面向应用系统的基于柔性、信任和协同机制的检测与防护软件模型

项目名称： 面向应用系统的基于柔性、信任和协同机制的检测与防护软件模型

项目编号： No.61272125

项目类型： 面上项目

立项/批准年度： 2013

项目学科： 自动化技术、计算机技术

项目作者： 申利民

作者单位： 燕山大学

项目金额： 78万元

中文摘要： 随着关键应用系统向互联网环境的融合，大量的可疑行为和不确定有害行为对其可生存性构成了严重威胁，是对传统检测和防护手段的一个挑战。 本课题拟构建一个具有目标层、监控层、协同层的协同检测与防护模型，它采用进程代数描述实体及其行为，完成行为推理和性质判定，采用柔性层次结构和柔性耦合机制，实现模型的可拔插。它通过监控层的主动角色抽象描述目标系统中实体的预期行为和非预期行为，基于信任机制，使用信任值继承和综合可疑行为和不确定行为的即时表现、历史表现、及在其它实体上的表现，为可疑行为性质判定提供定量依据。协同层通过多角色协作、策略协同、行为协同实现多点协同检测和协同防护。 所提出柔性耦合机制、基于信任的可疑行为判定机理、协同检测和防护方法是增强关键应用系统可生存性的有效手段，研究成果有助于揭示面向应用系统行为检测与防护规律，为开发新型协同检测与防护软件提供理论和技术依托。

中文关键词： 应用系统；信任；协同；柔性；检测与防护

英文摘要： While mission-critical application systems merge into the Internet environment, their isolated protection has been inadequate, and a lot of suspicious behaviors and uncertain harmful acts seriously threaten the survivability of mission-critical applications, meanwhile they are a challenge to traditional detection and provention means. Therefore, the analysis and judgement of suspicious behavior and uncertainty behavior is a key problem to increase mission-critical applications high survivability. This project intends to build a trust-based flexible software model for coordination detection and defense of application system with target layer, monitor layer and corodination layer. The model has a flexible hierarchical structure and a flexible coupling mechanism, which can enable the model to bind with or separate from an aplication in the non-interfered way. The expected behaviors and unexpected behaviors of the key entities in the target system abstractly described in the active roles in monitor layer. Process algebra is used to formally defined entity behavior, and to carry out reasoning. A trust mechanism is proposed to integrate instant and historical evidence and information of suspicious behaviors and uncertain behaviors in present entity and other entities, which can provide the quantitative fact for judge

英文关键词： application system；trust；coordination；flexibility；detection and protection