English  |  正體中文  |  简体中文  |  Items with full text/Total items : 52052/87180 (60%)
Visitors : 8888857      Online Users : 193
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    Please use this identifier to cite or link to this item: http://tkuir.lib.tku.edu.tw:8080/dspace/handle/987654321/52130

    Title: Formalizing computer security incidents ontology by rule-based mechanism
    Other Titles: 以推論機制探討資訊安全本體之運作
    Authors: 林苡汶;Lin, Yi-wen
    Contributors: 淡江大學資訊管理學系碩士班
    劉艾華;Liou, Ay-hwa Andy
    Keywords: 資訊安全本體論;資訊安全事件;規則推論;風險管理;Security Incidents;Rule-based Reasoning;Risk management;Security Ontology
    Date: 2010
    Issue Date: 2010-09-23 16:52:45 (UTC+8)
    Abstract: 鑑於廣泛使用的資訊科技,資訊安全的議題也逐漸成為研究的焦點。 資訊安全事件的來源可以從不同的事件產生如防火牆日誌檔,入侵偵測系統等等。 針對此類日益劇增的資安事件,對於不僅是使用者甚至是企業都會遭受影響,所以資訊安全的知識在當今的社會中扮演非常重要的角色。事實上,一個小小的資訊安全漏洞往往對組織企業產生莫大的傷害,為了使此種傷害降到最低,本研究提出了明確階層式的資訊安全本體專家系統本研究包含的層級有alert data, attacks, agents, tools, accesses, vulnerabilities and assets,來方便使用者以規則推論可能造成的資安事件和影響的層級,藉由資訊安全規則的使用更能幫助管理者在做資訊安全決策以及解決問題和進行有效的風險管理。
    Based on the widely used computer technology, the security incidents have been expanding in an unbelievable fashion. Security incidents can be reflected by different sources, such as firewall logs, intrusion detection systems alerts, and frequency of processors or memory use. By facing this huge volume of information, it’s crucial for people to acknowledge the fact that computer security is playing an important part of our life. As a matter of fact, a slightly little flaw in our information system could be detected by the attackers; furthermore, lead to security disasters that threaten certain organizations or enterprises. For the sake of solving incidents matters precisely, we took into account different sources of possible objects and further analyzed relationship among them such as alert data, attacks, agents, tools, accesses, vulnerabilities and assets. Hence, the conceptual-model of Security Incident Ontology was developed.
    Appears in Collections:[資訊管理學系暨研究所] 學位論文

    Files in This Item:

    File SizeFormat

    All items in 機構典藏 are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - Feedback