從攻擊角度定量評估資訊系統安全性

Abstract

資訊安全評估機制可以提供資訊系統的安全評估結果，協助系統管理者有效地瞭解系統之安全性，並成為系統管理者管理該系統之參考依據。由於一個系統的安全性涉及許多因素，諸如系統設定、安全機制、現有攻擊方式等等，因此資訊安全的評估不能僅考慮單一面向，而必須要能同時考慮多項因素所造成的影響。本文分別由系統外部與內部攻擊的角度出發，探討資訊安全評估方法之設計，及其所能提供的評估結果。在外部攻擊方面，本文提出一個無線網路風險評估方法；該方法首先考慮網路系統的安全條件、攻擊手法與系統設定，以建立風險模型，接著本文再提出一套量測準則，藉以量化風險數值。在內部攻擊方面，本文提出一套量化分析軟體控制流程模糊化之方法，以評估控制流程模糊化對軟體強韌度之影響。該方法基於控制流程圖之概念，將控制流程模糊化轉換為正規表示式。以此正規表示式為基礎，本文進一步提出新的量測準則，以計算軟體控制流程模糊化所提供的保護能力。最後，本文利用數個範例，說明並驗證本文所提方法之可行性。我們相信本文所提之方法能提供系統管理者更全面的資訊安全評估結果，並進一步地協助系統管理者管理該系統。

Assessment of cyber security is a long-standing and great challenge since multifarious factors and their reciprocal effects have to be considered in the meanwhile for the assessment. Due to its complexity, assessment of cyber security should be performed with multiple aspects. This dissertation presents the quantitative assessments from the perspectives of both external and internal attacks. Regarding assessing cyber security in terms of external attacks, we propose a wireless risk assessment method which consists of a risk model and an assessment measure. The risk model is in charge of modeling wireless network risk, and the assessment measure is an algorithm of determining the risk value per the risk model. As for internal attacks, we introduce a novel framework to evaluate software robustness in terms of control-flow obfuscating transformations. On the basis of this framework, we propose new metrics for quantifying the protection effect yielded by a control-flow obfuscating transformation. Moreover, we conduct the case studies to validate the proposed assessment methods. We believe that our methods are helpful for a system administrator to evaluate and manage the cyber security in a more effective way.