| With the progress of computer technology and Internet, mission-critical network system (MCNS), as a special kind of network information system, has been widely applied in many fields that affect people's lives and social development. However, network environment worsening makes security problems facing by the system become more and more obvious. Under the circumstances that traditional network security technologies can not satisfy people's security requirements any longer, research on network security situational awareness (NSSA) emerges as the times require.At present, research on network security situational awareness is just underway, and research schema of NSSA is still lacked, which results in less guidance in further progress of the following studies on situational forecast, situation visualization and so on. Aiming at the global security of mission critical network system, research on service-oriented mission critical network system security situational awareness is proposed, in which formal modeling and quantitative awareness of security situational awareness are emphasized in order to solve the problems of qualitative description and quantitative analysis. The main contents are organized as follows:Firstly, service-oriented idea is adopted in MCNS architecture design. A kind of service-oriented architecture mission-critical network system model(SOA-MCNS) is established, stateπcalculus is used in state/behavior hybrid modeling for MCNS based on service operations, and a SMM model is presented to measure the maturity degree of the architecture. Model verification experimental results indicate that the system model can accurately reflect system's key features and behavioral features. Service-oriented architecture provides an important guiding role in formal modeling and quantitative analysis for security situation of MCNS.Secondly, according to the potential resource dependencies among services, service and configuration, configurations in MCNS, system security situation metrics is analyzed from three levels of network services, network hosts and network links, and then hierarchical security situation indexes are proposed and formalized, at last a security situation index system model based on S-H-L is abstracted. Application in specific cases indicates that the research achievements can be used in network service security situation analysis at different scenes and provides a reasonable basis for system security situation analysis.Thirdly, MCNS security situation formal modeling method based on Hidden Markov Model (HMM) is explored. System security situation factors are studied, and network attack behaviors and service operational states are abstracted into modeling objects for the dual stochastic processes in HMM. Formal models of system security situation are separately constructed from the two perspectives of attack behaviors and security influences and classic Baum-Welch algorithm is used in model parameter estimation. Simulation experimental result proves that the model can reflect the logic relations and dynamic transformations among and of security situation factors exactly, and which turns into the foundation for quantitative analysis of situation.Finally, quantitative analysis method for MCNS security situation based on game theory is studied. Combined with the service-oriented idea, network service availability and performance parameters are chosen as the important indexes in impact analysis. Mixed strategy game is introduced to depict the security interaction between attackers and defenders in cyberspace, network offensive-defensive game model is constructed and parameters, like strategy space, transfer probability, payoff function, are clearly defined. The method takes payoffs of game players as synthetical embodiment of security situation, and depicts system' s security status in the form of number pair, then quantitative analysis and automatic generation of security situation is completed, which helps security administrator decide correctly.
|
PDF Full Text Request