【作者】 王良民；

【导师】 马建峰；

【作者基本信息】 西安电子科技大学 ， 密码学， 2006， 博士

【摘要】 近几年来,随着分布式网络系统的大量应用,网络入侵的方式也层出不穷,传统的入侵防御和入侵检测技术无法实现一个具有抵制任何故障/入侵能力的系统,而容忍入侵技术能在故障/入侵已发生时保证系统关键功能的执行,因而受到越来越多的关注。本文在查阅了大量容忍入侵技术的相关文献之后,综述了当前容侵系统和容侵技术研究的现状,指出新的主动反应式容侵系统和自再生的容侵技术将是容忍入侵研究的新方向,分别针对这两个方向,进行了较为系统的研究:一、分析认为反应式容侵系统具有较好的兼容性,增加了容侵功能的反应式系统能够和原有系统较好地兼容,但现有的反应式容侵系统根据入侵检测结果在入侵形成后被动响应,具有反应时间不足的缺陷。为克服此问题,本文提出让系统根据入侵预测结果提前反应、主动响应,构建主动反应式容侵系统,并研究了相关的入侵预测关键技术:1)入侵建模:提出了基于攻击者能力的入侵模型及其构建与描述方法,该入侵模型从攻击者能力的角度出发,关注入侵对系统安全的影响;利用来自IDS的警报信息,采用入侵警报关联的方法及时构建入侵模型,并用形式化方法证明了采用相关方法构建该入侵模型的存在性和唯一性;提出了基于TIBC语言的模型描述方法及模型实时建立方法,并用相关实验检验了该模型构建算法的性能。2)入侵预测:提出了用于入侵预测的混合式贝叶斯网络模型及基于该模型的入侵预测方法,该混合式贝叶斯网络分为攻击层和状态层两个层次,存在收敛连接和连续连接两种连接,可以很好的描述攻击行为与该攻击行为所导致的系统安全状态之间的因果联系;该网络模型可由前述基于攻击者能力的入侵模型直接转化而来,在相关信度更新算法的支持下,文章通过具体实验示例表明了该预测方法的有效性。二、分析认为当前基于“优雅降级”的容侵技术最终依然会导致系统在不断降级中失败,而“自再生技术”可以通过派生出新一代系统来恢复原有系统具备的容忍能力。为此考查了与再生技术相关的无线传感器网络的拓扑生成方法,并以此为背景,研究了容侵的无线传感器网络拓扑自再生技术,具体工作如下:1)拓扑生成方法综述与分析:综述了当前无线传感器网络拓扑生成方法并分析了它们在恶意入侵环境下的表现,指出针对现有拓扑生成方法可能存在更多还原

【Abstract】 Recently, network intrusion becames more and more frequent with the wide application of distributed networks, and these bring on the phenomenon that no system can resist all the fault and intrusion. For its abilities of tolerating the intrusions and guaranteeing the key sevices of systems, intrusion tolerance attracts more and more attention.A recent survey of the intrusion tolerance system (ITS) and intrusion tolerance technology is given firstly in this dissertation, and the conclusion that initiative reactive ITS and self-regeneration technology are the new progress is achieved by analyzing, then some key problems of these two aspects are studied and systemic conclusions are achieved.In the aspect of ITS, the author suggested an initiative reactive ITS which initiatively reacts by intrusion prediction instead of by intrusion detection in the existed reactive ITS to get more reacting time, then focuses on the two key technologies, modeling and predicting method of intrusion, which are appropriate to trig the reactive intrusion tolerance system.1) Modeling the Intrusion: An intrusion model of state transition of attackers’capability and its constructing algorithm is presented. The model pays its emphasis on the influence of the intrusion upon the system and describes the intrusion as the state transition process of the attackers’capability. The constructing algorithm correlates the intrusion detection alerts into meta-attack, and defines cover as the reduction of meta-attack. Then the method of transforming the cover of meta-attack to intrusion model and the proofs of the equivalences among intrusion model, meta-attack and its cover are given. And then an algorithm for describing the intrusion model adaptively is present in which the manual work is not employed as the existing methods. In the end, both the intrusion model and the algorithms for constructing and describing this model show their good performances in the correlation experiment.2) Predicting the Intrusion: A hybrid Bayesian network method for intrusion predicting is presented which is based on the intrusion model of state transition of attackers’capability. The network model shows the casual relation of the更多还原