Research On Strategy And Method Of Intrusion Tolerance Based On Autonomic Computing

As the continuous expansion of the computer system, existing intrusion tolerant system can not adapt to increasingly complex security requirements due to lack of self-management. How to find a flexible method which does not increase system's comp-lexity to enhance the intrusion tolerant system's self-adaptive and protect computer system's self-tolerance and service delivery capacity in the changing security environment. This problem has become the key issue requiring urgent solution in the field of intrusion tolerance. The technology of autonomic computing provides a new idea to solve the problem of intrusion tolerance system's adaptive, but existing research findings are brought together in the concept, working mechanism and structure, etc., and there is no breakthrough in the specific research and implementa-tion.The thesis of this paper consider the challenges in response to intrusion tolerant system's adaptive as a starting point, trying to solve the problem of current intrusion tolerance based on autonomic computing and achieve computer system's self-management, the dynamic adjustment of resources to accommodate the ability of different operating environments. This paper will carry out the research on intrusion tolerant system model based on autonomic computing and assessment strategies of network reliability based on neural network. Main research work focuses on the following aspects:(1)This paper analyzes the existing intrusion tolerance and related technology, describes the progress of existing research comprehensively and systematically, introduces the classic architecture of intrusion tolerance and quantitative assessment techniques of intrusion tolerance, discusses the current technical problems, leads the need for establishing intrusion tolerance model based on autonomic computing. (2)This paper puts forward a model of intrusion tolerant system based on autonomic computing because the current intrusion tolerant system lacks adaptive capacity. The model consists of three core modules: network connection reliability evaluation module, classification response policy module, system evaluation module. The reliability of the network connection is analyzed in real time to generate the initial reliability by an autonomic feedback law and the classification between suspicious information and confident information is guaranteed for implementing the tolerance on suspicious connections through the dynamic reliability optimization, thereby enhancing the system's adaptive capacity. Then this paper proposes a system state transition model based on Markov Process to provide a reliable theoretical and mathematical model for the assessment of the network connection's reliability on the basis of analysis and abstraction of the framework model system.(3) A self-assessment strategy of the network connection's reliability based on neural network is proposed from the perspective of quantitative assessment of network connection's reliability. This paper presents a process of evaluating the network connection's reliability based on BP neural network and LM algorithm according to the nonlinear relationship between the network connection properties and the assessed value.Finally, a simulation experiment is done on the basis of KDDCup99 data set. Simulation results show that the accuracy rate of self-assessment strategies of network connection's reliability can reach 93.50% in the model of intrusion tolerance based on autonomic computing, which can effectively achieve separating the credible informa-tion and suspicious information.