[1]李远敏.层次化分类淘汰法的网络最优弥补模型[J].华侨大学学报(自然科学版),2016,37(4):515-518.[doi:10.11830/ISSN.1000-5013.201604025]
 LI Yuanmin.Optimal Network Hardening Model Based on Hierarchical Classification Elimination[J].Journal of Huaqiao University(Natural Science),2016,37(4):515-518.[doi:10.11830/ISSN.1000-5013.201604025]
点击复制

层次化分类淘汰法的网络最优弥补模型()
分享到:

《华侨大学学报(自然科学版)》[ISSN:1000-5013/CN:35-1079/N]

卷:
第37卷
期数:
2016年第4期
页码:
515-518
栏目:
出版日期:
2016-07-04

文章信息/Info

Title:
Optimal Network Hardening Model Based on Hierarchical Classification Elimination
文章编号:
1000-5013(2016)04-0515-04
作者:
李远敏
厦门理工学院 计算机与信息工程学院, 福建 厦门 361024
Author(s):
LI Yuanmin
College of Computer and Information Engineering, Xiamen University of Technology, Xiamen 361024, China
关键词:
最优弥补模型 层次化淘汰算法 穷举法 网络安全
Keywords:
optimal hardening model hierarchical classification elimination algorithm enumeration method network security
分类号:
TP393
DOI:
10.11830/ISSN.1000-5013.201604025
文献标志码:
A
摘要:
针对求解最优弥补的特点和需求,利用层次化分类淘汰,提出一种基于层次化分类淘汰法的最优弥补模型(HSE-ONHM),得到最优弥补的精确解.为了验证HSE-ONHM的可行性和有效性,分别采取穷举法和层次化淘汰算法求解同一目标网络环境的最优弥补.实验结果表明:无论是淘汰次数还是CPU消耗时间,层次化分类淘汰法比穷举法优越;层次化分类淘汰法的计算时间随着初始属性节点数量呈指数增加,该实验结果与算法性能分析结果一致.
Abstract:
This paper considers the characteristics and requirement of solving the optimal hardening problem. A new optimal network hardening model based on hierarchical separatal elimination(HSE-ONHM)is proposed and accurate solution for optimal hardening is got. In order to verify the feasibility and effectiveness of the model, the optimal exhaustive method and hierarchical algorithm is taken for elimination of the same target for network environment. Experimental results show that either eliminated or the number of CPU time consuming, HSE-ONHM is superior. The computation time of HSE-ONHM with initial attribute node increases exponentially with the number. The experimental results are consistent with the performance analysis of the algorithm.

参考文献/References:

[1] YEH W C.A Revised layered-network algorithm to search for all d-minpaths of a limited-flow acyclic network[J].IEEE Transations on Reliability,1998,47(4):436-442.
[2] IN Yongkun.A Simple algorithm for reliability evaluation of a stochastic-flow network with node failure[J].Computers and Operations Research,2001,28(13):1277-1285.
[3] 骆剑锋,陈俞强.采用环加星型网络结构负载均衡集群技术的云平台设计[J].华侨大学学报(自然科学版),2016,37(2):164-167.
[4] CHEN Run,MO Yong,PAN Zhan.Performance improvement of edge expansion technique for BDD-based network reliability analysis[J].Journal of Computers 2013,8(9):2190-2196.
[5] JHA S,SHEYNER O,WING J M.Two formal analyses of attack graphs[C]//Proceedings of 15th IEEE Computer Security Foundations Workshop.Ottawa:IEEE Press,2002:234-238.
[6] NOEL S,JAJODIA S,O’BERRY B,et al.Efficient minimum-cost network hardening via exploit dependency graphs[C]//Proceedings of 19th Annual Computer Security Applications Conference.Hangzhou:IEEE Press,2003:86-95.
[7] PHILLIPS C,SWILER L.A graph-based system for network vulnerability analysis[C]//Proc of the New Security Paradigms Workshop.Charlottesville:User Evaluation,1998:71-79.
[8] SHEYNER O,HAINES J,JHA S,et al.Automated generation and analysis of attack graphs[C]//Proc of the IEEE Symposm on Security and Privacy.Oakland:IEEE Computer Society Press,2002:254-265.
[9] SHEYNER O.Scenario graphs and attack graphs[D].Pittsburgh:Carnegie Mellon University,2004:256-257.
[10] HOMER J.A comprenhensive approach to enterprise network security management[D].Manhattan:Kansas State University,2008:148-150.
[11] WANG Lingyu,NOEL S,JAJODIA S.Minimum-cost network hardening using attack graphs[J].Computer Communications,2006,29(18):3812-3824.
[12] CHEN Feng,WANG Lingyu,SU Junshang.An efficient approach to minimum-cost network hardening using attack graphs[C]//Proc of the Fourth International Conference on Information Assurance and Security.Tokyo:User Evaluation,2008:209-212.

备注/Memo

备注/Memo:
收稿日期: 2016-01-20
通信作者: 李远敏(1970-),男,副教授,主要从事信息融合、嵌入式系统的研究.E-mail:cxllymin@163.com.
基金项目: 福建省教育厅A类项目(JA09217); 厦门理工学院高层次人才科技项目(YKJ08013R)
更新日期/Last Update: 2016-07-20