Summary: | 碩士 === 國立臺灣科技大學 === 自動化及控制研究所 === 96 === With the popularity of the Internet and network security issues are also increasingly serious, a growing number of security officers to the areas of research. However, the current staff engaged in research funding on the platform are mostly confined to small experimental laboratory where without dedicated equipment cause experimental costly and difficult to manage. Virtualization networking environment is an experiment platform for information security based on virtualized technology. Each virtual machine can be considered a node or host and connect each other by virtual switch to build a virtual network. It provides an integrated interface for remote control. The lab assistants can deploy and operate experiment environments on the interface; moreover; the platform can assure the isolation, closure, quick deploy, store availability and authenticity and reliability of result. Let the staffs can do the experiment quickly, economy and effective.
In this study, The Art of War is the highest guiding principle to development of the strategic defensive strategy. In order to achieve “Know the enemy and know yourself”. This thesis presents the “Improved Threat Model” to prevent hacker’s attack and to ensure the safety of users. This model organizes the functions and architecture of the web application and find out the vulnerabilities to define the critical zones. “Threat Map Model” map out the knowledge architecture of threats. Each threat mapping to the topics of STRIDE model and 4-layers attack model to generalize the signature and countermeasures of threat. Finally apply the countermeasures to critical zones order by the threat level based on DREAD model.
|