Research On Some Key Technology Of Network Information System’s Survivability

With the social development of an increasing network and information, networkinformation system plays an important role in various departments such as government,defense, industry and commerce. However, it is inevitable and hard to detect all kinds ofattacks and intrusions as a result of large-scale network, complex internal and externalenvironment of information system, as well as the diversification of network attacks andvandalism. Any system cannot guarantee that it is perfectly safe. Therefore, the traditionalsecurity defenses and detection technology cannot meet the actual needs of the networkinformation systems and at this stage people are more concerned about whether the systemcan continue to provide users with satisfying service after the destruction, which is thesurvivability of the network information system.The survivable study of network information system includes three important areas: thesurvivability assessment, forecast and survival enhancement technology. Assessment is to usevarious methods to simplify and establish a favorable model on the target system forqualitative and quantitative survival analysis. The purpose of the survivability assessment istimely to access the survival situation of critical mission, in order to take appropriateemergency measures and it provides a scientific basis and criteria for the implementation ofcompatible enhanced strategies and technologies. Forecasting techniques may establish aneffective mathematical prediction model based on historical data so as to better understand thefuture trend of survivability and take precautionary measures in advance to ensure the normaloperation of the system critical services.As the survivable history of network information system is not long, most of the work isto present assessment framework by the researchers according to their own understanding and ideas and it does not form a unified, accepted standards. Furthermore, many studies havefocused on the theory assessment analysis and there is a big gap to a real practical application.This paper discusses the quantitative survivable assessment and forecast of the networkinformation system in details, which is composed of the following aspects.A quantitative assessment method based on3R1A characteristics is provided. Resistance,recognition, recovery and adaptation are the four key attributes of the survivable networkinformation systems. After analyzing the meanings of these four attributes, a hierarchicalstructure model set up. Moreover, resistance can be further divided into the damage degree ofattack scenarios and the impedance rate of the attack scenarios; recognition can be describedby use of the recognition rate and the recognition time of the attack scenario; Recovery can beelaborated to make use of the recovery degree, recovery time and recovery rate; Adaptationcan be portrayed through the adaptive cycle and the adaptive evolution delay. Hereafter, thecalculation methods of these indicators are established, and a unified computing mathematicalmodel of the system survivability is concluded.A critical service-oriented quantitative evaluation of survivability is presented based onthe attack scenario. After studying on the impact of vulnerabilities on the network informationsystem and analyzing the advantages and disadvantages of security assessment based onattack graph at home and abroad, a survival assessment process for critical services isconducted by the attack tree. An attack tree is generated for each key service on the basis ofthe privilege escalation, and a separate set of intrusion scenario is produced by the reversedepth-first traversal. Firstly, the survival trend for key services is described by intrusionscenarios. Then, effective analysis is made up with the intrusion scenario collection of theentire forest. Ultimately, get quantitative evaluation method of the entire system’s survivability.The analysis and comparison of an instance show the superiority of space and correctness ofthe algorithm.Combining grey grid closeness and Improved TOPSIS can evaluate the survivability ofthe network information system. The first is to use the traditional AHP method to determinethe system and the weights of critical set of services and the index set, which avoids thesubjectivity of experience which gives the weight directly. When analyze the survivability ofkey services, grey correlation degree is used to calculate the degree of association between thekey services and the optimal solution and the worst solution, and then use the grey gridcloseness to determine the degree of each critical service integrated survivability. Finally, through survival function is used to quantify the overall survival results of the networkinformation system. Elaborate an example of the method of calculation steps, and comparingtwo experiments verifies the rationality and effectiveness of the method.Finally, a combination forecasting model is proposed based on residual amendmentGM(1,1) and ARMA(p,q). In this model, the first is to use the grey GM(1,1) model toestablish the original series prediction. In order to improve the prediction accuracy, the use ofresiduals on the tail section re-establishes GM(1,1) prediction model, and through the residualmodel amends the original GM(1,1) prediction model and meanwhile the prediction modelobtains mean absolute percentage error. Then, we use the ARMA(p,q) models to build theoriginal sequence by comparing the candidate model parameters, and ultimately select theMA(2) as appropriate for the prediction model. The model also gives the mean absolutepercentage error. Finally, combination forecasting model is established based on residualmodified GM(1,1) model and the MA(2) model, and By comparing various parameters, weverify the effectiveness of combined forecasting model and accuracy.In summary, this paper deeply studies the quantitative assessment and forecast of thenetwork information system’s survivability. It explores the specific survival evaluation modeland calculation method from three different angles and a combination forecast model. Fromthe3R1A point of view, it describes the metrics of each of the key attributes, and theestablishment of a sound-level model in detail, which provides a strong guarantee to thespecific implementation of the survival of the quantitative analysis for the future. Reversedepth-first attack tree model can be faster to complete the search, and through quantitativeanalysis of the attack-scenario difficulty shows integrated survival conditions. The use ofcombining grey grid closeness with TOPSIS method can fully demonstrate the survivability ofthe critical services which expresses the living conditions of the entire system indirectly.Finally, a novel combined model is proposed to predict the future survival performance.Thisarticle’s findings have some theoretical significance and it can provide a useful reference forthe survivability of the network information system.