model in detail, which provides a strong guarantee to thespecific implementation of the survival of the quantitative analysis for the future. Reversedepth-first attack tree model can be faster to complete the search, and through quantitativeanalysis of the attack-scenario difficulty shows integrated survival conditions. The use ofcombining grey grid closeness with TOPSIS method can fully demonstrate the survivability ofthe critical services which expresses the living conditions of the entire system indirectly.Finally, a novel combined model is proposed to predict the future survival performance.Thisarticle's findings have some theoretical significance and it can provide a useful reference forthe survivability of the network information system.
引文
[1]刘密霞.网络安全态势分析与可生存性评估研究[D].兰州理工大学博士学位论文,2008.
[2]张乐君.网络信息系统可生存性技术研究[D].哈尔滨工程大学博士学位论文,2008.
[3]张海霞,连一峰,苏璞睿,冯登国.基于安全状态域的网络评估模型[J].软件学报,2009,20(2):451-46.
[4]张永,方滨兴,包秀国.网络可生存性研究概述[J].计算机工程与应用,2005,7(7):119-121.
[5]吴迪,冯登国,连一峰,陈恺.一种给定脆弱性环境下的安全措施效用评估模型[J].软件学报,2012,23(7):1880-1898.
[6] Hollway B A, Neumannn P G. Survivable Computer-communication Systems: TheProblem Working Group Recommendations [R]. Washington: US Army ResearchLaboratory,1993.
[7] Ellison R J, Fisher D A, Linger R C. Survivable Network System: An EmergingDiscipline [R]. Technical Report, CMU/SEI-97-TR-013, Carnegie Mellon University,1997.
[8] Robert J, Ellison, et al. Survivable Network System Analysis: A Case Study [J].IEEE Software,1999,16(4):70-77.
[9] Linger R C, Lispon H F, John M, et al. Life_Cycle Models for Survivable System[R]. Sledge Technical Report, CMU/SEI-2002-TR-026,2002.
[10] Nancy R Mead, Robert J Ellison, Richard C. Linger et al. Survivable NetworkAnalysis Method [R]. Technical Report, CMU/SEI-2000-TR-013,2000.
[11] Jha S, Wing J, Linger R and Longstaff T. Survivability Analysis of NetworkSpecifcations [C]. IEEE, International Conference on Dependable Systems andNetworks (DSN2000).
[12]王超,马建峰,朱建明.网络系统的可生存性研究综述[J].网络安全技术与应用,2006,6(6):15-18.
[13]张鸿志,张玉清,李学干.网络可生存性研究进展[J].计算机工程,2005,31(20):3-5.
[14]刘欣,王小强,朱培栋,彭宇行.互联网域间路由系统安全态势评估[J].计算机研究与发展,2009,46(10):1669-1677.
[15]杨凡,蒋建春,陈松乔.网络生存性研究概述[J].计算机应用研究,2001,30(14):12-14.
[16] Ryan. Survivability, the Universe and Everything [OL].http://www.cs.cmu.edu/afs/cs/academic/class/17654-f01/www/refs/ryan.pdf.
[17] Knight John C, Strunk Elisabeth A, Aullivan Kevin J. Towards a rigorous definitionof information system survivability [C]. In the DARPA information survivabilityConference and exposition (DISCEX’03),2003.
[18] Yang Chao, Ma Jianfeng. A Formalized Definition of Network System Survivability[J]. Electronic Science and Technology,2004,4:1-4.
[19]林雪纲,许榕生,熊华.一种信息系统生存性的量化分析框架[J].电子与信息学报,2006,28(9):1721-1726.
[20] Westmark Vickie R. A definition for information system survivability [C]. In the37thHavaii International Conference on System Sciences (HICSS’04),2004:2086-2096.
[21]张乐君,国林,王巍,杨武.网络系统可生存性评估与增强技术研究概述[J].计算机科学,2007,34(8):30-33.
[22]王健,王慧强,赵国生.信息系统可生存性定量评估的指标体系[J].计算机工程,2009,35(3):54-56.
[23]郭渊博,马建峰.分布式系统中服务可生存性的定量分析[J].同济大学学报,2002,30(10):1190-1193.
[24] Gao Zhixing, Ong chenhui, Tan Woonkiong. Survivability assessment: modelingdependencies in information system [C]. In the4thIEEE/CMU/SEI informationsurvivability workshop (ISW-2001),2001.
[25]高献伟,林雪纲,许榕生.生存性分析方法中的3R量化分析[J].计算机仿真,2004,21(11):125-128.
[26] Jha Sanjay K, Wing Jeannett M, Linger Richard et al. Survivability analysis ofnetwork specifications [C]. In workshop on Dependability Despite Malicious Faults,2000international conference on dependable systems and networks (DSN2000),IEEE Computer Society,2000.
[27] Jha Somesh, Wing Jeannette M. Survivability Analysis of networked systems [C]. Inthe23rdinternational conference on software engineering (ICSE’01),2001.
[28] McDermott J. Attack-potential-based survivability modeling for high-consequencesystems [C]. In the3rdIEEE International Workshop on Information Assurance(IWIA’05),2005:119-130.
[29] Alex Hai wang, Su yan and Peng Liu. A semi-markov survivability evaluation modelfor Intrusion Tolerant Database Systems [C].2010Internal conference onAvailability, Reliability and Security, IEEE Computer Society,2010:104-111.
[30]林闯,汪洋,李泉林.网络安全的随机模型方法与评价技术[J].计算机学报,2005,28(12):1943-1956.
[31]吴文光,黄遵国,陈海涛.基于状态转换的信息服务系统可生存性评估方法[J].计算机工程与科学,2007,29(2):112-115.
[32]包秀国,胡铭曾,张宏莉,张绍瑞.两种网络安全管理系统的生存性定量分析方法[J].通信学报,2004,25(9):34-40.
[33]张乐君,王巍,国林,杨武.网络信息系统生存性层次化分析模型研究[J].小型微型计算机系统,2008,29(6):1117-1121.
[34]马杰.网络安全态势评估与分析方法研究[D].华中科技大学博士学位论文,2010.
[35] Bogler, P.L. Shafer-Dempster Reasoning with Application on Multisensor TargetIdentification System [J]. IEEE Trans on System, Man and Cybernetics.1987,17:968-977.
[36] Linger R C et al. Requirements Definition for Survivable Network Systems [R].http://www.sei.cmu.edu/97icre.pdf,1999.
[37] Glover F. Tabu search-Part I [J]. ORSA Journal on Compter,1989,1(3):190-206.
[38] Glover F. Tabu search-Part II [J]. ORSA Journal on Compter,1989,2(1):4-32.
[39] Xu Jiefeng, Chui S Y, Glover F. Optimizing a ring-based private linetelecommunication network using Tabu search [J]. Management Science,1990,45(3):330-345.
[40] Zhang Hongbin, Sun Guangyu.The application of Tabu search on feature selection[J].Journal of Automation,1999,25(4):457-466.
[41] Cohen A,Rangarajan S and Slye H. On the performance of TCP splicing forURL-aware redirection. In the proceedings of USITS’99,1999.
[42] Dynamic DNS [OL]. http://www.technopagan.org/dynamic/.
[43] Norihiko YOSHIDA, Kazuo USHUIMA, Toshihiko SHIMOKAWA. DNS-basedMechanism for Policy-added Server Selection [OL].http://www.tenbin.org/publication/ssgrr2000.pdf,2000.
[44]黄遵国,卢锡城,王怀民.可生存技术及其实现框架研究[J].国防科技大学学报,2002,24(5):29-32.
[45]包秀国.开放层次式系统的生存性增强技术研究[D].哈尔滨工业大学博士论文,2005.
[46] Hai Wang, Peng Liu and Lunquan Li. Evaluating the Survivability of IntrusionTolerant Database Systems and the Impact of Intrusion Detection Deficiencies [J].Information and Computer Security,2007,3:209-231.
[47] Valdes A and Skinner K. Probabilistic Alert Correlation [C]. In Proceedings of the4thInternational Symposium, Recent Advances in Intrusion Detection (RAID’01),2001.
[48] Ellison R J, Linger R C, Longstaff T, Mead N R. A Case Study in SurvivableNetwork System Analysis [R]. Technical Report, CMU/SEI-98-TR-014,1998.
[49] Andrew P Moore, Robert J Ellison, Richard C Linger. Attack Modeling forInformation Security and Survivability [R]. Technical Note, CMU/SEI-2001-TN-001,2001.
[50]林雪纲,熊华,许榕生.网络信息系统生存性分析及实现[J].计算机工程,2005,31(24):161-163.
[51]林雪纲,许榕生.信息系统生存性分析模型研究[J].通信学报,2006,27(2):153-159.
[52] Lin X G, Xu R S, Zhu M L. Survivability analysis for information systems [C].Proceedings of the7thInternational Conference on Software Engineering (ICSE’01),2001:307-317.
[53]李学斌.信息系统生存性量化评估方法研究[J].长治学院学报,2007,24(5):6-9.
[54]范娜,王新喆,许榕生.基于漏洞扫描的生存性量化分析算法研究[J].计算机仿真,2008,25(5):89-92.
[55] Moitra S D, Konda S L. A Simulation Model for Managing Survivability ofNetworked Information Systems [R].Technical Report, CMU/SEI-2000-TR-020,2002.
[56] Krings W. A Graph based model for survivability applications [OL].http://www.cs.uidaho.edu/krings/publications.html.
[57] Taylor, Krings, Alves-Foss. Risk Analysis and Probabilistic SurvivabilityAssessment (RAPSA): An Assessment Approach for Power Substation Hardening
[C]. ACM Workshop of Scientific Aspects of Cyber Terrorism,2002.
[58]吴文光,黄遵国,陈海涛.一种可生存系统设计方法[C].第十一届中国电子学会青年学术年会,2005.
[59]田俊峰,潘世英,刘玉玲.引入系统状态转移概率的可生存性量化评估模型[C].河北大学学报(自然科学版),2007,27(4):428-433.
[60]赵国生,王慧强,王健.基于灰色关联分析的网络可生存性态势评估研究[J].小型微型计算机系统,2006,27(10):1861-1864.
[61]杜君,蒋卫华,李伟华.基于可生存性的系统安全评估方法[J].计算机工程,2007,33(3):167-168.
[62]陈家庆.基于生存流图的可生存性定量分析及模型设计方法[D].湖南大学硕士论文,2008.
[63]陈家庆,刘俊,张大方.网络安全管理系统的生存型建模与分析方法[J].计算机应用,2007,27(12):2947-2950.
[64]陈家庆,刘俊,张大方.基于数据流的网络安全系统生存性评估研究[J].计算机工程与应用,2008,44(2):140-143.
[65]王健,王慧强,赵国生.基于不确定型AHP的网络生存能力模糊综合评价[J].计算机科学,2006,33(6):73-75.
[66]吕镇邦,周波.基于WOWA-FAHP的网络安全态势评估[J].计算机科学,2009,36(7):63-66.
[67]吕镇邦,周波.基于Shapley熵和Choquet积分的层次化风险评估[J].北京邮电大学学报,2009,32(6):83-87.
[68]付钰,吴晓平,叶清.基于改进FAHP-BN的信息系统安全态势评估方法[J].通信学报,2009,30(9):135-139.
[69]韦勇,连一峰.基于日志审计与性能修正算法的网络安全态势评估模型[J].计算机学报,2009,32(4):763-772.
[70]韦勇,连一峰,冯登国.基于信息融合的网络安全态势评估模型[J].计算机研究与发展,2009,46(3):353-362.
[71]陈智勇.网络生存性评估关键技术研究[D].国防科技大学硕士学位论文,2009.
[72] Survivability and High-assurance Assessments Researh Program (SHARP)[OL].http://www.sdl.sri.com/programs/sharp/.
[73] University of Massachusetts Amherst, Survivability Project [OL].http://dis.cs.umass.edu/research/survive/.
[74] CCERT [OL]. http://www.ccert.edu.cn.
[75] Christopher Alberts, Julia Allen, Robert Stoddard. Risk-Based Measurement andAnalysis: Application to Software Security [R]. Technical note,CMU/SEI-2012-TN-004,2012.
[76] Christopher Alberts, Audrey Dorofee. Mission Risk Diagnostic (MRD) MethodDescription [R]. Technical note, CMU/SEI-2012-TN-004,2012.
[77]徐琳,刘志勇等.国家自然科学基金委员会信息科学部计算机科学处2005年度基金申请与资助概况[J].软件学报,2005,16(11):2021-2028.
[78] http://sche.dlut.edu.cn/news/download/fazhanfangxiang.doe,2006.
[79]龚正虎,卓莹.网络态势感知研究[J].软件学报,2010,21(7):1605-1619.
[80] Rubel Paul, Pal Partha. Assessing Adaptation in the Context of Security andSurvivability [C]. In the First Workshop on Information-Security-System Rating andRanking (ISSRR).2001, Williamsburg, VA.
[81]林雪纲.网络信息系统生存性分析研究[D].浙江大学博士学位论文,2006.
[82]杨阔朝,蒋凡.安全漏洞的统一描述研究[J].计算机工程与科学,2006,28(10):11-13.
[83]单国栋,戴英侠,王航.计算机漏洞分类研究[J].计算机工程,2002,28(10):3-6.
[84]翟钰,张玉滑,武维善.系统安全漏洞研究及数据库实现[J].计算机工程,2004,30(8):68-70.
[85]王贵生,夏阳.计算机安全漏洞分类研究[J].计算机安全,2008,11:113-117.
[86]王颖,李祥和.软件漏洞的分类研究[J].计算机系统应用,2008,11:40-44.
[87] John D Howard. An analysis of security incident on the internet [D]. USA: CarnegieMellon University,1997.
[88] CVE [OL].http://baike.baidu.com/link?url=k8_qJP5mL5SD-fDEOr-8i7MW90D0Sg6XEcJiwXcOCrx11zwiM0EGR0EaVO0Q0ZuK
[89]刘炜.网络系统脆弱性评估与分析技术研究[D].哈尔滨工程大学硕士论文,2009.
[90]苘大鹏.基于图论的网络安全评估系统的设计与实现[D].哈尔滨工程大学硕士论文,2006.
[91]吴仲.网络系统可生存性评估分析方法研究[D].吉林大学硕士毕业论文,2008.
[92]杨宏宇,朱丹,谢丽霞.网络信息系统漏洞可利用性量化评估研究[J].清华大学学报,2009,49(S2):2157-2163.
[93]张永铮,云晓春,胡铭曾.基于特权提升的多维量化属性弱点分类法的研究[J].通信学报,2004,(25)7:107-114.
[94]汪立东.操作系统安全评估和审计增强[D].哈尔滨:哈尔滨工业大学博士论文,2002.
[95]中国互联网络信息中心.中国互联网络发展状况统计报告(2012/1)[EB/OL].http://www.cnnic.net.cn/dtygg/dtgg/201201/W020120116337628870651.pdf
[96]国家互联网应急中心.我国互联网网络安全态势综述(2012/3)[EB/OL].http://www.cert.org.cn/publish/main/12/2012/20120330183919343905632/20120330183919343905632_.html
[97] ZHOU Z W. Research on an Attack-Graph Based Model of Vulnerability RiskEvaluation [D]. Shanghai Jiaotong University master thesis,2006.
[98] Ritchey R W, Ammann P. Using model checking to analyze network vulnerabilities[C]. Proceedings of the IEEE Symposium on Security and Privacy.2001:156-165.
[99] Sheyner O, Haines J, Jha S. Automated generation and analysis of attack graphs [C].Proceedings of2002IEEE Symposium on Security and Privacy. Oakland,2002:254-265.
[100] Sheyner O, Haines J, Jha S, et al. Automated generation and analysis of attack graphs[C].Proceedings of2002IEEE Symposium on Security and Privacy, Oakland,2002:273-283.
[101] Jha S, Sheyner O, Wing J. Two formal analyses of attack graphs [C]. Proceedings ofthe15thComputer Security Foundations Workshop, Nova Scotia,200:49-63.
[102] Nessus [OL]. http://www.nessus.org/.
[103] Swiler L P, Phillips C, Gaylor T. A graph-based network vulnerability analysissystem [R]. Sandia National Laboratories: Technical Report,SAND97-3010/1-UC-705,1997.
[104]王永杰,鲜明,刘进.基于攻击图模型的网络安全评估研究[J].通信学报,2007,28(3):29-34.
[105] Moberg F. Security Analysis of an Information System Using an Attack Tree-BasedMethodology [D]. Sweden: Chalmers University of Technology,2000.
[106]张涛,吴冲.信息系统安全漏洞研究[J].哈尔滨工业大学学报(社会科学版),2008,10(4):71-76.
[107]张涛,胡铭曾,云晓春,张永铮.计算机网络安全型分析建模研究[J].通信学报,2005,26(12):100-109.
[108]张涛,吴冲,刘晖.基于安全状态空间的攻击图生成方法[C].全国网络与信息安全技术研讨会,2007:148-155.
[109]张乐君,王巍,国林,杨武,杨永田.基于攻击场景的信息系统生存性计算[J],计算机工程,2008,34(6):137-139.
[110] Noel S, Jacobs M, Kalapa P.Multiple coordinated views for network attack graphs[C]. Proc2005Workshop on Visualization for Computer Security, Minneapolis,2005:99-106.
[111] Sheyner O. Grpahs [D]. Pittsburgh, USA: Camegie Mellon University,2004.
[112] Moore A P, Linger R C, Attack Modeling for Information Security and Survivability[R]. Technical Note, CMU/SEI-20001-03,2000.
[113] Andrew P Moore, Robert J Ellison, Richard C Linger. Attack Modeling forInformation Security and Survivability [R], Technical Note, CMU/SEI-2001-TN-001,2001.
[114] Dorzyk A D. A Forecasting Model for Internet Security Attacks [C]. In the21thNational Information Systems Security Conference,1998.
[115] Cohen F. Simulating Cyber Attacks, Defenses and Consequences [J]. Computers&Security,1999,18:479-519.
[116]卢继军,黄刘生,吴树峰.基于攻击树的网络攻击建模方法[J].计算机工程与应用,2003,23(5):160-163.
[117] Dawkins J, Hale J. A systematic approach to multi-stage network attack analysis [C].Proceedings of the2ndIEEE International Information Assurance Workshop(IWIA’04)[C].Charlotte,2004:48-54.
[118]汪渊,蒋凡,陈国良.基于图论的网络安全分析方法研究与应用[J].小型微型计算机系统,2003,24(10):1865-1869.
[119]孙亮,李东,张涛.网络攻击图的自动生成[J].计算机应用研究,2006,3:119-122.
[120] Schneier B. Attack Trees [M]. New York: Secrets and Lie,2000.
[121] Schneier B. Attack Trees: Modeling Security Threats [J]. Dr Dobb’s Journal,1999.
[122] Nmap [OL]. http://www.insecure.org/nmap/index.html.
[123]汪渊.网络安全量化评估方法研究[D].中国科学技术大学博士学位论文,2003.
[124]赵芳芳,陈秀真,李建华.基于权限提升的网络攻击图生成方法[J].计算机工程,2008,34(23):158-160.
[125] SANS Website [OL]. http://www.sans.org/.2005
[126] Sheyner O, Haines J, Jha S, et al. Automated Generation and Analysis of AttackGraphs [C]. Proceedings of2002IEEE Symposium on Security and Privacy,2002:254-265.
[127] Graphviz [OL].http://www.graphviz.org/pub/graphviz/ARCHIVE/graphviz-1.12-1.i386.rpm.
[128] W. Jian, W. Huiqiang, and Z. GuoSheng. Fuzzy Comprehensive Assessment inNetwork Survivability Based on the Uncertain AHP [J]. Com. Scie.,2006,33(6):73-75.
[129] Z. Qiuyu, S. Ning, C. Ning, and L. Ye. Evaluation for Security Situation ofNetworked Systems Based on Fuzzy Information Fusion [J]. Com. Engi.,2007,33(13):182–184.
[130] Y. Jun and W. Lei. Research on Comprehensive Evaluation Method Based on RoughSet and AHP [J]. App. Res. Comp.,2010,27(7):2484–2488.
[131]赵国生.任务关键系统可生存性增强的应急技术研究[D].哈尔滨工程大学博士论文,2008.
[132] Satty T L. How to Make a Decision: The Analytic Hierarchy Process [J]. EuropeanJournal of Operational Research,1990,1(48):9-26.
[133] Chen Ting. Decision Analysis [M]. Beijing: Science Press,1987.
[134]杜政伟.基于区间值模糊集的多属性决策方法研究与应用[D].山东经济学院硕士论文,2010.
[135]刘浪.公路建设项目供应链管理的目标控制及绩效评价研究[D].武汉大学博士论文,2010.
[136]百度百科[OL].http://baike.baidu.com/link?url=NaFg546kBIw0eoIwMQ07oX9kokaxkNZcraEjnuw3VyFh4RbadNmUJLFZT17F26Rs2yaOhpsKnDMNpU1D5dOnxK.
[137]邓聚龙.灰色预测与决策[M].武汉:华中科技大学,1986.
[138]刘思峰等.灰色理论及其应用[M].北京:科学出版社,2010.
[139]谢季坚,刘承平.模糊数学方法及其应用[M].武汉:华中科技大学出版社,2006.
[140] Bhat, V. N. Renewal approximations of the switched Poisson processes and theirapplications system Operational Res. Soc.,1994,45(3):345-353.
[141] Hush, D. R., Home, B.G. Progress in Supervised Neural Networks. IEEE SignalProcessingMagazine,1993,10(1):8-39.
[142] Davey, N., Hunt, S. P., Frank, R. J. Time Series Prediction and Neural Networks.In:Proc.5thInternational Conference on Engineering Applications of NeuralNetworks.1999,93-98.
[143] Edwards, T., Tansley, R. J., Frank, N. Davey. Traffic Trends Analysis using NeuralNetworks.In: Proceedings of the International Workshop on Application of NeuralNetworks to Telecommunications1997,158-164.
[144]郑明才,张大方,骆坚,黎文伟.基于预测的传感器网络副本自适应控制机制[J].计算机研究与发展,2011,48(2):296-305.
[145] Holt, C.C. ForCasting Seasonals and Trends by Exponentially Weighted movingAverages[R]. ONR Research Memorandum No.52. Carnegie Institute of Technology,1957.
[146]童明容,薛恒新,林琳.基于Holt-winter模型的铁路货运量预测研究[J].铁道运输与经济,2007,29(l):79-81.
[147]童明容,薛恒新.霍尔特-温特模型在货运量季节性预测中的应用[J].数据统计与管理,2008,27(3):500-504.
[148]王庆荣.基于神经网络与H olt-Winters模型的铁路货运量组合预测[J].兰州交通大学学报,2010,29(4):122-125.
[149] Deng, J. L.Grey Forecast and Grey Decision [M].Wuhan: Huazhong University ofScience and Technology Press,2002.
[150]黄春萍,倪宗瓒.灰色模型在预测肺结核发病率中的应用[J].现代预防医学,2002,29(6):791-793.
[151]邵珠艳,王春梅,魏至莎.灰色GM (1,1)预测模型在疾病预测中的应用[J].中国医院统计,2003,10(3):146-148
[152]赵国生,王慧强,王健.基于灰色verhulst的网络安全态势感知模型[J].哈尔滨工业大学学报,2008,40(5):798-801.
[153]邢秀芝,李振. GM(1,1)-ARMA(n, m)预测模型及应用[J].周口师范学院学报.2004,21(5):34-36.
[154]邓聚龙.灰色预测与决策[M].武汉:华中理工大学出版社,1988.
[155]杨位钦,顾岚.时间序列分析与动态数据建模[M].北京:北京理工大学出版社,1988.
[156]梁雪枫,李慧,高丽等. ARIMA模型预测甲肝发病[J].预防医学情报杂志,2009,5(4):252-254.
[157]马亮亮,田富鹏. ARMA模型在胆结石病发病率预测中的应用[J].军事医学科学院院刊,2010,34(5):469-472.
[158]陈美,王红芹,程铁信.综合Winters模型和ARMA模型预测GDP [J].天津工业大学学报,2007,26(5):83-85.
[159]邹柏贤,刘强.基于ARMA模型的网络流量预测[J].计算机研究与发展,2002,39(12):1645-652.
[160]张晓峒. Eview使用指南与案例(数量经济学应用系列)[M].北京:机械工业出版社,2007:106-107.
[161]张善文. Matlab在时间序列分析中的应用[M].西安:西安电子科技大学出版社,2007.
[162]杨叔子,吴雅等著.时间序列分析的工程应用[M].武汉:华中理工大学出版社,1991.
[163]王振龙.时间序列分析[M].北京:中国统计出版社,2000.
[164]王振龙,胡永宏.应用时间序列分析[M].北京:科学出版社,2007.
[165] Bates J M, Granger C W J. Combination of forecasts [J]. Operations ResearchQuarterly,1969,20(4):451-468.
[166]丁咏梅,周晓阳.组合预测在粮食产量预测中的应用[J].统计与决策,2004,3:44-45.
[167] Snell Q O, Mikler A, Gustafson J L. NetPipe:a network protocol independentperformance evaluator [C]. Proceedings of IASTED International Conference onIntelligent Information Management and System,1996:89-106.
[168][OL]. http://www.oschina.net/p/loganalyzer.
[2]张乐君.网络信息系统可生存性技术研究[D].哈尔滨工程大学博士学位论文,2008.
[3]张海霞,连一峰,苏璞睿,冯登国.基于安全状态域的网络评估模型[J].软件学报,2009,20(2):451-46.
[4]张永,方滨兴,包秀国.网络可生存性研究概述[J].计算机工程与应用,2005,7(7):119-121.
[5]吴迪,冯登国,连一峰,陈恺.一种给定脆弱性环境下的安全措施效用评估模型[J].软件学报,2012,23(7):1880-1898.
[6] Hollway B A, Neumannn P G. Survivable Computer-communication Systems: TheProblem Working Group Recommendations [R]. Washington: US Army ResearchLaboratory,1993.
[7] Ellison R J, Fisher D A, Linger R C. Survivable Network System: An EmergingDiscipline [R]. Technical Report, CMU/SEI-97-TR-013, Carnegie Mellon University,1997.
[8] Robert J, Ellison, et al. Survivable Network System Analysis: A Case Study [J].IEEE Software,1999,16(4):70-77.
[9] Linger R C, Lispon H F, John M, et al. Life_Cycle Models for Survivable System[R]. Sledge Technical Report, CMU/SEI-2002-TR-026,2002.
[10] Nancy R Mead, Robert J Ellison, Richard C. Linger et al. Survivable NetworkAnalysis Method [R]. Technical Report, CMU/SEI-2000-TR-013,2000.
[11] Jha S, Wing J, Linger R and Longstaff T. Survivability Analysis of NetworkSpecifcations [C]. IEEE, International Conference on Dependable Systems andNetworks (DSN2000).
[12]王超,马建峰,朱建明.网络系统的可生存性研究综述[J].网络安全技术与应用,2006,6(6):15-18.
[13]张鸿志,张玉清,李学干.网络可生存性研究进展[J].计算机工程,2005,31(20):3-5.
[14]刘欣,王小强,朱培栋,彭宇行.互联网域间路由系统安全态势评估[J].计算机研究与发展,2009,46(10):1669-1677.
[15]杨凡,蒋建春,陈松乔.网络生存性研究概述[J].计算机应用研究,2001,30(14):12-14.
[16] Ryan. Survivability, the Universe and Everything [OL].http://www.cs.cmu.edu/afs/cs/academic/class/17654-f01/www/refs/ryan.pdf.
[17] Knight John C, Strunk Elisabeth A, Aullivan Kevin J. Towards a rigorous definitionof information system survivability [C]. In the DARPA information survivabilityConference and exposition (DISCEX’03),2003.
[18] Yang Chao, Ma Jianfeng. A Formalized Definition of Network System Survivability[J]. Electronic Science and Technology,2004,4:1-4.
[19]林雪纲,许榕生,熊华.一种信息系统生存性的量化分析框架[J].电子与信息学报,2006,28(9):1721-1726.
[20] Westmark Vickie R. A definition for information system survivability [C]. In the37thHavaii International Conference on System Sciences (HICSS’04),2004:2086-2096.
[21]张乐君,国林,王巍,杨武.网络系统可生存性评估与增强技术研究概述[J].计算机科学,2007,34(8):30-33.
[22]王健,王慧强,赵国生.信息系统可生存性定量评估的指标体系[J].计算机工程,2009,35(3):54-56.
[23]郭渊博,马建峰.分布式系统中服务可生存性的定量分析[J].同济大学学报,2002,30(10):1190-1193.
[24] Gao Zhixing, Ong chenhui, Tan Woonkiong. Survivability assessment: modelingdependencies in information system [C]. In the4thIEEE/CMU/SEI informationsurvivability workshop (ISW-2001),2001.
[25]高献伟,林雪纲,许榕生.生存性分析方法中的3R量化分析[J].计算机仿真,2004,21(11):125-128.
[26] Jha Sanjay K, Wing Jeannett M, Linger Richard et al. Survivability analysis ofnetwork specifications [C]. In workshop on Dependability Despite Malicious Faults,2000international conference on dependable systems and networks (DSN2000),IEEE Computer Society,2000.
[27] Jha Somesh, Wing Jeannette M. Survivability Analysis of networked systems [C]. Inthe23rdinternational conference on software engineering (ICSE’01),2001.
[28] McDermott J. Attack-potential-based survivability modeling for high-consequencesystems [C]. In the3rdIEEE International Workshop on Information Assurance(IWIA’05),2005:119-130.
[29] Alex Hai wang, Su yan and Peng Liu. A semi-markov survivability evaluation modelfor Intrusion Tolerant Database Systems [C].2010Internal conference onAvailability, Reliability and Security, IEEE Computer Society,2010:104-111.
[30]林闯,汪洋,李泉林.网络安全的随机模型方法与评价技术[J].计算机学报,2005,28(12):1943-1956.
[31]吴文光,黄遵国,陈海涛.基于状态转换的信息服务系统可生存性评估方法[J].计算机工程与科学,2007,29(2):112-115.
[32]包秀国,胡铭曾,张宏莉,张绍瑞.两种网络安全管理系统的生存性定量分析方法[J].通信学报,2004,25(9):34-40.
[33]张乐君,王巍,国林,杨武.网络信息系统生存性层次化分析模型研究[J].小型微型计算机系统,2008,29(6):1117-1121.
[34]马杰.网络安全态势评估与分析方法研究[D].华中科技大学博士学位论文,2010.
[35] Bogler, P.L. Shafer-Dempster Reasoning with Application on Multisensor TargetIdentification System [J]. IEEE Trans on System, Man and Cybernetics.1987,17:968-977.
[36] Linger R C et al. Requirements Definition for Survivable Network Systems [R].http://www.sei.cmu.edu/97icre.pdf,1999.
[37] Glover F. Tabu search-Part I [J]. ORSA Journal on Compter,1989,1(3):190-206.
[38] Glover F. Tabu search-Part II [J]. ORSA Journal on Compter,1989,2(1):4-32.
[39] Xu Jiefeng, Chui S Y, Glover F. Optimizing a ring-based private linetelecommunication network using Tabu search [J]. Management Science,1990,45(3):330-345.
[40] Zhang Hongbin, Sun Guangyu.The application of Tabu search on feature selection[J].Journal of Automation,1999,25(4):457-466.
[41] Cohen A,Rangarajan S and Slye H. On the performance of TCP splicing forURL-aware redirection. In the proceedings of USITS’99,1999.
[42] Dynamic DNS [OL]. http://www.technopagan.org/dynamic/.
[43] Norihiko YOSHIDA, Kazuo USHUIMA, Toshihiko SHIMOKAWA. DNS-basedMechanism for Policy-added Server Selection [OL].http://www.tenbin.org/publication/ssgrr2000.pdf,2000.
[44]黄遵国,卢锡城,王怀民.可生存技术及其实现框架研究[J].国防科技大学学报,2002,24(5):29-32.
[45]包秀国.开放层次式系统的生存性增强技术研究[D].哈尔滨工业大学博士论文,2005.
[46] Hai Wang, Peng Liu and Lunquan Li. Evaluating the Survivability of IntrusionTolerant Database Systems and the Impact of Intrusion Detection Deficiencies [J].Information and Computer Security,2007,3:209-231.
[47] Valdes A and Skinner K. Probabilistic Alert Correlation [C]. In Proceedings of the4thInternational Symposium, Recent Advances in Intrusion Detection (RAID’01),2001.
[48] Ellison R J, Linger R C, Longstaff T, Mead N R. A Case Study in SurvivableNetwork System Analysis [R]. Technical Report, CMU/SEI-98-TR-014,1998.
[49] Andrew P Moore, Robert J Ellison, Richard C Linger. Attack Modeling forInformation Security and Survivability [R]. Technical Note, CMU/SEI-2001-TN-001,2001.
[50]林雪纲,熊华,许榕生.网络信息系统生存性分析及实现[J].计算机工程,2005,31(24):161-163.
[51]林雪纲,许榕生.信息系统生存性分析模型研究[J].通信学报,2006,27(2):153-159.
[52] Lin X G, Xu R S, Zhu M L. Survivability analysis for information systems [C].Proceedings of the7thInternational Conference on Software Engineering (ICSE’01),2001:307-317.
[53]李学斌.信息系统生存性量化评估方法研究[J].长治学院学报,2007,24(5):6-9.
[54]范娜,王新喆,许榕生.基于漏洞扫描的生存性量化分析算法研究[J].计算机仿真,2008,25(5):89-92.
[55] Moitra S D, Konda S L. A Simulation Model for Managing Survivability ofNetworked Information Systems [R].Technical Report, CMU/SEI-2000-TR-020,2002.
[56] Krings W. A Graph based model for survivability applications [OL].http://www.cs.uidaho.edu/krings/publications.html.
[57] Taylor, Krings, Alves-Foss. Risk Analysis and Probabilistic SurvivabilityAssessment (RAPSA): An Assessment Approach for Power Substation Hardening
[C]. ACM Workshop of Scientific Aspects of Cyber Terrorism,2002.
[58]吴文光,黄遵国,陈海涛.一种可生存系统设计方法[C].第十一届中国电子学会青年学术年会,2005.
[59]田俊峰,潘世英,刘玉玲.引入系统状态转移概率的可生存性量化评估模型[C].河北大学学报(自然科学版),2007,27(4):428-433.
[60]赵国生,王慧强,王健.基于灰色关联分析的网络可生存性态势评估研究[J].小型微型计算机系统,2006,27(10):1861-1864.
[61]杜君,蒋卫华,李伟华.基于可生存性的系统安全评估方法[J].计算机工程,2007,33(3):167-168.
[62]陈家庆.基于生存流图的可生存性定量分析及模型设计方法[D].湖南大学硕士论文,2008.
[63]陈家庆,刘俊,张大方.网络安全管理系统的生存型建模与分析方法[J].计算机应用,2007,27(12):2947-2950.
[64]陈家庆,刘俊,张大方.基于数据流的网络安全系统生存性评估研究[J].计算机工程与应用,2008,44(2):140-143.
[65]王健,王慧强,赵国生.基于不确定型AHP的网络生存能力模糊综合评价[J].计算机科学,2006,33(6):73-75.
[66]吕镇邦,周波.基于WOWA-FAHP的网络安全态势评估[J].计算机科学,2009,36(7):63-66.
[67]吕镇邦,周波.基于Shapley熵和Choquet积分的层次化风险评估[J].北京邮电大学学报,2009,32(6):83-87.
[68]付钰,吴晓平,叶清.基于改进FAHP-BN的信息系统安全态势评估方法[J].通信学报,2009,30(9):135-139.
[69]韦勇,连一峰.基于日志审计与性能修正算法的网络安全态势评估模型[J].计算机学报,2009,32(4):763-772.
[70]韦勇,连一峰,冯登国.基于信息融合的网络安全态势评估模型[J].计算机研究与发展,2009,46(3):353-362.
[71]陈智勇.网络生存性评估关键技术研究[D].国防科技大学硕士学位论文,2009.
[72] Survivability and High-assurance Assessments Researh Program (SHARP)[OL].http://www.sdl.sri.com/programs/sharp/.
[73] University of Massachusetts Amherst, Survivability Project [OL].http://dis.cs.umass.edu/research/survive/.
[74] CCERT [OL]. http://www.ccert.edu.cn.
[75] Christopher Alberts, Julia Allen, Robert Stoddard. Risk-Based Measurement andAnalysis: Application to Software Security [R]. Technical note,CMU/SEI-2012-TN-004,2012.
[76] Christopher Alberts, Audrey Dorofee. Mission Risk Diagnostic (MRD) MethodDescription [R]. Technical note, CMU/SEI-2012-TN-004,2012.
[77]徐琳,刘志勇等.国家自然科学基金委员会信息科学部计算机科学处2005年度基金申请与资助概况[J].软件学报,2005,16(11):2021-2028.
[78] http://sche.dlut.edu.cn/news/download/fazhanfangxiang.doe,2006.
[79]龚正虎,卓莹.网络态势感知研究[J].软件学报,2010,21(7):1605-1619.
[80] Rubel Paul, Pal Partha. Assessing Adaptation in the Context of Security andSurvivability [C]. In the First Workshop on Information-Security-System Rating andRanking (ISSRR).2001, Williamsburg, VA.
[81]林雪纲.网络信息系统生存性分析研究[D].浙江大学博士学位论文,2006.
[82]杨阔朝,蒋凡.安全漏洞的统一描述研究[J].计算机工程与科学,2006,28(10):11-13.
[83]单国栋,戴英侠,王航.计算机漏洞分类研究[J].计算机工程,2002,28(10):3-6.
[84]翟钰,张玉滑,武维善.系统安全漏洞研究及数据库实现[J].计算机工程,2004,30(8):68-70.
[85]王贵生,夏阳.计算机安全漏洞分类研究[J].计算机安全,2008,11:113-117.
[86]王颖,李祥和.软件漏洞的分类研究[J].计算机系统应用,2008,11:40-44.
[87] John D Howard. An analysis of security incident on the internet [D]. USA: CarnegieMellon University,1997.
[88] CVE [OL].http://baike.baidu.com/link?url=k8_qJP5mL5SD-fDEOr-8i7MW90D0Sg6XEcJiwXcOCrx11zwiM0EGR0EaVO0Q0ZuK
[89]刘炜.网络系统脆弱性评估与分析技术研究[D].哈尔滨工程大学硕士论文,2009.
[90]苘大鹏.基于图论的网络安全评估系统的设计与实现[D].哈尔滨工程大学硕士论文,2006.
[91]吴仲.网络系统可生存性评估分析方法研究[D].吉林大学硕士毕业论文,2008.
[92]杨宏宇,朱丹,谢丽霞.网络信息系统漏洞可利用性量化评估研究[J].清华大学学报,2009,49(S2):2157-2163.
[93]张永铮,云晓春,胡铭曾.基于特权提升的多维量化属性弱点分类法的研究[J].通信学报,2004,(25)7:107-114.
[94]汪立东.操作系统安全评估和审计增强[D].哈尔滨:哈尔滨工业大学博士论文,2002.
[95]中国互联网络信息中心.中国互联网络发展状况统计报告(2012/1)[EB/OL].http://www.cnnic.net.cn/dtygg/dtgg/201201/W020120116337628870651.pdf
[96]国家互联网应急中心.我国互联网网络安全态势综述(2012/3)[EB/OL].http://www.cert.org.cn/publish/main/12/2012/20120330183919343905632/20120330183919343905632_.html
[97] ZHOU Z W. Research on an Attack-Graph Based Model of Vulnerability RiskEvaluation [D]. Shanghai Jiaotong University master thesis,2006.
[98] Ritchey R W, Ammann P. Using model checking to analyze network vulnerabilities[C]. Proceedings of the IEEE Symposium on Security and Privacy.2001:156-165.
[99] Sheyner O, Haines J, Jha S. Automated generation and analysis of attack graphs [C].Proceedings of2002IEEE Symposium on Security and Privacy. Oakland,2002:254-265.
[100] Sheyner O, Haines J, Jha S, et al. Automated generation and analysis of attack graphs[C].Proceedings of2002IEEE Symposium on Security and Privacy, Oakland,2002:273-283.
[101] Jha S, Sheyner O, Wing J. Two formal analyses of attack graphs [C]. Proceedings ofthe15thComputer Security Foundations Workshop, Nova Scotia,200:49-63.
[102] Nessus [OL]. http://www.nessus.org/.
[103] Swiler L P, Phillips C, Gaylor T. A graph-based network vulnerability analysissystem [R]. Sandia National Laboratories: Technical Report,SAND97-3010/1-UC-705,1997.
[104]王永杰,鲜明,刘进.基于攻击图模型的网络安全评估研究[J].通信学报,2007,28(3):29-34.
[105] Moberg F. Security Analysis of an Information System Using an Attack Tree-BasedMethodology [D]. Sweden: Chalmers University of Technology,2000.
[106]张涛,吴冲.信息系统安全漏洞研究[J].哈尔滨工业大学学报(社会科学版),2008,10(4):71-76.
[107]张涛,胡铭曾,云晓春,张永铮.计算机网络安全型分析建模研究[J].通信学报,2005,26(12):100-109.
[108]张涛,吴冲,刘晖.基于安全状态空间的攻击图生成方法[C].全国网络与信息安全技术研讨会,2007:148-155.
[109]张乐君,王巍,国林,杨武,杨永田.基于攻击场景的信息系统生存性计算[J],计算机工程,2008,34(6):137-139.
[110] Noel S, Jacobs M, Kalapa P.Multiple coordinated views for network attack graphs[C]. Proc2005Workshop on Visualization for Computer Security, Minneapolis,2005:99-106.
[111] Sheyner O. Grpahs [D]. Pittsburgh, USA: Camegie Mellon University,2004.
[112] Moore A P, Linger R C, Attack Modeling for Information Security and Survivability[R]. Technical Note, CMU/SEI-20001-03,2000.
[113] Andrew P Moore, Robert J Ellison, Richard C Linger. Attack Modeling forInformation Security and Survivability [R], Technical Note, CMU/SEI-2001-TN-001,2001.
[114] Dorzyk A D. A Forecasting Model for Internet Security Attacks [C]. In the21thNational Information Systems Security Conference,1998.
[115] Cohen F. Simulating Cyber Attacks, Defenses and Consequences [J]. Computers&Security,1999,18:479-519.
[116]卢继军,黄刘生,吴树峰.基于攻击树的网络攻击建模方法[J].计算机工程与应用,2003,23(5):160-163.
[117] Dawkins J, Hale J. A systematic approach to multi-stage network attack analysis [C].Proceedings of the2ndIEEE International Information Assurance Workshop(IWIA’04)[C].Charlotte,2004:48-54.
[118]汪渊,蒋凡,陈国良.基于图论的网络安全分析方法研究与应用[J].小型微型计算机系统,2003,24(10):1865-1869.
[119]孙亮,李东,张涛.网络攻击图的自动生成[J].计算机应用研究,2006,3:119-122.
[120] Schneier B. Attack Trees [M]. New York: Secrets and Lie,2000.
[121] Schneier B. Attack Trees: Modeling Security Threats [J]. Dr Dobb’s Journal,1999.
[122] Nmap [OL]. http://www.insecure.org/nmap/index.html.
[123]汪渊.网络安全量化评估方法研究[D].中国科学技术大学博士学位论文,2003.
[124]赵芳芳,陈秀真,李建华.基于权限提升的网络攻击图生成方法[J].计算机工程,2008,34(23):158-160.
[125] SANS Website [OL]. http://www.sans.org/.2005
[126] Sheyner O, Haines J, Jha S, et al. Automated Generation and Analysis of AttackGraphs [C]. Proceedings of2002IEEE Symposium on Security and Privacy,2002:254-265.
[127] Graphviz [OL].http://www.graphviz.org/pub/graphviz/ARCHIVE/graphviz-1.12-1.i386.rpm.
[128] W. Jian, W. Huiqiang, and Z. GuoSheng. Fuzzy Comprehensive Assessment inNetwork Survivability Based on the Uncertain AHP [J]. Com. Scie.,2006,33(6):73-75.
[129] Z. Qiuyu, S. Ning, C. Ning, and L. Ye. Evaluation for Security Situation ofNetworked Systems Based on Fuzzy Information Fusion [J]. Com. Engi.,2007,33(13):182–184.
[130] Y. Jun and W. Lei. Research on Comprehensive Evaluation Method Based on RoughSet and AHP [J]. App. Res. Comp.,2010,27(7):2484–2488.
[131]赵国生.任务关键系统可生存性增强的应急技术研究[D].哈尔滨工程大学博士论文,2008.
[132] Satty T L. How to Make a Decision: The Analytic Hierarchy Process [J]. EuropeanJournal of Operational Research,1990,1(48):9-26.
[133] Chen Ting. Decision Analysis [M]. Beijing: Science Press,1987.
[134]杜政伟.基于区间值模糊集的多属性决策方法研究与应用[D].山东经济学院硕士论文,2010.
[135]刘浪.公路建设项目供应链管理的目标控制及绩效评价研究[D].武汉大学博士论文,2010.
[136]百度百科[OL].http://baike.baidu.com/link?url=NaFg546kBIw0eoIwMQ07oX9kokaxkNZcraEjnuw3VyFh4RbadNmUJLFZT17F26Rs2yaOhpsKnDMNpU1D5dOnxK.
[137]邓聚龙.灰色预测与决策[M].武汉:华中科技大学,1986.
[138]刘思峰等.灰色理论及其应用[M].北京:科学出版社,2010.
[139]谢季坚,刘承平.模糊数学方法及其应用[M].武汉:华中科技大学出版社,2006.
[140] Bhat, V. N. Renewal approximations of the switched Poisson processes and theirapplications system Operational Res. Soc.,1994,45(3):345-353.
[141] Hush, D. R., Home, B.G. Progress in Supervised Neural Networks. IEEE SignalProcessingMagazine,1993,10(1):8-39.
[142] Davey, N., Hunt, S. P., Frank, R. J. Time Series Prediction and Neural Networks.In:Proc.5thInternational Conference on Engineering Applications of NeuralNetworks.1999,93-98.
[143] Edwards, T., Tansley, R. J., Frank, N. Davey. Traffic Trends Analysis using NeuralNetworks.In: Proceedings of the International Workshop on Application of NeuralNetworks to Telecommunications1997,158-164.
[144]郑明才,张大方,骆坚,黎文伟.基于预测的传感器网络副本自适应控制机制[J].计算机研究与发展,2011,48(2):296-305.
[145] Holt, C.C. ForCasting Seasonals and Trends by Exponentially Weighted movingAverages[R]. ONR Research Memorandum No.52. Carnegie Institute of Technology,1957.
[146]童明容,薛恒新,林琳.基于Holt-winter模型的铁路货运量预测研究[J].铁道运输与经济,2007,29(l):79-81.
[147]童明容,薛恒新.霍尔特-温特模型在货运量季节性预测中的应用[J].数据统计与管理,2008,27(3):500-504.
[148]王庆荣.基于神经网络与H olt-Winters模型的铁路货运量组合预测[J].兰州交通大学学报,2010,29(4):122-125.
[149] Deng, J. L.Grey Forecast and Grey Decision [M].Wuhan: Huazhong University ofScience and Technology Press,2002.
[150]黄春萍,倪宗瓒.灰色模型在预测肺结核发病率中的应用[J].现代预防医学,2002,29(6):791-793.
[151]邵珠艳,王春梅,魏至莎.灰色GM (1,1)预测模型在疾病预测中的应用[J].中国医院统计,2003,10(3):146-148
[152]赵国生,王慧强,王健.基于灰色verhulst的网络安全态势感知模型[J].哈尔滨工业大学学报,2008,40(5):798-801.
[153]邢秀芝,李振. GM(1,1)-ARMA(n, m)预测模型及应用[J].周口师范学院学报.2004,21(5):34-36.
[154]邓聚龙.灰色预测与决策[M].武汉:华中理工大学出版社,1988.
[155]杨位钦,顾岚.时间序列分析与动态数据建模[M].北京:北京理工大学出版社,1988.
[156]梁雪枫,李慧,高丽等. ARIMA模型预测甲肝发病[J].预防医学情报杂志,2009,5(4):252-254.
[157]马亮亮,田富鹏. ARMA模型在胆结石病发病率预测中的应用[J].军事医学科学院院刊,2010,34(5):469-472.
[158]陈美,王红芹,程铁信.综合Winters模型和ARMA模型预测GDP [J].天津工业大学学报,2007,26(5):83-85.
[159]邹柏贤,刘强.基于ARMA模型的网络流量预测[J].计算机研究与发展,2002,39(12):1645-652.
[160]张晓峒. Eview使用指南与案例(数量经济学应用系列)[M].北京:机械工业出版社,2007:106-107.
[161]张善文. Matlab在时间序列分析中的应用[M].西安:西安电子科技大学出版社,2007.
[162]杨叔子,吴雅等著.时间序列分析的工程应用[M].武汉:华中理工大学出版社,1991.
[163]王振龙.时间序列分析[M].北京:中国统计出版社,2000.
[164]王振龙,胡永宏.应用时间序列分析[M].北京:科学出版社,2007.
[165] Bates J M, Granger C W J. Combination of forecasts [J]. Operations ResearchQuarterly,1969,20(4):451-468.
[166]丁咏梅,周晓阳.组合预测在粮食产量预测中的应用[J].统计与决策,2004,3:44-45.
[167] Snell Q O, Mikler A, Gustafson J L. NetPipe:a network protocol independentperformance evaluator [C]. Proceedings of IASTED International Conference onIntelligent Information Management and System,1996:89-106.
[168][OL]. http://www.oschina.net/p/loganalyzer.
© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号 地址:北京市海淀区学院路29号 邮编:100083 电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700 |