| 一种基于多属性决策的DDoS防护措施遴选方法 |
| |
| 引用本文: | 黄亮,冯登国,连一峰,陈恺,张颖君,刘玉岭.一种基于多属性决策的DDoS防护措施遴选方法[J].软件学报,2015,26(7):1742-1756. |
| |
| 作者姓名: | 黄亮 冯登国 连一峰 陈恺 张颖君 刘玉岭 |
| |
| 作者单位: | 中国科学院 软件研究所 可信计算与信息保障实验室, 北京 100190,中国科学院 软件研究所 可信计算与信息保障实验室, 北京 100190,中国科学院 软件研究所 可信计算与信息保障实验室, 北京 100190,中国科学院 信息工程研究所, 北京 100195,中国科学院 软件研究所 可信计算与信息保障实验室, 北京 100190,中国科学院 软件研究所 可信计算与信息保障实验室, 北京 100190 |
| |
| 基金项目: | 国家高技术研究发展计划(863)(SQ2013GX02D01211); 国家自然科学基金(61100226, 61303248); 北京市自然科学基金(4122085, 4144089); “十二五”国家科技支撑计划(2012BAK26B01) |
| |
| 摘 要: | DDoS攻击是网络中最大的威胁之一,选取合适的防护措施,能够更加有效地保护目标网络和目标系统.现有的评价方法对于防护措施选择的指导性不足.针对该问题,首先构建了面向DDoS攻击的防护措施遴选模型(DCSM).在此基础之上,提出基于多属性决策的DDoS防护措施遴选算法.以多属性决策方法综合考虑各方面评估指标;从攻防两方面,以基于历史攻击偏好的方法和熵权法计算重要性权重,消除了传统评价方法中人为指定权重带来的主观性影响.提出的方法为防护措施的选择提供了参考,并通过模拟实验验证了方法的适用性和有效性.
|
| 关 键 词: | 多属性决策 DDoS 安全防护 措施遴选 安全评估 |
| 收稿时间: | 2013/10/23 0:00:00 |
| 修稿时间: | 5/5/2014 12:00:00 AM |
Method of DDoS Countermeasure Selection Based on Multi-Attribute Decision Making |
| |
| HUANG Liang,FENG Deng-Guo,LIAN Yi-Feng,CHEN Kai,ZHANG Ying-Jun and LIU Yu-Ling.Method of DDoS Countermeasure Selection Based on Multi-Attribute Decision Making[J].Journal of Software,2015,26(7):1742-1756. |
| |
| Authors: | HUANG Liang FENG Deng-Guo LIAN Yi-Feng CHEN Kai ZHANG Ying-Jun and LIU Yu-Ling |
| |
| Affiliation: | Trusted Computing and Information Assurance Laboratory, Institute of Software, The Chinese Academy of Sciences, Beijing 100190, China,Trusted Computing and Information Assurance Laboratory, Institute of Software, The Chinese Academy of Sciences, Beijing 100190, China,Trusted Computing and Information Assurance Laboratory, Institute of Software, The Chinese Academy of Sciences, Beijing 100190, China,Institute of Information Engineering, The Chinese Academy of Sciences, Beijing 100195, China,Trusted Computing and Information Assurance Laboratory, Institute of Software, The Chinese Academy of Sciences, Beijing 100190, China and Trusted Computing and Information Assurance Laboratory, Institute of Software, The Chinese Academy of Sciences, Beijing 100190, China |
| |
| Abstract: | DDoS is one of the biggest threat in the network. Using the proper countermeasure will notably improve the security level of the target network and/or target system. Existing security evaluation methods don't provide sufficient support for countermeasure selection. To solve the problem, this paper builds a DDoS countermeasure selection model (DCSM), and then proposes the DDoS countermeasure selection method. The method not only takes advantage of multi-attribute decision making theory to evaluate multi- dimension metrics, but also uses historical attack preference based method and entropy method to calculate the weight from both attack and defense perspectives, thus reducing the subjective factors in conventional methods. The correctness and the applicability of the method are validated by the experiments. |
| |
| Keywords: | multi-attribute decision making DDoS security countermeasure countermeasure selection security evaluation |
|
| 点击此处可从《软件学报》浏览原始摘要信息 |
|
点击此处可从《软件学报》下载全文 |
|
