项目名称: 基于信道拆分的大规模非合作资源控制模型与方法研究
项目编号: No.61202409
项目类型: 青年科学基金项目
立项/批准年度: 2013
项目学科: 计算机科学学科
项目作者: 崔翔
作者单位: 中国科学院计算技术研究所
项目金额: 24万元
中文摘要: 网络规模与网络带宽急剧膨胀,高危网络安全事件频发,仅依托规模有限且耗费巨资的自主可控资源构建的信息安全防御体系和平台去应对数量极大且高速增长的网络安全事件已遭遇资源和性能瓶颈。本项目针对该问题,综合分析多种已有的、依托非合作资源的信息系统,抽取出其共有的非合作特性,将此类系统统一定义为大规模非合作资源控制系统,形式化定义了非合作资源,提取出大规模非合作资源控制系统的基本属性,建立系统基本模型;针对传统单一信道不能满足大规模非合作资源控制系统安全需求的问题,提出信道拆分方法并证明其完备性,进而建立了大规模非合作资源控制系统安全模型,给出一种实现方法,并针对此类系统初步给出一种量化评价方法。本项目的研究思路是从传统自我建设模式转向网络空间非合作资源利用模式,旨在与当前防御体系形成有效互补,为建立大规模非合作资源控制系统及评估此类系统提供理论、技术与方法的依据,具有很高的理论意义和实用价值。
中文关键词: 信道拆分;非合作资源;控制模型;僵尸网络;
英文摘要: With the rapid expansion of network size and bandwidth, high-risk network security events have been broken out frequently. The existing defense platforms relying on the limited and expensive self-managed resources have inevitably met a resource and performance bottleneck, when dealing with the infinite and large-scale security events. To solve the problem to some degree, in this project, we make a systematic analysis over several current information systems relying on uncooperative resources, extracting the intrinsic uncooperative property among them, defining such kinds of systems as large-scale uncooperative resources control systems uniformly, defining uncooperative resources formally and extracting their basic properties; to solve the problem that unique channel generally is not strong enough to provide necessary security, we propose a channel-division methodology and prove its completeness, and then establishing the secure control model for large-scale uncooperative resources, providing a corresponding implementation method, and establishing a basic quantitative scoring system. To sum up, our research ideas are transforming from the traditional self-construction mode to uncooperative resources exploitation mode, aiming at complementing and integrating to the existing defense platform. We hope the research
英文关键词: Channel-Division;Uncooperative Resource;Control Model;Botnet;