ADAPTIVE NETWORKS SAFETY CONTROL ON FUZZY LOGIC



Similar documents
Baan Service Master Data Management

Vladimir N. Burkov, Dmitri A. Novikov MODELS AND METHODS OF MULTIPROJECTS MANAGEMENT

*The most important feature of MRP as compared with ordinary inventory control analysis is its time phasing feature.

Cantilever Beam Experiment

Modified Line Search Method for Global Optimization

Engineering Data Management

Automatic Tuning for FOREX Trading System Using Fuzzy Time Series

DAME - Microsoft Excel add-in for solving multicriteria decision problems with scenarios Radomir Perzina 1, Jaroslav Ramik 2

Configuring Additional Active Directory Server Roles

(VCP-310)

Journal of Chemical and Pharmaceutical Research, 2015, 7(3): Research Article

EVALUATION OF THE EFFECTIVENESS OF THE QUALITY MANAGEMENT SYSTEM OF THE SERVICE ENTERPRISE

The analysis of the Cournot oligopoly model considering the subjective motive in the strategy selection

The Canadian Council of Professional Engineers

HCL Dynamic Spiking Protocol

Enhancing Oracle Business Intelligence with cubus EV How users of Oracle BI on Essbase cubes can benefit from cubus outperform EV Analytics (cubus EV)

LEASE-PURCHASE DECISION

Supply Chain Management

Incremental calculation of weighted mean and variance

Chapter 1 INTRODUCTION TO MAINTENANCE AND REPLACEMENT MODELS

Digital Enterprise Unit. White Paper. Web Analytics Measurement for Responsive Websites

Domain 1: Designing a SQL Server Instance and a Database Solution

Soving Recurrence Relations

ContactPro Desktop for Multi-Media Contact Center

Research Article Sign Data Derivative Recovery

RUT - development handbook 1.3 The Spiral Model v 4.0

Evaluation of Different Fitness Functions for the Evolutionary Testing of an Autonomous Parking System

Agency Relationship Optimizer

Subject CT5 Contingencies Core Technical Syllabus

Bond Valuation I. What is a bond? Cash Flows of A Typical Bond. Bond Valuation. Coupon Rate and Current Yield. Cash Flows of A Typical Bond

AdaLab. Adaptive Automated Scientific Laboratory (AdaLab) Adaptive Machines in Complex Environments. n Start Date:

Determining the sample size

ODBC. Getting Started With Sage Timberline Office ODBC

FortiGuard Fortinet s Global Security Research and Protection

Evaluating Model for B2C E- commerce Enterprise Development Based on DEA

LECTURE 13: Cross-validation

MTO-MTS Production Systems in Supply Chains

Chair for Network Architectures and Services Institute of Informatics TU München Prof. Carle. Network Security. Chapter 2 Basics

Study on the application of the software phase-locked loop in tracking and filtering of pulse signal

Convention Paper 6764

Neolane Reporting. Neolane v6.1

FIRE PROTECTION SYSTEM INSPECTION, TESTING AND MAINTENANCE PROGRAMS

AN INTELLIGENT MODEL FOR SALES AND INVENTORY MANAGEMENT

Bio-Plex Manager Software

Vulnerability test system for SIP network elements

THE ROLE OF BUSINESS INTELLIGENCE IN DECISION PROCESS MODELING

BaanERP. BaanERP Windows Client Installation Guide

CHAPTER 3 THE TIME VALUE OF MONEY

Optimize your Network. In the Courier, Express and Parcel market ADDING CREDIBILITY

Document Control Solutions

Prof. Dr. Liggesmeyer, 2. Fault Tree Analysis (DIN 25424, IEC 61025) Reliability Block Diagrams (IEC 61078)

Output Analysis (2, Chapters 10 &11 Law)

Authentication - Access Control Default Security Active Directory Trusted Authentication Guest User or Anonymous (un-authenticated) Logging Out

Reliability Analysis in HPC clusters

Design and Implementation of a Publication Database for the Vienna University of Technology

INVESTMENT PERFORMANCE COUNCIL (IPC)

CS100: Introduction to Computer Science

Wells Fargo Insurance Services Claim Consulting Capabilities

AP Calculus AB 2006 Scoring Guidelines Form B

C.Yaashuwanth Department of Electrical and Electronics Engineering, Anna University Chennai, Chennai , India..

Analyzing Longitudinal Data from Complex Surveys Using SUDAAN

e-trader user guide Introduction

Business Rules-Driven SOA. A Framework for Multi-Tenant Cloud Computing

How To Improve Software Reliability

Safety Requirements engineering and Proof of implementation

BaanERP (Grieg) The BEMIS V Cookbook (Structure, master data, and configuration of BEMIS V)

Overview on S-Box Design Principles

Securing your business

Trading rule extraction in stock market using the rough set approach

Review: Classification Outline

Iran. J. Chem. Chem. Eng. Vol. 26, No.1, Sensitivity Analysis of Water Flooding Optimization by Dynamic Optimization

Estimating Probability Distributions by Observing Betting Practices

Baan Finance Accounts Payable

A Combined Continuous/Binary Genetic Algorithm for Microstrip Antenna Design

Assessment of the Board

Running Time ( 3.1) Analysis of Algorithms. Experimental Studies ( 3.1.1) Limitations of Experiments. Pseudocode ( 3.1.2) Theoretical Analysis

SECTION 1.5 : SUMMATION NOTATION + WORK WITH SEQUENCES

Composable Tools For Network Discovery and Security Analysis

Domain 1: Identifying Cause of and Resolving Desktop Application Issues Identifying and Resolving New Software Installation Issues

Agricultural & Agri-Business Grant Opportunities. Presented By: Connie Miner Grant Consultant

Systems Design Project: Indoor Location of Wireless Devices

FUEL / VEHICLE TRACKING UNIT GPS tracking and fuel monitoring solution providers

Neolane Leads. Neolane v6.1

Project Deliverables. CS 361, Lecture 28. Outline. Project Deliverables. Administrative. Project Comments

Page 1. Real Options for Engineering Systems. What are we up to? Today s agenda. J1: Real Options for Engineering Systems. Richard de Neufville

In nite Sequences. Dr. Philippe B. Laval Kennesaw State University. October 9, 2008

Transcription:

8 th Iteratioal Coferece o DEVELOPMENT AND APPLICATION SYSTEMS S u c e a v a, R o m a i a, M a y 25 27, 2 6 ADAPTIVE NETWORKS SAFETY CONTROL ON FUZZY LOGIC Vadim MUKHIN 1, Elea PAVLENKO 2 Natioal Techical Uiversity of Ukraie Kiev Polytechic Istitute Pr. Pobedy.37, 356, Kiev, Ukraie 1 mukhi@comsys.tu-kpi.kiev.ua Abstract. I this paper we suggest a ew approach to desig of the adaptive etwork safety cotrol mechaisms. This approach is based o the fuzzy logic theory ad allows to formalize both quatitative ad qualitative parameters of the etwork safety system. Also it is suggested a algorithm for desig of the model for the adaptive etwork safety cotrol mechaism with safety fuctioal requiremets formalizatio o the fuzzy logic. Keywords: etwork, adaptive safety cotrol, security level, fuzzy logic. Itroductio The moder computer etworks are rather complex systems with the ext mai compoets: the hardware uits, the commuicatio liks, the etwork software ad the special supportig software tools. The developmet of the etwork techologies is cause that the reliability ad the safety of etwork resources become more ad more importat, especially for the etworks where are processig, accumulatig, trasferrig ad storig the data that must be secured. Nowadays, there is a set of ew arisig problems for the etwork safety assurace, that should be solved immediately. The etwork security mechaisms require the additioal hardware/software resources ad, cosequetly, they take additioal time for the iformatio processig i etwork. [1] Thus, the icreasig of the etwork security level causes the volume icreasig of service data, trasmitted ad processed i the etworks, so the etwork performace o the user s iformatio processig will decrease. O the other had, geerally there is o ecessity to provide the etwork safety o the maximum level costatly. I those periods of time, whe the etwork processes the less importat data, it is quite possible to lower the etwork security level, that will result i decreasig of the service iformatio volume ad will icrease the etwork performace o the user s data processig. Thus, the optimal way is to use the special mechaism for the etwork safety 413 cotrol, which will be adaptively determie the required etwork security level for the certai period, ad will icrease the efficiecy of the etwork fuctioig. So, the safety cotrol i the moder computer etworks requires a adjustable security mechaism that rus i a real-time mode. Such mechaism is adaptive cotrol of the etwork safety, that is based o the adaptive chagig of the etwork security level. The moder mechaisms for the adaptive etwork safety cotrol The realizatio of the adaptive etwork safety cotrol cocept is based o the adaptive cotrol meas that cotai the followig compoets: tools for the security level aalysis; tools for the attacks detectio; tools for the adaptatio; cotrol tools. The tools for the security level aalysis realize a evaluatio of the required security level accordig to the importace of the data that are processig i this period. The tools for the attacks detectio perform the revealig of the suspicious actios i the computer etworks. The adaptatio tools determie the required etworks security level for the certai period depedig o the processig iformatio importace. The cotrol tools coordiate the fuctioig of all compoets of the adaptive safety cotrol system for the computer etwork.

Thus, the adaptive cotrol system is complex cotrol mechaism that esures the required security level depedig o the processig iformatio importace i the real-time mode. The approaches to the adaptive etwork safety cotrol mechaisms desig At the preset time, there are two mai approaches to desig of the adaptive etwork safety cotrol: [2] 1. mechaisms that based o patters model; 2. mechaisms that based o the idetifier. We suggest to realize the adaptive safety cotrol mechaism o the patters model approach, ad as patters model there are the safety profiles, i.e. parameters of the etwork safety cofiguratio. The adaptive etwork safety cotrol system forms the safety profiles records o the experimetal data about the etwork security tools. [3, 4] The structure of the adaptive etwork safety cotrol system with the safety profiles records is show o fig. 1. Aalysis of etwork security parameters y c Adaptatio tools Δ Network security tools y r Safety profiles records Settig of required etwork safety parameters Figure 1. The adaptive etwork safety cotrol system with the safety profiles records. Let us cosider the specifics of this system fuctioig. Whe the etwork safety parameters are costat, there is o error of regulatio: Δ =y c y r =, ad the adaptatio mechaism is i a sleepig mode. If the etwork safety parameters are chaged (as reactio to variatio of the security level of the processig iformatio), there is a error of regulatio: Δ =y c y r, the adaptatio mechaism is lauched ad the parameters of etwork security system are chaged to the required values. So the goal of the adaptatio mechaism is to reduce the error of regulatio to zero (Δ ). The safety profiles records As it was metioed before, the safety profile is a set of the etwork security parameters, that determie the required etwork safety level. The profiles are geerated o the criteria for the iformatio security evaluatio. [5,6] The fuctioal criteria for the etwork security level 414

evaluatio accordig to ISO 1548: The commo criteria for iformatio techology security evaluatio are the ext: FAU:security audit, FCO: commuicatio, FCS:cryptographic support, FDP:user data protectio, FIA:idetificatio ad autheticatio, FMT: security maagemet, FPR:privacy, FPT:protectio of the TSF, FRU:resource utilizatio, FTA:TOE access, FTP: trusted path/chaels. [7] Besides the fuctioal criteria, the stadard ISO 1548 also defies the criteria for the safety guaratee, that allow to evaluate a correctess of the safety services realizatio, such as: ACM:cofiguratio maagemet, ADO:delivery ad operatio, ADV: developmet, AGD: guidace documets, ALC: life cycle support, ATE: tests, AVA: vulerability assessmet. Thus, the criteria for the etwork safety evaluatio are the set of quatitative ad qualitative requiremets to the security mechaisms. The adaptive etwork safety cotrol mechaism ca be effectively realized oly o the complete iformatio o the security system parameters. [8,9,1] Thus, the realizatio of the adaptive etwork safety cotrol requires to take ito cosideratio ot oly quatitative, but also qualitative criteria for the etwork safety. Accordig to the above metioed requiremets, we suggest to use the theory of fuzzy logic ad fuzzy sets for the adaptive etwork safety cotrol mechaisms realizatio. The algorithm for the adaptive etwork safety cotrol o the fuzzy logic Nowadays, there are o ay discrete algorithms that operate simultaeously with qualitative ad quatitative parameters to receive the determied result. The fuctioal (qualitative) criteria for the etwork security level evaluatio ca ot be adequately formalized without the fuzzy logic approach. The fuzzy logic theory allows formalize the decisios support eve i the o-uiform multi-dimesioal eviromet. [11] The descriptio of the etworks safety parameters usig the fuzzy logic theory allows 415 effectively to formalize ad to aalyze ot oly quatitative, but also the qualitative safety etwork parameters by represetatio them as x A= {x,μ A (x)}, where {x,μ A (x)} is pair of compoets (sigleto), that cosists from a elemet x ad its proximity degree μ A (x) to set. [12,13] We suggest to use the liguistic variables for the fuctioal criteria formalizatio for the etwork security level evaluatio. Geerally, the liguistic variable ca be characterized by a set of compoets: <x, T, D> where x is the ame of liguistic variable, T - its term-set or set of its possible values, D - the rage of these values. [14] The cocept of the etwork cotrol mechaism desig o the fuzzy logic based o the sythesis of the experimets plaig theory ad the fuzzy sets theory. The fuctioal criteria for the etwork security level evaluatio (for example, kowledge ad experiece of the experts) are formalized as polyomial: Y = β + βi i + i= 1 u, j= 1 β ju j u, (1) where Y the depeded liguistic variable, β i right fuzzy coefficiet, - the ame of liguistic variable, j u. The productive rules for the etwork security level evaluatio o the fuctioal criteria are i the implicative form "If, the, else ", ad the set of productive rules forms a orthogoal 2 -matrix, where is factors dimesio. We suggest the algorithm for desig of the progostic model for the adaptive etwork safety cotrol mechaism o the safety fuctioal requiremets formalizatio i the multi-dimesioal space. The suggested algorithm is realized i the followig steps: 1. The factors determiatio for the etwork safety cotrol mechaisms. 2. The opposite scale ad the terms for each factors delimitatio. 3. The geeratio of the matrix with the fuctioal criteria for the etwork security level evaluatio.

4. The geeratio of the liguistic variables for the formalizatio of the qualitative iformatio o the etwork safety. 5. The formig of factors polyomial for the fuctioal criteria formalizatio o the etwork safety: Y = β + βi i + i= 1 u, j= 1 β ju j u, (2) where j u. 6. The aalysis of the errors i the etwork safety cotrol mechaism fuctioig. 7. The evaluatio of the weights of the polyomial coefficiets for the fuctioal safety parameters formalizatio. 8. The adequacy aalysis of the formed polyomial to the adaptive etwork safety cotrol system. 9. The adequacy aalysis of the formed model for the etwork safety cotrol mechaism. 1. The accuracy aalysis of the formed model by the Fisher s criterio: F = S S < crit 2 r / 2 b F table (3) Thus, we suggest the approach to desig of the etwork safety cotrol mechaism model o the sythesis of the experimets plaig theory ad the fuzzy sets theory, ad also o the formalizatio of the fuctioal requiremets to the etwork safety. The decisios o the etwork safety cotrol are geeratig usig the progostic model of the adaptive etwork safety cotrol mechaisms ad the results of the precise solutios of the fuzzy equatios. Accordig to Zadeh s expasio priciple the fuzzy umber is the solutio of the fuzzy equatio F(, A 1,, A ) B, if t: F 1 (t) =, [ μ (x), μ (a1),..., μ (a)], μf( t) = sup mi A A F(,A,..., A ) = t 1 (4) where F(, A 1,, A ) - the value of the fuzzy fuctio from the fuzzy argumets, A 1,, A, B - kow fuzzy argumets, - ukow fuzzy argumets, μ F (t) the proximity degree of to set of argumets В. The value of fuzzy fuctio F ( 1, 2,, ) from the fuzzy argumets 1, 2,, is the fuzzy set with proximity degree fuctio μ F (t): sup mi [ μ (x), μ (a1),..., μ (a)] μf(t ) = F( 1,..., ) t 1 r = F(t ) = The aalysis of the etwork security mechaisms parameters (5) We have performed the parameters aalysis of the etwork security mechaisms of two types: first type is security mechaisms with the fixed security level, secod type is security mechaisms based o the adaptive safety cotrol approach. The results of this aalysis are show o Fig.2. ad Fig.3. Fig.2 shows, that the etwork security level i the security mechaism of the first type remais costat for the all period, ad for the safety guaratee of the processig data this level should be maximum high (1%). As a cosequece, the amout of computatioal operatios for the data security, which depeds o the etwork security level, also is o the maximal values costatly. (Fig. 3) The etwork security level i the security mechaisms of the secod type (o the adaptive safety cotrol approach) is chaged depedig o the required safety level for the data that are processig at the certai momet. So, it is rather frequetly appears that the etwork security level is less tha its the maximum possible value. I result, the amout of computatioal operatios for the data security also is chaged, ad the average amout of the computatioal operatios for data security is less tha for the security mechaism of the first type (Fig. 3). Thus, the performace of the user s data processig i computer etworks with the iformatio security systems based o the adaptive safety cotrol mechaism is reduced less, tha i the etworks that use the usual iformatio security mechaisms with the fixed security level. Therefore, the usig of the suggested approach to the iformatio security mechaism desig is effective. A A. 416

Network securitу level,% 1 9 8 7 6 5 4 3 2 1 First type security mechaisms Secod type (adaptive) security mechaisms 2 4 6 8 1 12 14 16 18 2 Time, h Figure 2. The etwork security level variatio i the time for two types of the security mechaisms. 1 9 Amout of computatioal operatio for data security, % 8 7 6 5 4 3 2 1 First type security mechaisms Secod type (adaptive) security mechaisms Average operatios amout for adaptive security mechaisms 2 4 6 8 1 12 14 16 18 2 Time, h Figure 3. The variatio i time of the computer operatios amout for data security for two types of the security mechaisms 417

Coclusio The realizatio of the etwork security mechaism o the adaptive safety cotrol approach allows flexibly determie the etwork security level, required for the certai period. I result, the average losses of the etwork performace for the user s data processig, that are ivoked by realizatio of the security mechaism, will be reduced. The efficiecy of the etwork security system with the adaptive safety mechaism ca be icreased usig the fuzzy logic. This approach allows, i particular, to formalize the fuctioal criteria for the etworks security level ad to aalyze the complete iformatio o the etwork security parameters. Refereces [1] Tolly K. (22) High-Speed Security. The Tolly Group. [2] Zhdaov A.A., Ryadovikov A.V. (2) Neuro Models i the Autoomous Adaptive Cotrol Method//Optical Memory ad Neural Network, Vol. 9, No 2, - pp. 115-132. [3] Guide for Productio of Protectio Profiles ad Security Targets. (2) ISO/JTC1/ SC27/N2449. DRAFT v.9. [4] Cotrolled Access Protectio Profile. (1999) Versio 1.d. U.S. Iformatio Systems Security Orgaizatio. U.S. Natioal Security Agecy. [5] Lee A. (21) Certificate Issuig ad Maagemet Compoets Family of Protectio Profiles. Versio 1.. U.S. Natioal Security Agecy, October 31. [6] Evaluatio Methodology for the Commo Criteria for Iformatio Techology Security Evaluatio. (22) versio 1.1a, 19 April. [7] Stadard ISO 1548: The commo criteria for iformatio techology security evaluatio. ISO Stadards Bookshop. [8] Iformatio techology Security techiques Protectio Profile registratio procedures. (21) ISO/IEC 15292:21. [9] Stoeburer G. (21) CSPP-OS - COTS Security Protectio Profile - Operatig Systems. Draft Versio.4. -- U.S. Departmet of Commerce, NIST, February 5. [1] Sherida M., Sohmer E., Varum R. (2) A Goal VPN Protectio Profile For Protectig Sesitive Iformatio. Release 2.. // U.S. Natioal Security Agecy, 1 July. [11]. Babuska, R. (1998) Fuzzy Modelig for Cotrol. Bosto: Kluwer Academic Publishers 215 p. [12] Rotshtei A., ad Katefikov D. (1998). Idetificatio of No-Liear Objects by Fuzzy Kowledge Bases.// Cyberetics ad System Aalysis, N 5 (34). pp. 67-78. [13] Negevitsky M. (22) Artificial itelligece: a guide to itelliget systems. Addiso-Wesley, NY. 325 p. [14] Nesteruk G. Ph., ad Kupriyaov M. C. (23) Neural-fuzzy systems with fuzzy liks // Proc. of the VI-th It. Coferece SCM 23. St.-Petersburg, v.1. - pp. 341-344 418

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information