DC Field | Value | Language |
---|---|---|
dc.contributor.advisor | Yoon, Hyunsoo | - |
dc.contributor.advisor | 윤현수 | - |
dc.contributor.advisor | Shin, Seungwon | - |
dc.contributor.advisor | 신승원 | - |
dc.contributor.author | Lee, Yongjae | - |
dc.date.accessioned | 2019-08-25T02:48:00Z | - |
dc.date.available | 2019-08-25T02:48:00Z | - |
dc.date.issued | 2018 | - |
dc.identifier.uri | http://library.kaist.ac.kr/search/detail/view.do?bibCtrlNo=828222&flag=dissertation | en_US |
dc.identifier.uri | http://hdl.handle.net/10203/265343 | - |
dc.description | 학위논문(박사) - 전산학부, 2018.8,[iv, 45 p. :] | - |
dc.description.abstract | An intrusion tolerant system (ITS) is a network security system composed of redundant virtual servers that are online only in a short time window, called exposure time. The virtual servers are periodically recovered to their clean state, and any infected servers are refreshed again, so attackers have insufficient time to succeed in breaking into the servers. However, there is a conflicting interest in determining exposure time, short for security and long for performance. In other words, the short exposure time can increase security but requires more virtual servers to run to process incoming requests in a timely manner. In this dissertation, we propose an ITS incorporated in SDN (Software Defined Networking), which can reduce exposure time without consuming more computing resources. In the proposed system, there are two types of servers: some servers with long exposure time (White server) and others with short exposure time (Gray server). Then, the proposed system classifies incoming network traffic into benign and suspicious types with the help of SDN/NFV (Network Function Virtualization) technology that also allows dynamically forwarding the classified traffic to White and Gray servers, respectively. By reducing exposure time of a set of servers, the proposed system can decrease exposure time on average. | - |
dc.language | eng | - |
dc.publisher | 한국과학기술원 | - |
dc.subject | Intrusion tolerant system▼asoftware defined networking▼anetwork function virtualization▼aexposure time▼avirtualization | - |
dc.subject | 침입감내시스템▼a소프트웨어 정의 네트워킹▼a네트워크 기능 가상화▼a노출 시간▼a가상화 | - |
dc.title | Development of intrusion tolerant system based on software defined networking | - |
dc.title.alternative | 소프트웨어 정의 네트워킹 기술 기반의 침입 감내 시스템에 관한 연구 | - |
dc.type | Thesis(Ph.D) | - |
dc.identifier.CNRN | 325007 | - |
dc.description.department | 전산학부, | - |
dc.contributor.alternativeauthor | 이용재 | - |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.