Browse > Article
http://dx.doi.org/10.6109/jkiice.2010.14.11.2514

Automated Generation of Optimal Security Defense Strategy using Simulation-based Evolutionary Techniques  

Lee, Jang-Se (한국해양대학교 IT공학부)
Hwang, Hun-Gyu (한국해양대학교 대학원 컴퓨터공학과)
Yun, Jin-Sik (한국해양대학교 대학원 컴퓨터공학과)
Park, Geun-Woo (한국해양대학교 대학원 컴퓨터공학과)
Publication Information
Journal of the Korea Institute of Information and Communication Engineering / v.14, no.11, 2010 , pp. 2514-2520 More about this Journal
Abstract
The objective of this paper is to propose the methodology for automated generation of the optimal security defense strategies using evolutionary techniques. As damages by penetration exploiting vulnerability in computer systems and networks are increasing, security techniques have been researched actively. However it is difficult to generate optimal defense strategies because it needs to consider various situations on network environment according to countermeasures. Thus we have adopted a genetic algorithm in order to generate an optimal defense strategy as combination of countermeasures. We have represented gene information with countermeasures. And by using simulation technique, we have evaluated fitness through evaluating the vulnerability of system having applied various countermeasures. Finally, we have examined the feasibility by experiments on the system implemented by proposed method.
Keywords
Information Security; Defense Strategy; Evolutionary Technique; Simulation;
Citations & Related Records
연도 인용수 순위
  • Reference
1 S. Hansman, and R. Hunt, "A taxonomy of network and computer attacks", Computers & Security, vol. 24, no. 1, pp. 3143, 2005.
2 V. M. Igure, and R. D. Williams, "Taxonomies of attacks and vulnerabilities in computer systems", IEEE COMMUNICATIONS SURVEYS, vol. 10, no. 1, pp. 6-19,2008.
3 FIRST, Common Vulnerability; Scoring System, http://www.fust.orgjcvss/
4 최재규, "RBAC을 이용한 ESM 모델연구", 정보통신산업진흥원 주간기술동향, 통권 1312호, pp. 1-12, 2007.
5 J.S. Lee, D.S. Kim, J.S. Park, and S.D. Chi, "Design of Intelligent Security Management System using Simulation based Analysis", LNAI 3809, pp. 766-775, 2005.
6 B.P. Zeigler, H. Praehofer, and T.G. Kim, Theory of Modeling and Simulation, Academic Press, 2000.
7 B.P. Zeigler, Multifacetted Modeling and Discrete Event Simulation, Academic Press, 1984.
8 유종호, 김종현, 나중찬, "통합보안관리 및 사이버 역추적 기술 표준화 현황", TTA Journal, no. 118, pp. 66-74, 2008.
9 H.S. Venter, and J.H.P. Eloff, "A taxonomy for information security technologies", Computers & Security, vol. 22, no. 4, pp. 299-307, 2003.   DOI   ScienceOn
10 이영석, 나중찬, 손승원,"ESM 개발 동향: 이기종 보안 시스템 연동을 중심으로", 한국전자동신연구원 주간기술동향, 통권 1096호, pp. 1-16, 2003.