Liu, Mixia and Feng, Tao and Smith, Paul and Hutchison, David (2013) Situational awareness for improving network resilience management. In: ISPEC 2013: Information Security Practice and Experience :. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) . Springer, CHN, pp. 31-43. ISBN 9783642380327
Full text not available from this repository.Abstract
Computer networks, widely used by enterprises and individuals nowadays, are still vulnerable when facing traffic injection, human mistakes, malicious attacks and other failures though we spend much more time and cost on security, dependability, performability, survivability, and risk assessment to make the network provide resilient services. This is because these measures are commonly viewed as closely related but a practical means of linking them is often not achieved. Network resilience research brings together all the planning that the network can be managed at a holistic view of resilience management. This paper focuses on network resilience management from "reactive" paradigm to a "proactive" one through Situational Awareness (SA) of internal factors of network and external ones of complex, dynamic and heterogeneous network environment. After surveying the research of network resilience and resilience assessment in the network, we give a model to discuss how to construct awareness of resilience issues which includes four stages. The first step is to get the situational elements about what we are interested in. Second, to understand what happened and what is going on in the networks, pattern learning and pattern matching are exploited to identify challenge. Then, to make proactive resilience management, we need to predict challenges and look for potential ones at this stage. At the fourth stage, resilience management can help take actions of remediation and recovery according to the policy of defender and attacker. After that, the two players' behaviors of defender and attacker are modeled in the same model by using Extended Generalized Stochastic Game Nets (EGSGN) which combines Game theory into Stochastic Petri Nets. Finally, we give a case study to show how to use EGSGN to depict the network resilience situation in the same model.