[1]蔡传晰,梅姝娥,仲伟俊.用户权限对入侵检测系统配置策略的影响[J].东南大学学报(自然科学版),2019,49(1):186-194.[doi:10.3969/j.issn.1001-0505.2019.01.026]
 Cai Chuanxi,Mei Shue,Zhong Weijun.Effects of user rights on configuration strategies for intrusion detection system[J].Journal of Southeast University (Natural Science Edition),2019,49(1):186-194.[doi:10.3969/j.issn.1001-0505.2019.01.026]
点击复制

用户权限对入侵检测系统配置策略的影响()
分享到:

《东南大学学报(自然科学版)》[ISSN:1001-0505/CN:32-1178/N]

卷:
49
期数:
2019年第1期
页码:
186-194
栏目:
经济与管理
出版日期:
2019-01-20

文章信息/Info

Title:
Effects of user rights on configuration strategies for intrusion detection system
作者:
蔡传晰梅姝娥仲伟俊
东南大学经济管理学院, 南京 211189
Author(s):
Cai Chuanxi Mei Shu’e Zhong Weijun
School of Economics and Management, Southeast University, Nanjing 211189, China
关键词:
入侵检测系统 用户权限 博弈论 配置策略 信息安全经济学
Keywords:
intrusion detection system user rights game theory configuration strategy information security economics
分类号:
C931
DOI:
10.3969/j.issn.1001-0505.2019.01.026
摘要:
为了讨论用户权限的经济价值,在企业和合法用户与企业和非法用户之间分别构建了入侵检测系统的博弈模型,采用博弈论研究了合法用户权限对入侵检测系统配置策略的影响.结果发现,企业只配置检测率较高的入侵检测系统,且对合法用户配置的最优入侵检测系统的检测率低于对非法用户配置的最优入侵检测系统的检测率.通过提高合法用户的权限,企业可以降低对入侵检测系统的投入.随着合法用户权限的提高,虽然企业的人工调查概率和合法用户的攻击概率都降低,但企业的总体期望收益增加.因此,建议企业适当提高合法用户的权限,同时加大对相应攻击行为的惩罚力度,让更多的工作由合法用户自助完成.
Abstract:
To discuss the economic value of user rights, a game model of intrusion detection systems(IDS)between enterprise and legal users and the one between enterprise and illegal users were developed, respectively. The effects of the legal users’ rights on the configuration strategies for IDS were studied by the game theory. The results show that enterprise only configures the IDS with high probability of getting an alarm from IDS for legal users’ intrusion, and the optimal probability of getting an alarm from IDS for legal users’ intrusion is lower than that for illegal users’ intrusion. In addition, enterprise can decrease the investment in IDS by improving the legal users’ rights. With the increase of the legal users’ rights, both the enterprise’s investigation rate and the legal users’ hacking probability decrease, but the enterprise’s expected benefits increase. Therefore, it is suggested that enterprises should appropriately improve the legal users’ rights, and increase the punishment for corresponding attacks, so that more work can be done by legal users themselves.

参考文献/References:

[1] 谢宗晓, 林润辉, 王兴起. 用户参与对信息安全管理有效性的影响——多重中介方法[J]. 管理科学, 2013, 26(3):65-76. DOI: 10.3969/j.issn.1672-0334.2013.03.007.
Xie Z X, Lin R H, Wang X Q. Impact of user participation on the effectiveness of information security management: The multiple mediation approach[J]. Journal of Management Science, 2013, 26(3):65-76. DOI:10.3969/j.issn.1672-0334.2013.03.007. (in Chinese)
[2] Subba B, Biswas S, Karmakar S. False alarm reduction in signature-based IDS: Game theory approach [J]. Security and Communication Networks, 2016, 9(18):4863-4881. DOI: 10.1002/sec.1661.
[3] Cavusoglu H, Mishra B, Raghunathan S. The value of intrusion detection systems in information technology security architecture [J]. Information Systems Research, 2005, 16(1):28-46. DOI: 10.1287/isre.1050.0041.
[4] Cavusoglu H, Raghunathan S, Cavusoglu H. Configuration of and interaction between information security technologies: The case of firewalls and intrusion detection systems[J]. Information Systems Research, 2009, 20(2):198-217. DOI: 10.1287/isre.1080.0180.
[5] Gao X,Zhong W J, Mei S E. A game-theory approach to configuration of detection software with decision errors [J]. Reliability Engineering & System Safety, 2013, 119:35-43. DOI: 10.1016/j.ress.2013.05.004.
[6] 赵柳榕, 梅姝娥, 仲伟俊. 虚拟专用网和入侵检测系统最优配置策略的博弈分析[J]. 管理工程学报, 2014, 28(3):187-192. DOI: 10.3969/j.issn.1004-6062.2014.04.025.
Zhao L R, Mei S E, Zhong W J. Game analysis on optimal configuration strategies of virtual private network and intrusion detection systems[J]. Journal of Industrial Engineering and Engineering Management, 2014, 28(3):187-192. DOI:10.3969/j.issn.1004-6062.2014.04.025. (in Chinese)
[7] 方玲, 仲伟俊, 梅姝娥. 安全等级对信息系统安全技术策略的影响研究:以防火墙和 IDS 技术组合为例[J]. 系统工程理论与实践, 2016, 36(5):1231-1238. DOI:10.12011/1000-6788(2016)05-1231-08.
Fang L, Zhong W J, Mei S E. Study on the influence of security rank on the strategy of information system security technology: Taking the example of firewall and IDS technology portfolio[J]. Systems Engineering — Theory & Practice, 2016, 36(5):1231-1238. DOI:10.12011/1000-6788(2016)05-1231-08. (in Chinese)
[8] 蔡传晰, 梅姝娥, 仲伟俊. 入侵检测系统和蜜罐的联动策略分析[J]. 系统管理学报, 2018, 27(2):264-273.
  Cai C X, Mei S E, Zhong W J. Analysis on cooperate strategy of intrusion detection system and honeypot[J]. Jowrnal of Sytems & Management, 2018, 27(2):264-273.(in Chinese)
[9] 蔡传晰, 梅姝娥, 仲伟俊. 拟态式蜜罐诱骗机制最优配置策略的博弈分析[J]. 管理工程学报, 2018, 32(4):110-117.
  Cai C X, Mei S E, Zhong W J. Game analysis of optimal configuration strategy of deception mechanism in mimicry honeypot[J]. Journal of Industrial Engineering and Engineering Management, 2018, 32(4):110-117.(in Chinese)
[10] 林润辉, 李大辉, 谢宗晓,等. 信息安全管理理论与实践[M]. 北京: 中国质检出版社, 2015:7-13.
[11] Pham C H,Garsson R S. What nanotech inventors need to know about trade secrets and the prior user rights defense [J]. Nanotechnology Reviews, 2014, 3(6):597-600. DOI: 10.1515/ntrev-2014-0012.
[12] Helil N, Halik A, Rahman K. Non-zero-sum cooperative access control game model with user trust and permission risk [J]. Applied Mathematics and Computation, 2017, 307:299-310. DOI: 10.1016/j.amc.2017.03.006.
[13] Marques J,Serr�E3;o C. Improving user content privacy on social networks using rights management systems [J]. Annals of Telecommunications-Annales Des Télécommunications, 2014, 69(1-2):37-45. DOI: 10.1007/s12243-013-0388-1.
[14] 柳建华, 卢锐, 孙亮. 公司章程中董事会对外投资权限的设置与企业投资效率:基于公司章程自治的视角[J]. 管理世界, 2015(7):130-142. DOI: 10.19744/j.cnki.11-1235/f.2015.07.013.
Liu J H, Lu R, Sun L. The establishment of the board of directors’ investment authority in the articles of association and the efficiency of enterprise investment: Based on the autonomy of the articles of association[J]. Management World, 2015(7):130-142. DOI:10.19744/j.cnki.11-1235/f.2015.07.013. (in Chinese)
[15] Whitley R,Gl�E4;ser J, Laudel G. The impact of changing funding and authority relationships on scientific innovations [J]. Minerva, 2018, 56(1):109-134. DOI: 10.1007/s11024-018-9343-7.
[16] Hamer H P, Finlayson M. The rights and responsibilities of citizenship for service users: Some terms and conditions apply [J].Journal of Psychiatric and Mental Health Nursing, 2015, 22(9):698-705. DOI: 10.1111/jpm.12258.
[17] 赵柳榕, 梅姝娥, 仲伟俊. 基于风险偏好的两种信息安全技术配置策略[J]. 系统工程学报, 2014, 29(3):324-333. DOI: 10.3969/j.issn.1000-5781.2014.03.005.
Zhao L R, Mei S E, Zhong W J. Configuration strategy of two information security technologies based on risk preference[J]. Journal of System Engineering, 2014, 29(3):324-333. DOI:10.3969/j.issn.1000-5781.2014.03.005. (in Chinese)
[18] 方玲, 仲伟俊, 梅姝娥. 脆弱性水平对信息系统安全技术策略影响研究[J]. 大连理工大学学报, 2015, 55(3):332-338.DOI: 10.7511/dllgxb201503016.
Fang L, Zhong W J, Mei S E. Study of influence of vulnerability level on information system security technology strategy[J], Journal of Dalian University of Technology, 2015, 55(3):332-338.DOI:10.7511/dllgxb201503016. (in Chinese)
[19] Cai C X, Mei S E, Zhong W J. Configuration of intrusion prevention systems based on a legal user: The case for using intrusion prevention systems instead of intrusion detection systems [J].Information Technology and Management, 2019(to appear). DOI: 10.1007/s10799-018-0291-6.

相似文献/References:

[1]龚俭,陆晟.大规模互联网络的入侵检测[J].东南大学学报(自然科学版),2002,32(3):325.[doi:10.3969/j.issn.1001-0505.2002.03.004]
 Gong Jian,Lu Sheng.Intrusion detection in large-scale network[J].Journal of Southeast University (Natural Science Edition),2002,32(1):325.[doi:10.3969/j.issn.1001-0505.2002.03.004]

备注/Memo

备注/Memo:
收稿日期: 2018-06-14.
作者简介: 蔡传晰(1985—),博士生;梅姝娥(联系人),女,博士,教授,博士生导师,meishue@seu.edu.cn.
基金项目: 国家自然科学基金资助项目(71071033).
引用本文: 蔡传晰,梅姝娥,仲伟俊.用户权限对入侵检测系统配置策略的影响[J].东南大学学报(自然科学版),2019,49(1):186-194. DOI:10.3969/j.issn.1001-0505.2019.01.026.
更新日期/Last Update: 2019-01-20