[KSCI] Korea Science Citation Index Service

http://dx.doi.org/10.3837/tiis.2015.12.021

Defense Strategy of Network Security based on Dynamic Classification

Wei, Jinxia (Information Security Center, National Engineering Laboratory for Disaster Backup and Recovery Beijing University of Posts and Telecommunications)
Zhang, Ru (Information Security Center, National Engineering Laboratory for Disaster Backup and Recovery Beijing University of Posts and Telecommunications)
Liu, Jianyi (Information Security Center, National Engineering Laboratory for Disaster Backup and Recovery Beijing University of Posts and Telecommunications)
Niu, Xinxin (Information Security Center, National Engineering Laboratory for Disaster Backup and Recovery Beijing University of Posts and Telecommunications)
Yang, Yixian (Information Security Center, National Engineering Laboratory for Disaster Backup and Recovery Beijing University of Posts and Telecommunications)

Publication Information

KSII Transactions on Internet and Information Systems (TIIS) / v.9, no.12, 2015 , pp. 5116-5134 More about this Journal

Abstract

In this paper, due to the network security defense is mainly static defense, a dynamic classification network security defense strategy model is proposed by analyzing the security situation of complex computer network. According to the network security impact parameters, eight security elements and classification standard are obtained. At the same time, the dynamic classification algorithm based on fuzzy theory is also presented. The experimental analysis results show that the proposed model and algorithm are feasible and effective. The model is a good way to solve a safety problem that the static defense cannot cope with tactics and lack of dynamic change.

Keywords

Dynamic classification defense; Fuzzy theory; Membership function; Security element; Membership matrix;

Citations & Related Records

Times Cited By KSCI : 1 (Citation Analysis)

Reference
Cited By KSCI

1	A. Botta, A. Pescapé, G. Ventre, “Quality of service statistics over heterogeneous networks: Analysis and applications,” European Journal of Operational Research 101 (2008) 1075-1088. Article (CrossRef Link) DOI
2	R. P. Karrer, I. Matyasovszki, A. Botta, and A. Pescapé, "Experimental evaluation and characterization of the magnets wireless backbone," WiNTECH'06,September 29, 2006, Los Angeles, California, USA. Article (CrossRef Link)
3	R. P. Karrer, I. Matyasovaszki, A. Botta and A. Pescapé, “MagNets-experiences from deploying a joint research-operational next-generation wireless access network testbed,” in Proc. of the 3rd International Conference on Testbeds and Research Infrastructures for the Development of Networks and Communities, TridentCom 2007. Article (CrossRef Link)
4	O. P. Kreidl and T.M. Frazier, “Feedback control applied to survivability: A host-based autonomic defense system,” IEEE Transactions on Reliability, vol.53 no.1, pp.140-166, 2004. Article (CrossRef Link) DOI
5	C. L. Cao, R. Zhang, M. Y. Zhang and Y. X. Yang, “IBC-based entity authentication protocols for federated cloud systems,” KSII Transactions on Internet and Information Systems, vol.7, no.5, pp. 1291-1312, May 31, 2013. Article (CrossRef Link) DOI
6	Z. Z. Peng and Y. Y Sun, “Fuzzy mathematics and its application,” 2nd Edition, Wu Han university press, China, pp. 4-10, 2007. Article (CrossRef Link)
7	S. P. Yao, Y. Y. Gu, “Network security situation quantitative evaluation based on the classification of attacks in attack-defense confrontation environment,” 2009 Chinese Control and Decision Conference, pp. 6014-6019, 2009. Article (CrossRef Link)
8	M. Jo, L. Z. Han, N. D. Tan, and H. P. In, “A Survey: Energy Exhausting Attacks in MAC Protocols in WBANs,” Telecommunication Systems, Vol. 58, No. 2 pp. 153-164, February 2015. Article (CrossRef Link) DOI
9	Y. L. Wang and G. F. Tian, “Network security technology and practices,” Tsinghua university press, Beijing, China, pp. 65-67, 2013. Article (CrossRef Link)
10	A. Dainotti, A. Pescapè, G. Ventre, “Worm Traffic Analysis and Characterization,” 2007 IEEE International Conference on Communications (ICC 2007). Article (CrossRef Link)
11	S. Tripathy, S. Nandi, “Defense against outside attacks in wireless sensor network,” Computer Communications, vol.31, no.4, pp.818-826, 2008. Article (CrossRef Link) DOI
12	A. Dainotti, A. Pescapè, G. Ventre, “A cascade architecture for DoS attacks detection based on the wavelet transform,” Journal of Computer Security, Volume 17, Number 6/2009, Pages 945-968. Article (CrossRef Link) DOI
13	M. Jo, L. Z. Han, D. Kim, and H. P. In, “Selfish Attacks and Detection in Cognitive Radio Ad-hoc Networks,” IEEE Networt, Vol.27, No.3 pp. 46-50, June 2013. Article (CrossRef Link) DOI
14	W. M. Hong, “The technology research of dynamic network active defense in network management,” International workshop on information and electronics engineering(IWIEE), vol.29, pp.1584-1589, 2012. Article (CrossRef Link)
15	J. A. Fitch III, L. J. Hoffman, “A shortest path network security model,” Computers & Security, vol.12, no.2,pp.169-189, 1993. Article (CrossRef Link) DOI
16	N. Hoque, M. H. Bhuyan, R. C. Baishya, and D. K. Bhattacharyya, “Network attacks: Taxonomy, tools and systems,” Journal of Network and Computer Applications, vol.40, pp.307-324, May, 2014. Article (CrossRef Link) DOI
17	J. F. Xu, “A defense system for wireless sensor networks,” The Journal of China Universities of Posts and Telecommunications, vol.18, sup.2, pp.119-122, 2011. Article (CrossRef Link) DOI
18	G. Levitin, “Optimal defense strategy against intentional attacks,” IEEE Transactions on Reliability, vol.56, no.1, pp.148-157, 2007. Article (CrossRef Link) DOI
19	H. Li, G. W. Rosenwald, J. Jung, and C. C. Liu, "Strategic power infrastructure defense," in Proc. of The IEEE, vol. 93, no.5,pp. 918-933, 2005. Article (CrossRef Link)
20	R. L. Chen, J. M. Park, R. Marchany, “A divide – and – conquer strategy for thwarting distributed denial-of-service attacks,” IEEE Transactions on Parallel and Distributed Systems, vol.18, no.5, pp. 577-588, 2007. Article (CrossRef Link) DOI
21	Y. C. Jiang, Z. Y. Xia, S. Y. Zhang, “A novel defence model for dynamic topology network based on mobile agent,” Microprocessors and Microsystems, vol. 29, no.6, pp.289-297, 2005. Article (CrossRef Link) DOI
22	C. Cliff Zou, Nick Duffield, Don Towsley, “Weibo Gong. Adaptive Defense Against Various Network Attacks,” IEEE Journal on Selected Areas in Communications, vol.24, no.10, pp.1877-1887, 2006. Article (CrossRef Link) DOI
23	J. Xu, W. Lee, “Sustaining availability of Web services under distributed denial of service attacks,” IEEE Transactions on Computers, vol.52, no.4, pp.195-208, 2003. Article (CrossRef Link) DOI
24	P. Liu, W. Zhang, “Incentive-based modeling and inference of attacker intent, objectives, and strategies,” in Proc. of the 10th ACM Computer and Communication Security Conference (CCS’03). Washington, DC, pp. 179-189, 2003. Article (CrossRef Link)
25	S. Northcutt, Networking Intrusion Detection: An Analyst’s Handbook, 3rd Edition Indianapolis, Indiana, United States, New Riders Publishing, 1999. Article (CrossRef Link)
26	U. Tariq, Y. Malik, B. Abdulrazak, “Collaborative Peer to Peer Defense Mechanism for DDoS Attack,” Procedia Computer Science, vol.5, pp.157-164, 2011. Article (CrossRef Link) DOI
27	W. Jiang, B. X. Fang, Z. H. Tian, and et al., “Evaluating network security and optimal active defense based on attack-defense game madel,” Chinese Journal of Computers, vol.32, no.4, pp.817-827, 2009. Article (CrossRef Link) DOI
28	Q. S. Wu, et al, “On modeling and simulation of game theory-based defense mechanisms against DoS and DDoS attacks,” in Proc. of the 2010 spring simulation multiconference. Society for computer Simulation International, 2010. Article (CrossRef Link)
29	T. Spyridopoulos, G. Karanikas, T. Tryfonas, G. Oikonomou, “A game theoretic defense framework against DoS/DDoScyber attacks,” Computer & Security, vol.38, pp.39-50, 2013. Article (CrossRef Link) DOI
30	A. Chonka, Y. Xiang, W. L. Zhou, A. Bonti, “Cloud security defense to protect cloud computing against HTTP-DoS and XML –DoS attacks,” Journal of Network and Computer Applications, vol.34, no.4, pp.1097-1107, 2011. Article (CrossRef Link) DOI
31	K. W. Lye, J. Wing “Game strategies in network security,” School of Computer Science, Carnegie Mellon University, Pittsburgh: Technical Report CMU-CS-02-136, May 2002. Article (CrossRef Link)