進階搜尋


下載電子全文  
系統識別號 U0026-2407201315074200
論文名稱(中文) 網路攻防演練框架設計及基於雲端實證資料下虛擬機器效能模型之研究
論文名稱(英文) Framework Design for Cyber Attack and Defense Exercises with Empirical Cloud Data
校院名稱 成功大學
系所名稱(中) 電腦與通信工程研究所
系所名稱(英) Institute of Computer & Communication
學年度 101
學期 2
出版年 102
研究生(中文) 林敬皇
研究生(英文) Ching-Huang Lin
學號 n28931324
學位類別 博士
語文別 英文
論文頁數 68頁
口試委員 召集委員-吳承崧
口試委員-吳宗成
口試委員-賴威光
口試委員-楊竹星
指導教授-李忠憲
口試委員-林輝堂
口試委員-蘇淑茵
口試委員-蘇銓清
中文關鍵字 網路攻防演練  網路安全測試平台  雲端運算  虛擬機器  資源分配 
英文關鍵字 Cyber Security Exercises  Attack and defense Competitions  Empirical Service Traces  Virtual Machine  Resource Allocation  Resource Model 
學科別分類
中文摘要 網路攻防演練的訓練方式在資訊安全領域中愈來愈受到重視,透過實際動手操作的方式,強化參與的攻擊與防護能力。故本論文提出網路攻防演練框架(Cyber Attack and Defense Exercises Framework)用以協助研究人員或軍事單位有系統及結構化的準備、建構、設計與規劃施行網路攻防演練或演習,並透過臺灣網路安全測試平台(Testbed@TWISC)實作一網路攻防演練活動。經由蒐集演練活動的資料提出持續改進網路攻防演練框架(Cyber Attack and Defense Exercises Framework)之方向。
網路攻防演練將愈來愈不可能在真實的網路與實體的主機環境中實行,除了可能影響真實的運作外,雲端運算的興起,各式的雲端運算環境提供雲端網路攻防演練所需的各式服務。因此,有效地利用雲端運算環境(特別是IaaS架構的VM)來進行網路攻防演練將成為趨勢。
本研究的另一部分是透過蒐集成功大學計算機與網路中心虛擬平台上實際提供服務的虛擬機器運作之資料,我們提出VM Performance Model應用來分析在Service Level Agreement下的VM最佳化配置。經由定義VM Allocation Problem及根據蒐集之實證資料驗證,使用Beta distribution of CPU Module 可用以解決VM Allocation Problem及找到VM分配的最佳組合的VM Performance Model。透過Simulation證明,所提出的VM Performance Model可運用在IaaS管理者經由SLA與reservation參數的調整找到最佳的VM配置及較有效率的資源分配。找出可有效地利用雲端運算環境(特別是IaaS架構的VM)來進行網路攻防演練或其他VM上的應用與服務之方式。
英文摘要 Cyber Security Exercise training is gaining more attention in the information security field. Actual hands-on practice will strengthen the capabilities of attack and defense. Hence, we propose The Cyber Attack and Defense Exercises Framework in the dissertation to assist academic researchers or military cyber-units in designing, planning and performing security exercises. A competition of network attacks and defense was held on the Taiwan Network Security Testing Platform (Testbed@TWISC) to collect empirical data, verify suitability and find the direction for improving the proposed framework.
Besides providing real world services, the cloud environment can be used to provide a variety of network attack and defense exercises. Cyber security competitions will become increasingly difficult to hold in a real network environments with physical host implementations. The use of cloud computing environments (especially IaaS architecture with VM) to perform cyber attack and defense games will become a trend.
Another part of this study proposes a “VM Performance Model” to determine the optimal VM allocation based on Service Level Agreement. We collect data from virtual machines within the production cloud service platform of the Computer and Network Center in National Cheng Kung University. By defining the VM Allocation Problem and validating the model against the gathered data using Beta distribution, we detail a method to solve the VM Allocation Problem and find the optimal VM allocation on based on specific availability requirements SLA parameters are matched with reservations to find the best VM configuration and most efficient allocation of resources.
Simulations prove the proposed VM Performance Model is valid for use in IaaS managers this portion of the work is focused on identifying effective use of cloud computing environments (especially IaaS architecture using VMs) for cyber attack and defense exercises or other cloud applications and services.
論文目次 摘要 I
ABSTRACT II
誌謝 IV
CONTENTS V
LIST OF TABLES VII
LIST OF FIGURES VIII
CHAPTER 1 INTRODUCTION 1
1.1 BACKGROUND 1
1.2 MOTIVATION 3
1.3 DISSERTATION CONTRIBUTIONS 5
1.4 ORGANIZATION 6
CHAPTER 2 BACKGROUND AND RELATED WORK 7
2.1 CYBER ATTACK AND DEFENSE OVERVIEW 7
2.2 CYBER SECURITY EXERCISES AND COMPETITION 10
2.3 CLOUD COMPUTING AND RESOURCE ALLOCATION 11
2.3.1 Cloud Computing 11
2.3.2 Resource Allocation 14
2.3.3 Resource Management with vSphere 16
2.3.4 Statistical Method 17
2.3.4.1 Beta Distribution 17
2.3.4.2 Chi-Square Goodness-of-Fit Test 19
CHAPTER 3 CYBER ATTACK AND DEFENSE EXERCISES FRAMEWORK 20
3.1 REQUIREMENTS OF DEFINITIONS AND FRAMEWORKS OF CYBER ATTACK AND DEFENSE EXERCISES 20
3.2 CYBER ATTACK AND DEFENSE EXERCISES FRAMEWORK 22
3.3 EXERCISES MONITOR AND ATTACK EVENT 26
3.3.1 Exercise Monitor 26
3.3.2 Attack Event 27
3.3.3 GUI: Causal Relationships Graph 32
CHAPTER 4 VM PERFORMANCE MODELING 34
4.1 DEFINITION AND ASSUMPTION 34
4.2 VIRTUAL MACHINE ALLOCATION SCENARIO DESCRIPTION 36
4.3 VM PERFORMANCE MODELING 38
4.4 VM PERFORMANCE MODELING WITH THE CENTRAL LIMIT THEOREM 43
CHAPTER 5 SIMULATION AND DISCUSSION 45
5.1 A STUDY CASE FOR CYBER SECURITY EXERCISES 45
5.1.1 Case Description 45
5.2.2 Perform the Cyber Security Exercises 51
5.2.3 Result and Discussion 54
5.2 THE VM PERFORMANCE MODELING SIMULATION AND DISCUSSION 57
5.2.1 The Same VMs Simulation 57
5.2.2 VM Allocation Problem Simulation 61
CHAPTER 6 CONCLUSION & FUTURE WORK 64
6.1 Conclusion 64
6.2 Future Work 65
REFERENCES 66
參考文獻 [1] Abdat, N., Spruit, M., Bos, M. Cloud Computing and the Pricing Strategy for Vendors. In Murugesan, S. (ed.), Cloud Computing. [online] Available: http://m.spru.it/files/asb2009cc.pdf?attredirects=0&d=1, 2009.
[2] Afterglow, [online] Available: http://afterglow.sourceforge.net/ , May, 2013.
[3] Bloomberg Businessweek, “The New E-spionage Threat,” BusinessWeek, [online] Available: http://www.businessweek.com/magazine/content/08_16/b4080032218430.htm, April 2008.
[4] Chaisiri, S.,Bu-Sung Lee,Niyato, D., Optimization of Resource Provisioning Cost in Cloud Computing, Services Computing, IEEE Transactions on, vol.5, no.2,; pp. 164-177 , April-June 2012.
[5] Childers, N., Boe, B., Cavallaro, L., Cavedon, L., Cova, M., Egele, M., Vigna, G.: Organizing Large Scale Hacking Competitions. In: Kreibich, C., Jahnke, M. (eds.) DIMVA 2010. LNCS, vol. 6201, pp. 132–152. Springer, Heidelberg, 2010
[6] Ching-Huang Lin , Chung-Chih Chiang, Chien-Hung Chen, Yu-Chin Cheng, Chi-Sung Laih, 2007, “Design and implementation in causal relationship of attack events", Journal of Internet Technology, Vol. 8, No. 2, pp. 165-169, April 2007.
[7] Ching-Huang Lin, Chien-Tung Lu, Ying-Hsien Chen, and Jung-Shian Li , Resource Allocation on Cloud Virtual Machines Based on Empirical Service Data Traces, International Journal of Communication Systems , June, 2013.
[8] Chi-Sung Laih, Jung-Shian Li, Mao-Jie Lin, ShRiau-Han Chang, Li-Da Chen, Shih-Hsien Tseng, and Michael Chang , “Development and Operation of Testbed@TWISC”, The 3rd Joint Workshop on Information Security(JWIS), July 10-11, Hanyang University, Seoul, Korea, 2008.
[9] Chris Simmons, Charles Ellis, Sajjan Shiva, Dipankar Dasgupta, Qishi Wu, AVOIDIT: A Cyber Attack Taxonomy, [online] Available: http://issrl.cs.memphis.edu/files/papers/CyberAttackTaxonomy_IEEE_Mag.pdf August, 2005.
[10] Cyber Security Challenge: Cyber Security Challenge Website, [online] Available: https://cybersecuritychallenge.org.uk/, June, 2013.
[11] Defcon challenge, https://www.hacking-lab.com/events/scs3-defcon-challenge.html
[12] Elghoneimy, E., Bouhali, O., Alnuweiri, H, Resource allocation and scheduling in cloud computing, International Conference on Computing, Networking and Communications (ICNC), Maui, Hawaii, USA, 2 p.p. 309-314, DOI:10.1109/ICCNC.2012.6167434. 30 January 2012.
[13] Emulab - Network Emulation Testbed , [online] Available: http://www.emulab.net/ , June, 2013.
[14] F.Cuppens. “Managing alerts in a multi-intrusion detection environment”. 17th Annual Computer Security Applications Conference (ACSAC). New-Orleans, December 2001.
[15] Frank E. Gillett, Future View: The New Tech Ecosystems of Cloud, Cloud Services, And Cloud Computing, Forrester Research, Inc. Reproduction Prohibited. 28 August 2008.
[16] Graphviz, [online] Available: http://www.graphviz.org/, June, 2013.
[17] Guohui Wang, Ng, T.S.E., The Impact of Virtualization on Network Performance of Amazon EC2 Data Center, INFOCOM, 2010 Proceedings IEEE, San Diego, CA, USA, 14-19 March 2010.
[18] Harold C. Lim, Shivnath Babu, Jeffrey S. Chase, Sujay S. Parekh, Automated control in cloud computing: challenges and opportunities, ACM 1st workshop on Automated Control for Datacenters and Clouds(ACDC), Barcelona, Spain, 2009
[19] Jelena Mirkovic, Terry V. Benzel, Stephen Schwab, The DETER Project: Advancing the Science of Cyber Security Experimentation and Test, Technologies for Homeland Security (HST), IEEE International Conference on, 2010.
[20] Jonathan Kupferman, Jeff Silverman, Patricio Jara, and Jeff Browne, Scaling Into The Cloud, [Online] Available: http://www.techrepublic.com/whitepapers/scaling-into-the-cloud/3302611 , 2009.
[21] JiyiWu, Lingdi Ping, Xiaoping Ge, YaWang, Jianqing Fu , Cloud Storage as the Infrastructure of Cloud Computing, International Conference on Intelligent Computing and Cognitive Informatics (ICICCI), Kuala Lumpur, Malaysia, pp.380-383 ,22-23 June 2010.
[22] Josef Kaderka, Ontology in Cyber Defense and Computer Networks, CYBERNETIC LETTERS, SPECIAL ISSUE, December 2010.
[23] Luis M. Vaquero, Luis Rodero-Merino, Rajkumar Buyya, Dynamically scaling applications in the cloud, SIGCOMM Comput. Commun. Rev.;41:45-52, 2011.
[24] M. Armbrust, A.Fox, R. Griffith, A.D. Joseph, R. Katz, A. Konwinski, G. Lee, D. Patterson, A. Rabkin, I. Stoica, M. Zaharia, A view of cloud computing, Communications of the ACM, Volume 53 Issue 4, April 2010.
[25] M. Roesch, “Snort—Lightweight Intrusion Detection for Networks,” Proc. USENIX LISA ’99 Conf., November.1999.
[26] National Collegiate Cyber Defense Competition: Welcome to the National Collegiate Cyber Defense Competition, [Online] Available: http://www.nationalccdc.org/ , June, 2013.
[27] NIST,NIST Definition of Cloud Computing v15, [Online] Available: http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-def-v15.doc, , June, 2013.
[28] Polytechnic Institute of NYU: CSAW - Cyber Security Competition, [Online] Available: http://www.poly.edu/csaw2011, June, 2013.
[29] Raffael Marty, Applied Security Visualization, Addison Wesley Professional ,ISBN-13: 978-0-321-51010-5, 2008
[30] Ren, Y., Zhao, Y., Liu, P., Dou, K. and Li, J. , A survey on TCP Incast in data center networks. Int. J. Commun. Syst., doi: 10.1002/dac.2402, 2012.
[31] RightScale Inc., Web-based Cloud Computing Management Platform by RightScale. [Online] Available: http://www.rightscale.com/, June, 2013.
[32] Seyed Mohamad Alavi and Chi Zhou, Resource allocation scheme for orthogonal frequency division multiple access networks based on cooperative game theory, International Journal of Communication Systems, DOI: 10.1002/dac.2398, 2012.
[33] Steve Gold, “Advanced Evasion Techniques,” Network Security, Volume 2011, Issue 1, pp. 16-19, January 2011.
[34] Sungkap Yeo, Lee H.-H.S., Using Mathematical Modeling in Provisioning a Heterogeneous Cloud Computing Environment, IEEE Computer, pp.44(8):55-62. , August 2011.
[35] Urgaonkar, R. Kozat, U.C., Igarashi, K. and Neely, M.J., Dynamic resource allocation and power management in virtualized data centers, IEEE Network Operations and Management Symposium (NOMS), Osaka, Japan, pp. 479-486 19-23 April 2010.
[36] Victor-Valeriu Patriciu, Adrian Constantin Furtuna, Guide for Designing Cyber Security Exercises, RECENT ADVANCES in E-ACTIVITIES, INFORMATION SECURITY and PRIVACY, 2003
[37] Vigna, G.: The UCSB iCTF, [Online] Available: http://ictf.cs.ucsb.edu/ , June, 2013.
[38] VMware, Inc., vSphere resource management guide Release 5.1, [Online]. Available: http://pubs.vmware.com/vsphere-50/topic/com.vmware.ICbase/PDF/vsphere-esxi-vcenter-server-50-resourcemanagement-guide.pdf, 2012.
[39] Wei Jiang, Bin-xing Fang, Hong-li Zhang, Zhi-hong Tian, Optimal Network Security Strengthening Using Attack-Defense Game Model. Sixth International Conference on Information Technology: New Generations, 2009.
[40] Yadav, S.S., Zeng Wen Hua, CLOUD: A computing infrastructure on demand, 2nd International Conference on Computer Engineering and Technology (ICCET), Chengdu, China; pp. 423-426 , 16-18 April 2010.
[41] Zhang Heng-Ru, Gong Jie, “Research and Design of Network Attack and Defense Platform based on Virtual Honeynet,” Computational and Information Sciences (ICCIS), 2010 International Conference on, pp. 507-510, December 2010.
[42] Zhang Ting, Guo Lin-Hong, “Research and Implementation of Experimental Platform for Network Attack and Defence Based on Honeynet,” Advanced Materials Research, Volume 403-408, pp. 2221-2224, November 2011.
[43] Zhou, LiFeng; Chen, Lei; Pung, Hung Keng; Ngoh, Lek Heng, Identifying QoS violations through statistical endto-end analysis, International Journal of Communication Systems, 24:(10)1388-1406, DOI: 10.1002/dac.1273. October 2011.
[44] 江政哲、張迺貞, 初探雲端運算,2010海峽兩岸圖書資訊學術研討會,南京, 2010.
[45] 林敬皇、盧建同、李忠憲、楊竹星, 網路攻擊與防禦平台之研究與實作, 第二十二屆資訊安全會議(CISC2012), 台中, May, 2012.
論文全文使用權限
  • 同意授權校內瀏覽/列印電子全文服務,於2016-08-05起公開。
  • 同意授權校外瀏覽/列印電子全文服務,於2018-08-05起公開。


  • 如您有疑問,請聯絡圖書館
    聯絡電話:(06)2757575#65773
    聯絡E-mail:etds@email.ncku.edu.tw