软件行为动态可信理论模型研究
|
摘要
在信息时代,信息作为一种重要的战略资源,所面临的安全形势日益严峻。信息安全事关国家安全和社会稳定,保障信息安全意义重大。
可信计算技术从硬件和操作系统做起,从整体上采取综合措施,能够行之有效地提高计算平台的安全性,目前已成为信息安全领域的一个新潮流。但是可信计算的发展还存在一些需要研究解决的问题:一是理论研究滞后于技术实践,至今尚未建立被普遍认可的可信计算理论模型;二是缺少有效的软件动态可信性评测理论与方法,目前的可信评测只是静态完整性度量,并不能保证系统的动态可信性。
针对上述问题,提出一个基于Agent的层次化可信系统架构,然后以可信计算平台为基础,分别从软件行为可信性的客观角度和主观角度出发,引入软件行为语义距离的概念体系和主观逻辑的多维动态化扩展思想,按照“理论模型→原型系统→实验验证→理论模型”的研究方法,开展软件行为动态可信理论模型的研究。主要研究成果及创新点如下:
①针对现有基于Agent的可信模型结构复杂、无法保障自身安全等问题,提出一个基于Agent的层次化可信系统架构MMA,引入分析Agent、监控Agent和管理Agent,并将其分别部署到可信基础层之上的特征采集层和行为评测层,系统结构简单,可扩展性好;基于信任链的层次化信任扩展机制,从随机性理论入手,提出一个基于“挑战-应答”机制的完整性动态验证模型,利用TPM实现了静态度量与动态验证相结合的Agent可信认证机制,将系统信任链扩展至Agent,从而保证了可信评测系统自身的安全。
②从软件行为可信性的客观角度出发,提出行为轨迹、检查点场景和时间戳等概念,分别从控制流、数据流和时序上来刻画软件行为的属性特征,并构建起一个软件行为综合特征树模型TIFSB,为基于软件行为可信性的动态可信评测奠定理论基础;在可信基础层的支持下,实现了基于TPM的软件预期行为分析机制和软件实际行为监控机制,保证了所提取的软件行为特征信息的可信性;提出行为语义距离的概念,通过定义行为轨迹匹配度、检查点场景相似度和时间戳偏离度等软件行为属性相关性度量函数,建立基于模糊理论隶属函数的行为语义距离综合度量机制;并提出一个基于行为语义距离的软件行为自动机模型SBA,实验结果表明其动态评测能力优于现有的一些软件动态可信评测模型。
③从实体行为可信性的主观角度出发,针对传统主观逻辑理论没有考虑主观评测结果随时间动态变化的问题,提出对主观逻辑理论进行动态化多维扩展的思想,将传统的二维观点空间扩展为多维动态观点空间;在综合考虑实体行为的声誉和风险的基础上构建起实体可信度评价体系,提出一个基于主观逻辑扩展的实体行为动态可信评测模型DTMESL,实验结果表明该模型对实体恶意行为的反应更加灵敏,检测更加准确,抑制更加有效。
通过开展基于软件行为可信性的软件动态可信理论模型的研究,可以促进可信计算技术、尤其是动态可信评测技术的健康发展,不仅具有重要的理论价值,对技术实践也具有很好的指导意义。
In the information age, as an important strategic resource, information is facing an increasingly serious security situation. Information security is related to national security and social stability, and ensuring information security is significant.
Trusted computing technology takes integrated measures from hardware and operating system, and then effectively improve the security of computing platforms. Although trusted computing technology is becoming a new trend of information security area, there are still some problems need to solve. Firstly, the theoretical researches of trusted computing are behind of technical practice, and there is no generally accepted theoretical models founded. Secondly, there lacks effective theories and methods of software dynamic trusted evaluation. Current trusted evaluation models only implement static integrity measurement, and can not ensure the dynamic trust of systems.
In order to solve above problems, an agent-based hierarchical trusted architecture is proposed. With the base of trusted computing platform, a concept architecture of software behavior semantic distance and an idea of multi-dimensional dynamic expansion of subjective logic are introduced separately from the objective and subjective points of view angle of software behavior trust. In accordance with the research method of "theoretical model→prototype system→experimental verification→theoretical model", dynamic trusted theories and models of software behavior are conducted. The followings are main research results and innovations:
1) The existing trusted models have complex structures and cannot guarantee the security of themselves. The agent-based hierarchical trusted architecture, which named MMA, has a simple structure and good expandability because MMA distributes analyzer agent, monitor agent and manager agent into the feature acquisition layer and the behavior evaluation layer above on the trusted foundamental layer. Based on the hierarchical trust expansion mechanism of trusted chain and the random theory, a dynamic verification model of integrity is proposed based on the "challenge-response" authentication mechanism, and an agent trusted authentication mechanism is implemented by the combination of static measurement and dynamic verification with TPM. The MMA architecture ensure the security of trusted evaluation system by extending the system trust chain to the agents.
2) In order to build the theoretical foundation of dynamic trusted evaluation model based on software behavior trust, the concepts of behavior trace, checkpoint scene, time stamp, et al., which characterize the properties and features of software behavior, are proposed from the objective point of view angle of software behavior trust, and a tree model of integrated features of software behavior is built. With the support of the trusted foundamental layer and TPM, an analyzing mechanism of expected software behavior and a monitoring mechanism of actual software behavior are implemented to ensure the feature information of software behavior. The concept of behavior semantic distance is proposed and an integrated measurement mechanism of behavior semantic distance is founded based on the membership function of the fuzzy theory, by defining a series of related measurement functions of software behavior properties, such as matching function of behavior trace, similarity function of checkpoint scene, and difference function of time stamp. Finally a software behavior automaton model based on software behavior semantic distance is proposed, and the experimental results show that the dynamic measurement ability of the SBA model is better than some existing dynamic trusted evaluation models of software behavior.
3) The traditional theory of subjective logic does not consider the fact that the subjective evaluation results change with the time. A new idea of extending subjective logic theory is proposed from the subjective point of view angle of software behavior trust, while the traditional two-dimensional opinion space is extended to multi-dimensional dynamic opinion space. A dynamic trusted evaluation model of entity behavior based on extended subjective logic is proposed, which is implemented by the reputation and risk evaluation mechanism. The experimental results show that the model can process malicious behavior with more sensitive reaction, more accurate detection, and more effective suppression.
The researches on software dynamic trusted theories and models based on software behavior can promote a healthy development of trusted computing, especially dynamic trusted evaluation technology. The research works have not only great theoretical value, but also good guided significence to technical practice.
可信计算技术从硬件和操作系统做起,从整体上采取综合措施,能够行之有效地提高计算平台的安全性,目前已成为信息安全领域的一个新潮流。但是可信计算的发展还存在一些需要研究解决的问题:一是理论研究滞后于技术实践,至今尚未建立被普遍认可的可信计算理论模型;二是缺少有效的软件动态可信性评测理论与方法,目前的可信评测只是静态完整性度量,并不能保证系统的动态可信性。
针对上述问题,提出一个基于Agent的层次化可信系统架构,然后以可信计算平台为基础,分别从软件行为可信性的客观角度和主观角度出发,引入软件行为语义距离的概念体系和主观逻辑的多维动态化扩展思想,按照“理论模型→原型系统→实验验证→理论模型”的研究方法,开展软件行为动态可信理论模型的研究。主要研究成果及创新点如下:
①针对现有基于Agent的可信模型结构复杂、无法保障自身安全等问题,提出一个基于Agent的层次化可信系统架构MMA,引入分析Agent、监控Agent和管理Agent,并将其分别部署到可信基础层之上的特征采集层和行为评测层,系统结构简单,可扩展性好;基于信任链的层次化信任扩展机制,从随机性理论入手,提出一个基于“挑战-应答”机制的完整性动态验证模型,利用TPM实现了静态度量与动态验证相结合的Agent可信认证机制,将系统信任链扩展至Agent,从而保证了可信评测系统自身的安全。
②从软件行为可信性的客观角度出发,提出行为轨迹、检查点场景和时间戳等概念,分别从控制流、数据流和时序上来刻画软件行为的属性特征,并构建起一个软件行为综合特征树模型TIFSB,为基于软件行为可信性的动态可信评测奠定理论基础;在可信基础层的支持下,实现了基于TPM的软件预期行为分析机制和软件实际行为监控机制,保证了所提取的软件行为特征信息的可信性;提出行为语义距离的概念,通过定义行为轨迹匹配度、检查点场景相似度和时间戳偏离度等软件行为属性相关性度量函数,建立基于模糊理论隶属函数的行为语义距离综合度量机制;并提出一个基于行为语义距离的软件行为自动机模型SBA,实验结果表明其动态评测能力优于现有的一些软件动态可信评测模型。
③从实体行为可信性的主观角度出发,针对传统主观逻辑理论没有考虑主观评测结果随时间动态变化的问题,提出对主观逻辑理论进行动态化多维扩展的思想,将传统的二维观点空间扩展为多维动态观点空间;在综合考虑实体行为的声誉和风险的基础上构建起实体可信度评价体系,提出一个基于主观逻辑扩展的实体行为动态可信评测模型DTMESL,实验结果表明该模型对实体恶意行为的反应更加灵敏,检测更加准确,抑制更加有效。
通过开展基于软件行为可信性的软件动态可信理论模型的研究,可以促进可信计算技术、尤其是动态可信评测技术的健康发展,不仅具有重要的理论价值,对技术实践也具有很好的指导意义。
In the information age, as an important strategic resource, information is facing an increasingly serious security situation. Information security is related to national security and social stability, and ensuring information security is significant.
Trusted computing technology takes integrated measures from hardware and operating system, and then effectively improve the security of computing platforms. Although trusted computing technology is becoming a new trend of information security area, there are still some problems need to solve. Firstly, the theoretical researches of trusted computing are behind of technical practice, and there is no generally accepted theoretical models founded. Secondly, there lacks effective theories and methods of software dynamic trusted evaluation. Current trusted evaluation models only implement static integrity measurement, and can not ensure the dynamic trust of systems.
In order to solve above problems, an agent-based hierarchical trusted architecture is proposed. With the base of trusted computing platform, a concept architecture of software behavior semantic distance and an idea of multi-dimensional dynamic expansion of subjective logic are introduced separately from the objective and subjective points of view angle of software behavior trust. In accordance with the research method of "theoretical model→prototype system→experimental verification→theoretical model", dynamic trusted theories and models of software behavior are conducted. The followings are main research results and innovations:
1) The existing trusted models have complex structures and cannot guarantee the security of themselves. The agent-based hierarchical trusted architecture, which named MMA, has a simple structure and good expandability because MMA distributes analyzer agent, monitor agent and manager agent into the feature acquisition layer and the behavior evaluation layer above on the trusted foundamental layer. Based on the hierarchical trust expansion mechanism of trusted chain and the random theory, a dynamic verification model of integrity is proposed based on the "challenge-response" authentication mechanism, and an agent trusted authentication mechanism is implemented by the combination of static measurement and dynamic verification with TPM. The MMA architecture ensure the security of trusted evaluation system by extending the system trust chain to the agents.
2) In order to build the theoretical foundation of dynamic trusted evaluation model based on software behavior trust, the concepts of behavior trace, checkpoint scene, time stamp, et al., which characterize the properties and features of software behavior, are proposed from the objective point of view angle of software behavior trust, and a tree model of integrated features of software behavior is built. With the support of the trusted foundamental layer and TPM, an analyzing mechanism of expected software behavior and a monitoring mechanism of actual software behavior are implemented to ensure the feature information of software behavior. The concept of behavior semantic distance is proposed and an integrated measurement mechanism of behavior semantic distance is founded based on the membership function of the fuzzy theory, by defining a series of related measurement functions of software behavior properties, such as matching function of behavior trace, similarity function of checkpoint scene, and difference function of time stamp. Finally a software behavior automaton model based on software behavior semantic distance is proposed, and the experimental results show that the dynamic measurement ability of the SBA model is better than some existing dynamic trusted evaluation models of software behavior.
3) The traditional theory of subjective logic does not consider the fact that the subjective evaluation results change with the time. A new idea of extending subjective logic theory is proposed from the subjective point of view angle of software behavior trust, while the traditional two-dimensional opinion space is extended to multi-dimensional dynamic opinion space. A dynamic trusted evaluation model of entity behavior based on extended subjective logic is proposed, which is implemented by the reputation and risk evaluation mechanism. The experimental results show that the model can process malicious behavior with more sensitive reaction, more accurate detection, and more effective suppression.
The researches on software dynamic trusted theories and models based on software behavior can promote a healthy development of trusted computing, especially dynamic trusted evaluation technology. The research works have not only great theoretical value, but also good guided significence to technical practice.
引文
蔡吉人,冯登国.2008.技术创新推进信息安全产业发展[J].信息网络安全,(1):6-7.
曹成,周健,周红,等.2007.网络安全与对策[J].合肥工业大学学报(自然科学版),30(9):1091-1094.
陈恺,冯登国,苏璞睿.2010.基于延后策略的动态多路径分析方法[J].计算机学报,33(3):493-503.
陈瑞川,郭文嘉,唐礼勇,等.2009.一种抵御拒绝服务攻击的自适应客户端难题[J].软件学报,29(9):2558-2573.
陈浩,王广南,孙建华.2010.一种基于图的程序行为相似性比较方法[J].计算机应用研究,27(2):532-536.
陈泽茂,吴晓平,沈昌祥.2008.基于操作系统安全的恶意代码防御研究述评[J].计算机工程与设计,29(21):5407-5410.
储军杰,陈丽娟.1998.软件执行路径的高层次可视化表示[J].计算机学报,21(3):193-203.
方滨兴,殷丽华.2008.关于信息安全定义的研究[J].信息网络安全,(1):8-10.
冯登国.2002.关于发展我国信息安全的几点建议[J].中国科学院院刊,17(4):289-291.
冯登国.2007.国内外信息安全研究现状及发展趋势(摘编)[J].信息网络安全,(1):9-11.
冯登国,秦宇.2008.可信计算环境证明方法研究[J].计算机学报,31(9):1640-1652.
冯力,管晓宏,郭三刚,等.2004.采用规划识别理论预测系统调用序列中的入侵企图[J].计算机学报,27(8):1083-1091.
公安部.2010.第九次全国信息网络安全状况与计算机病毒疫情调查报告[EB/OL].北京:公安部,[2010-2-4]. http://www.antivirus-china.org.cn/head/diaocha2009/xinwengao2009.htm.
国家计算机网络应急技术处理协调中心.2009.2008年中国互联网网络安全报告[M].北京:电子工业出版社.
侯方勇,周进,王志英,等.2004.可信计算研究[J].计算机应用研究,21(12):1-4.
胡浩,张敏,冯登国.2009.基于信息流的可信操作系统度量架构[J].中国科学院研究生院学报,26(4):522-529.
黄辰林.2005.动态信任关系建模和管理技术研究[D]:[博士].长沙:国防科学技术大学,18-19.
黄辰林,胡华平,王志英.2007.一种面向可信决策的风险信任平衡模型研究[J1.计算机工程与科学,29(4):31-35.
贾晓琳,张森,覃征.2009.构造基于证据理论的群组信任管理模型[J].小型微型计算机系统,30(12):2369-2373.
李青山,陈平.2004.逆向工程中反射植入的研究[J].计算机学报,27(4):535-542.
李闻,戴英侠,连一峰,等.2009.基于混杂模型的上下文相关主机入侵检测系统[J].软件学报,20(1):138-151.
林闯,彭雪海.2005.可信网络研究[J].计算机学报,28(5):751-758.
林闯,田立勤,王元卓.2008.可信网络中用户行为可信的研究[J].计算机研究与发展,45(12):2033-2043.
林闯,孔祥震,周寰.2009.增强计算系统可信赖性:融合虚拟化和SOA[J].软件学报,20(7):1986-2004.
刘巍伟,韩臻,沈昌祥.2009.基于终端行为的可信网络连接控制方案[J].通信学报,30(11):127-134.
刘毅,陈泽茂,沈昌祥.2008.恶意代码的机理与模型研究[J].计算机工程与设计,29(22):5709-5712.
刘真.2008.虚拟机技术的复兴[J].计算机工程与科学,30(2):105-109.
马恒太,蒋建春,陈伟锋,等.2000.基于Agent的分布式入侵检测系统模型[J].软件学报,11(10):1312-1319.
马可方.2007.基于语义Web的服务匹配机制的研究[D]:[硕士].南宁:广西大学,9-11.
孟江涛,冯登国,薛锐.2004.分布式拒绝服务攻击的原理与防范[J].中国科学院研究生院学报,21(1):90-94.
卿斯汉.2008.可信计算的研究进展概述[J].信息网络安全,(11):18-19.
曲成义.2008.信息安全面临的新挑战和安全技术发展的新趋势[J].信息网络安全,(1):11-12.
屈延文.2005.软件行为学[M].北京:电子工业出版社.
屈延文.2007.中国信息安全产业未来20年科学发展[J].通信市场,(7-9):74-78.
沈昌祥.2002.关于加强信息安全保障体系的思考[J].信息安全与通信保密,(12):11-14.
沈昌祥.2003.信息安全国家发展战略思考与对策[J].中国人民公安大学学报(自然科学版),9(4):1-6.
沈昌祥.2006.坚持自主创新,加速发展可信计算[J].计算机安全,(6):2-4.
沈昌祥,张焕国,冯登国,等.2007.信息安全综述[J].中国科学E辑:信息科学,37(2):129-150.
石纯一,张伟.2007.基于Agent的计算[M].北京:清华大学出版社.
史一民,李冠宇,刘宁.2008.语义网服务中的本体综述[J].计算机工程与设计,29(23):5976-5979.
史忠植.2000.智能主体及其应用[M].北京:科学出版社.
谭小彬,王卫平,奚宏生,等.2003.计算机系统入侵检测的隐马尔可夫模型[J].计算机研究与发展,40(2):245-250.
唐文,陈钟.2003.基于模糊集合理论的主观信任管理模型研究[J].软件学报,14(8):1401-1408.
田立勤,林闯,杨扬.2008.分布式网络环境下实体行为信任的评估方法[J].计算机工程与应用,44(17):1-5.
田俊峰,肖冰,马晓雪,等.2007.TDDSS中可信模型及其分析[J].计算机研究与发展,44(4):598-605.
田新广,邱志明,李文法,等.2008.基于系统调用和数据挖掘的程序行为异常检测[J].计算机工程,34(2):1-3.
王怀民,唐扬斌,尹刚,等.2006.互联网软件的可信机理[J].中国科学E辑:信息科学,36(10):1156-1169.
王伟,曾国荪.2006.一种基于Bayesian信任模型的多Agent协作系统[J].计算机研究与发展,43(z1):122-126.
王伟,韦韬,罗海宁.2007.基于流分析的可执行程序结构化表示工具[J].计算机工程与应用,43(16):95-98.
王文杰,田启家1998.多主体系统中对其它主体的研究[J].计算机研究与发展,35(11):971-974.
王雨晨.2001.系统漏洞原理与常见攻击方法[J].计算机工程与应用,37(3):62-64.
魏克.2007.信息安全发展趋势及对策[J].中国教育网络,(4):46-47.
吴鹏,吴国新,方群.2008.一种基于概率统计方法的P2P系统可信评测模型[J].计算机研究与发展,45(3):408-416.
徐明迪,张焕国,严飞.2009.基于标记变迁系统的可信计算平台信任链测试[J].计算机学报,32(4):635-645.
薛庆.2006.基于语义距离的Web服务发现算法[D]:[硕士].济南:山东大学,7-10.
杨翠,谭成翔.2009.远端非可信平台Agent完整性保护机制研究与设计[J].计算机应用,29(11):3001-3004.
杨善林,丁帅,褚伟.2009.一种基于效用和证据理论的可信软件评估方法[J].计算机研究与发展,46(7):1152-1159.
姚立红,訾小超,谢立,等.2003.基于系统调用特征的入侵检测研究[J].电子学报,31(8):1134-1137.
余发江,张焕国.2004.可信安全计算平台的一种实现[J].武汉大学学报(理学版),50(1):69-73.
袁春,文振煜,张基宏,等.2006.基于密码学的访问控制和加密安全数据库[J].电子学报,34(11):2043-2046.
张焕国,何炎祥,赵波,等.2010.我国可信计算研究与发展[J].中国计算机学会通讯, 6(2):8-19.
张焕国,黄传河,刘玉珍,等.2004a.信息安全本科专业的人才培养与课程体系[J].高等理科教育,(2):16-20.
张焕国,毋国庆,覃中平,等.2004b.一种新型安全计算机[J].武汉大学学报(理学版),50(S1):1-6.
张焕国,刘玉珍,余发江,等.2004c.一种新型安全计算机[J].武汉大学学报(理学版),50(S1):7-11.
张焕国,罗捷,金刚,等.2006.可信计算研究进展[J].武汉大学学报(理学版),52(5):513-518.
张双,卿斯汉.2002.拒绝服务攻击的分析和防范[J].计算机工程与应用,38(12):183-187.
张伟,徐晋晖,石纯一.2001.[J].计算机科学,28(6):76-80.
张兴,沈昌祥.2008.一种新的可信平台控制模块设计方案[J].武汉大学学报:信息科学版,33(10):1011-1014.
张兴,沈昌祥.2010.一种基于无干扰模型的信任链传递分析方法[J].计算机学报,33(1):74-81.
张志猛,庄越挺,潘云鹤.2003.面向对象软件的逆向工程[J].计算机研究与发展,40(7):1062-1068.
张志平,杨建伟.2008.语义网技术及应用研究综述[J].情报学报,27(5):721-726.
赵巾帼.2008.基于语义距离的概念语义相似度研究[D]:[硕士].长沙:中南大学,25-28.
周明辉,梅宏.2004.可信计算研究的初步探疑[J].计算机科学,31(7):5-8.
周明天,谭良.2006.可信计算及其进展[J].电子科技大学学报,35(4):686-697.
周子学.2004.信息社会的基本特征和趋势探讨[J].理论前沿,(23):19-20.
Abrams M D, Joyce M V.1995a. Trusted System Concepts[J]. Computers & Security,14(1): 45-56.
Abrams M D, Joyce M V.1995b. Trusted Computing Update[J]. Computers & Security,14(1): 57-68.
Abrams M D, Joyce M V.1995c. New Thinking About Information Technology Security[J]. Computers & Security,14(1):69-81.
Anderson J P.1972. Computer Security Technology Planning Study[S]. ESD-TR-73-51. Bedford, MA:Electronic System Division, Air Force Systems Command, USA.
Ashri R, Ramchurn S D, Sabater J, et al.2005. Trust evaluation through relationship analysis[C]. Proceedings of the 4th international joint conference on Autonomous agents and multiagent systems. New York:ACM Press,1005-1011.
Avizienis Algirdas, Laprie J C, Randell B, et al.2004. Basic Concepts and Taxonomy Dependable and Secure Computing[J]. IEEE Transactions on Dependable and Secure Computing,1(1):11-33.
Balasubramaniyan J S, Garcia-fernandez J O, Isacoff D, et al.1998. An Architecture for Intrusion Detection using Autonomous Agents[C]. Proceedings of the 1998 Annual Computer Security Applications Conference.1-19.
Berners-Lee T, Hendler J, Lassila O.2001. The Semantic Web[J]. Scientific American Magazine, (5):1-12.
Bohnet J, Dollner J.2006. Visual exploration of function call graphs for feature location in complex software systems[C]. Proceedings of the 2006 ACM symposium on Software visualization. New York:ACM,95-104.
Bond M D, McKinley K S.2007. Probabilistic Call Context[C]. Proceedings of the 22nd Annual ACM SIGPLAN conference on Object-oriented programming systems and applications. New York:ACM,97-112.
Christodorescu M, Jha S, Kruegel C.2007. Mining specifications of malicious behavior[C]. Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering. New York:ACM, 5-14.
Cohen F.1987. Computer virues:Theory and Experiments[J]. Computers and Security,6(1): 22-35.
Dempster A P.1967. Upper and lower probabilities induced by a multivalued mapping[J]. The Annals of Mathematical Statistics,38 (2):325-339.
Dempster A P.1968. A generalization of Bayesian inference[J]. Journal of the Royal Statistical Society, Series B,30:205-247.
Deursen A, Burd E.2005. Software Reverse Engineering[J]. Journal of Systems and Software, 77(3):209-211.
DoD.1985. Department of Defense Trusted Computer System Evaluation Criteria[S]. DoD 5200.28-STD. Washington, DC:Department of Defense, USA.
Ehris M, Staab Steffen.2004a. QOM—Quick Ontology Mapping[C]. Proceedings of the 3rd International Semantic Web Conference (LNCS3298). Berlin, Heidelberg:Springer,683-697.
Ehris M, Sure Y.2004b. Ontology Mapping-An Integrated Approach[C]. The Semantic Web: Research and Applications (LNCS3053). Berlin, Heidelberg:Springer,76-91.
Feng H H, Kolesnikov O M, Fogla P, et al.2003. Anomaly Detection Using Call Stack Information[C]. Proceedings of the 2003 IEEE Symposium on Security and Privacy. Washington, DC:IEEE Computer Society,62-75.
Flaminioa T, Pinnab G M, Tiezzia E B P.2007. A complete fuzzy logical system to deal with trust management systems[J]. Fuzzy Sets and Systems,159(10):1191-1207.
Forrest S, Hofmeyr S A, Somayaji A, et al.1996. A Sense of Self for Unix Processes[C]. Proceedings of the 1996 IEEE Symposium on Security and Privacy. Washington, DC:IEEE Computer Society,120-128.
Frossi A, Maggi F, Rizzo G L, et al.2009. Selecting and Improving System Call Models for Anomaly Detection[C]. Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. Heidelberg:Springer-Verlag,206-223.
Giffin J T, Dagon David, Jha S, et al.2005. Environment-Sensitive Intrusion Detection[C]. Proceedings of the 8th International Symposium on Recent Advances in Intrusion Detection. Heidelberg:Springer Berlin,185-206.
Godefroid P, Levin M Y, Molnar D.2008. Automated Whitebox Fuzz Testing[C]. Proceedings of 16th Annual Network & Distributed System Security Symposium. San Diego, CA, USA: Internet Society.
Golbeck J, Parsia B, Hendler J.2003. Trust Networks on the Semantic Web[C]. Cooperative Information Agents Ⅶ(LNAI2782).Berlin, Heidelberg:Springer,238-249.
Gopalakrishna R, Spafford E H, Vitek J.2005. Efficient Intrusion Detection Using Automaton Inlining[C]. Proceedings of the 2005 IEEE Symposium on Security and Privacy. Washington, DC:IEEE Computer Society,18-31.
Hofmeyr S A, Forrest S, Somayaji A.1998. Intrusion Detection Using Sequences of System Calls[J]. Journal of Computer Security,6(3):151-180.
Huang C L, Hu H P, Wang Z Y.2005. The Extension of Subjective Logic for Time-Related Trust[J]. Wuhan University Journal of Natural sciences,10(1):56-60.
Huberman B A, Wu F.2004. The dynamics of reputations[J]. Journal of Statistical Mechanics: Theory and Experiment, (4):6-22.
Husserl E.1969. Formal and Transcendental Logic[M]. Hague, Netherlands:Martinus Nijhoff.
Huynh T D, Jennings N R, Shadbolt N R.2006. An integrated trust and reputation model for open multi-agent systems[J]. Autonomous Agents and Multi-Agent Systems,13(2):119-154.
Intel.2003. Intel Trusted Execution Technology[EB/OL]. Santa Clara, CA:Intel Corp., [2010-4-5]. http://www.intel.com/technology/security/.
ISO.2009. Information technology-Security techniques-Evaluation criteria for IT security-Part 1:Introduction and general model[S]. ISO/IEC 15408-1:2009(E). Switzerland: International Standard Organization.
ITU-T.2005. Information technology-Open Systems Interconnection-The Directory: Public-key and attribute certificate frameworks[S]. ITU-T Rec. X.519|ISO/IEC 9594-8(5th ed). Switzerland:International Standard Organization.
Jesi G P.2009. PeerSim:A Peer-to-Peer Simulator[EB/OL]. USA:Source Forge. [2009-3-10]. http://peersim. sourceforge.net/
Jones A, Li S.2001. Temporal Signatures for Intrusion Detection[C]. Proceedings of the 17th Annual Computer Security Applications Conference. Washington, DC:IEEE Computer Society,252-252.
Josang A.1997a. Artificial Reasoning with Subjective Logic[C]. Proceedings of the 2nd Australian Workshop on Commonsense Reasoning. Perth:Australian Computer Society,1-17.
Josang A.1997b. Prospectives for Modelling Trust in Information Security[C]. Proceedings of the 2rd Australasian Conference on information Security and Privacy. London, UK: Springer-Verlag,2-13.
Josang A.1997c. A Trust policy framework[C]. Proceedings of the 1st International Conference on Information and Communication Security. London, UK:Springer-Verlag,192-202.
Josang A.1998. A Subjective Metric of Authentication[C]. Proceedings of the 5th European Symposium on Research in Computer Security. London, UK:Springer-Verlag,329-344.
Josang A.1999. An Algebra for Assessing Trust in Certification Chains[C]. Proceedings of the 1999 Network and Distributed Systems Security Symposium. The Internet Society.
Josang A.2001. A logic for uncortain probabilities[J]. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems,9(3):279-311.
Josang A.2002. The consensus operator for combining beliefs[J]. Artificial Intelligent,141(1): 157-170.
Josang A.2007. Probabilistic logic under uncertainty[C]. Proceedings of the 13th Australasian symposium on Theory of computing (Vol.65). Darlinghurst, Australia:Australian Computer Society,101-110.
Josang A.2008. Conditional Reasoning with Subjective Logic[J]. Journal of Multiple-Valued Logic and Soft Computing,15(1):5-38.
Josang A, Bradley D, Knapskog S J.2004. Belief-based risk analysis[C]. Proceedings of the 2nd Workshop on Australasian information Security, Data Mining and Web intelligence, and Software internationalisation (Vol.32). Darlinghurst, Australia:Australian Computer Society, 63-68.
Josang A, Hayward R, Pope S.2006. Trust network analysis with subjective logic[C]. ACM International Conference Proceeding Series(Vol.171); Proceedings of the 29th Australasian Computer Science Conference (Vol.48). Hobart, Australia:ACM,85-94.
Josang A, Haller J.2007. Dirichlet Reputation Systems[C]. Proceedings of the the 2nd International Conference on Availability, Reliability and Security. Washington, DC:IEEE Computer Society,112-119.
Josang A, Bhuiyan T.2008. Optimal Trust Network Analysis with Subjective Logic[C]. Proceedings of the 2008 International Conference on Emerging Security information, Systems and Technologies. Washington, DC:IEEE Computer Society,179-184.
Josang A, Diaz J, Rifqi M.2010. Cumulative and averaging fusion of beliefs[J]. Information Fusion,11(2):192-200.
Lin J, Keogh E, Lonardi S, et al.2003. A Symbolic Representation of Time Series, with Implications for Streaming Algorithms[C]. Proceedings of the 8th ACM SIGMOD workshop on Research issues in data mining and knowledge discovery. New York:ACM,2-11.
Lin J, Keogh E, Wei L, et al.2007. Experiencing SAX:a Novel Symbolic Representation of Time Series. Data Mining and Knowledge Discovery,15(2):107-144.
Liu B D.2007. Uncertainty Theory[C]. Studies in Fuzziness and Soft Computing. Berlin, Heidelberg:Springer,154:205-234.
Liu Z, Bridges S M, Vaughn R B.2005. Combining Static Analysis and Dynamic Learning to Build Accurate Intrusion Detection Models[C]. Proceedings of the 3rd IEEE International Workshop on Information Assurance. Washington, DC:IEEE Computer Society,164-177.
McConnell M.2002. Information assurance in the twenty-first century[J]. Computer,32(4): 16-19.
Microsoft.2002. A Trustworthy Vision for Computing[EB/OL]. Seattle, Washington:Microsoft Corp., [2010-4-5]. http://www.microsoft.com/mscorp/twc/overview.mspx.
Microsoft.2003. Next-Generation Secure Computing Base[EB/OL]. Seattle, Washington: Microsoft Corp., [2010-4-5]. http://www.microsoft.com/resources/ngscb/default.mspx.
Minsky M.1985. The Society of Mind[M]. New York:Simon & Schuster.
Mitzenmacher Michael, Upfal E.2005. Probability and computing:randomized algorithms and probabilistic analysis[M]. New York:Cambridge University Press.
Muller H A, Jahnke J H, Smith D B.2000. Reverse engineering:a roadmap[C]. Proceedings of the Conference on The Future of Software Engineering. New York:ACM,47-60.
Mutz D, Valeur F, Vigna G, et al.2006. Anomalous System Call Detection[J]. ACM Transactions on Information and System Security,9(1):61-93.
NCSC,1987. Trusted Network Interpretation of the Trusted Computer System Evaluation Criteria[S]. NCSC-TG-005. Washington, DC:National Computer Security Center, USA.
NCSC.1991. Trusted Database Management System Interpretation of the Trusted Computer System Evaluation Criteria[S]. NCSC-TG-021. Washington, DC:National Computer Security Center, USA.
Nibaldi G H.1979. Proposed Technical Evaluation Criteria for Trusted Computer Systems[S]. M79-225. Bedford, MA:MITRE Corp.
Nibaldi G H.1979. Specification of a Trusted Computing Base[S]. M79-228. Bedford, MA: MITRE Corp.
NSA.2002. Information Assurance Technical Framework [S]. IATF Release 3.1. Fort Meade, MD:National Security Agency, USA.
NSF.2010. Trustworthy Computing Program[EB/OL]. Arlington, Virginia:The National Science Foundation, USA, [2010-2-23]. http://www.nsf.gov/funding/pgm_summ.jsp?pims_id=503326.
OpenTC.2010. The Open Trusted Computing Consortium[EB/OL]. http://www.opentc.net/.
Parampalli C, Sekar R, Johnson R.2008. A practical mimicry attack against powerful system-call monitors[C]. Proceedings of the 2008 ACM symposium on Information, computer and communications security. New York, USA:ACM,156-167.
Patel J, Teacy W T L, Jennings N R, et al.2005. A Probabilistic Trust Model for Handling Inaccurate Reputation Sources[C].Trust Management,3rd International Conference on iTrust. Heidelberg:Springer Berlin,193-209.
Peng G J, Pan X C, Zhang H G, et al.2008. Dynamic trustiness authentication framework based on software's behavior integrity[C]. Proceeding? of The 9th International Conference for Young Computer Scientists. Washington, DC:IEEE Computer Society,2283-2288.
Peng G J, Tao F, Zhang H G, et al.2009. Research on Theory Model of Software Dynamic Trustiness Based on Behavior Integrity[C]. Proceedings of the 2009 International Conference on Multimedia Information Networking and Security, Vol.01. Washington, DC:IEEE Computer Society,130-134.
Peterson D S, Bishop M, Pandey R.2002. A Flexible Containment Mechanism for Executing Untrusted Code[C]. Proceedings of the 11th USENIX Security Symposium. San Francisco, CA, USA:USENIX,207-225.
Pfleeger C P, Pfleeger S L.2006. Security in Computing[M].4th ed. New Jersey:Prentice Hall.
Ramchurn S D, Huynh T D, Jennings N R.2004. Trust in multi-agent systems[J]. The Knowledge Engineering Review,19(1):1-25.
Russell B.1923. Vagueness[J]. The Australasian Journal of Psychology and Philosophy,1: 84-92.
Shafer G.1976. A Mathematical Theory of Evidence[M]. Princeton, USA:Princeton University Press.
Shafer G.1990. Perspectives on the theory and practice of belief functions[J]. International Journal of Approximate Reasoning,4(5-6):323-362.
Spivey J M.2004. Fast, Accurate Call Graph Profiling[J]. Software-Practice & Experience,34(3): 249-264.
Strongin G.2005. Trusted Computing Using AMD "Pacifica" and "Presidio" Secure Virtual Machine Technology [J]. Information Security Technical Report,10(2):120-132.
Studer R, Benjamins V R, Fensel D.1998. Knowledge engineering:Principles and methods[J]. Data & Knowledge Engineering,25(1-2):161-197.
Takanen A, DeMott J, Miller C.2008. Fuzzing for software security testing and quality assurance[M]. Norwood, MA, USA:Artech House.
Tan K M C, Killourhy Kevin S, Maxion R A.2002. Undermining an Anomaly-Based Intrusion Detection System Using Common Exploits[C]. Recent Advances in Intrusion Detection(LNCS2516). Berlin, Heidelberg:Springer,54-73.
Tan K M C, Maxion R A.2003. Determining the operational limits of an anomaly-based intrusion detector[J]. IEEE Journal on Selected Areas in Communications,21(1):96-110.
TCG.2005a. PC Client Work Group Specific Implementation Specification for Conventional Bios Specification, Version 1.2[EB/OL]. Beaverton, Oregon:Trusted Computing Group, [2005-7-13]. http://www.trustedcomputinggroup.org/resources/pc_client_work_group_specific_implementation_specification_for_conventional_bios_specification_version_12/.
TCG 2005b. PC Client Work Group PC Client Specific TPM Interface Specification (TIS), Version 1.2[EB/OL]. Beaverton, Oregon:Trusted Computing Group, [2005-7-13]. http://www. trustedcomputinggroup.org/resources/pc_client_work_group_pc_client_specific_tpm_interfac e_specification_tis_version_12/.
TCG.2007. TCG Specification Architecture Overview Specification Revision 1.4[EB/OL]. Beaverton, Oregon:Trusted Computing Group, [2007-8-2]. http://www.trustedcomputinggroup.org/resources/tcg_architecture_overview_version_14.
TCG.2010a. Trusted Computing Group可信计算组[EB/OL]. Beaverton, Oregon:Trusted Computing Group, [2010-4-5]. http://www.trustedcomputinggroup.org/cn.
TCG.2010b. Resources of Trusted Computing Group[EB/OL]. Beaverton, Oregon:Trusted Computing Group, [2010-4-5]. http://www.trustedcomputinggroup.org/resources.
Teo L, Sun Y A, Ahn G J.2004. Defeating Internet Attacks Using Risk Awareness and Active Honeypots[C]. Proceedings of the 2nd IEEE International Information Assurance Workshop. Washington, DC, USA:IEEE Computer Society,155-155.
Tian J F, Li J.2009. A Trust Domain-Based Resource Selection Model for Multi-Agent[C]. Proceedings of the 2nd International Symposium on Electronic Commerce and Security Volume 01. Washington, DC:IEEE Computer Society,280-286.
Wagner D, Dean Drew.2001. Intrusion Detection via Static Analysis [C]. Proceedings of the 2001 IEEE Symposium on Security and Privacy. Washington, DC:IEEE Computer Society, 156-169.
Wang W, Guan X H, Zhang X L, et al.2006. Profiling Program Behavior for Anomaly Intrusion Detection Based on The Transition and Frequency Property of Computer Audit Data[J]. Computers & Security,25(5):539-550.
Wei L, Keogh E.2006. Semi-supervised time series classification[C]. Proceedings of the 12th ACM SIGKDD International conference on Knowledge discovery and data mining. New York: ACM,748-753.
Wooldridge M, Jennings N R.1995. Agent theories, architectures, and languages:A survey[C]. Proceedings of the workshop on agent theories, architectures, and languages on Intelligent agents. New York:Springer-Verlag,1-39.
Zadeh L A.1984. Review of Shafer's A Mathematical Theory of Evidence[J]. The AI Magazine, 5(3):84-83.
Zhang F, Zhou S, Qin Z, et al.2003. Honeypot:A supplemented active defense system for network security[C]. Proceedings of the 4th International Conference on Parallel and Distributed Computing, Applications and Technologies. Washington, DC, USA:IEEE Computer Society,231-235.
Zhuang X T, Serrano M J, Cain H W, et al.2006. Accurate, Efficient, and Adaptive Call Context Profiling[C]. Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation. New York:ACM,263-271.
曹成,周健,周红,等.2007.网络安全与对策[J].合肥工业大学学报(自然科学版),30(9):1091-1094.
陈恺,冯登国,苏璞睿.2010.基于延后策略的动态多路径分析方法[J].计算机学报,33(3):493-503.
陈瑞川,郭文嘉,唐礼勇,等.2009.一种抵御拒绝服务攻击的自适应客户端难题[J].软件学报,29(9):2558-2573.
陈浩,王广南,孙建华.2010.一种基于图的程序行为相似性比较方法[J].计算机应用研究,27(2):532-536.
陈泽茂,吴晓平,沈昌祥.2008.基于操作系统安全的恶意代码防御研究述评[J].计算机工程与设计,29(21):5407-5410.
储军杰,陈丽娟.1998.软件执行路径的高层次可视化表示[J].计算机学报,21(3):193-203.
方滨兴,殷丽华.2008.关于信息安全定义的研究[J].信息网络安全,(1):8-10.
冯登国.2002.关于发展我国信息安全的几点建议[J].中国科学院院刊,17(4):289-291.
冯登国.2007.国内外信息安全研究现状及发展趋势(摘编)[J].信息网络安全,(1):9-11.
冯登国,秦宇.2008.可信计算环境证明方法研究[J].计算机学报,31(9):1640-1652.
冯力,管晓宏,郭三刚,等.2004.采用规划识别理论预测系统调用序列中的入侵企图[J].计算机学报,27(8):1083-1091.
公安部.2010.第九次全国信息网络安全状况与计算机病毒疫情调查报告[EB/OL].北京:公安部,[2010-2-4]. http://www.antivirus-china.org.cn/head/diaocha2009/xinwengao2009.htm.
国家计算机网络应急技术处理协调中心.2009.2008年中国互联网网络安全报告[M].北京:电子工业出版社.
侯方勇,周进,王志英,等.2004.可信计算研究[J].计算机应用研究,21(12):1-4.
胡浩,张敏,冯登国.2009.基于信息流的可信操作系统度量架构[J].中国科学院研究生院学报,26(4):522-529.
黄辰林.2005.动态信任关系建模和管理技术研究[D]:[博士].长沙:国防科学技术大学,18-19.
黄辰林,胡华平,王志英.2007.一种面向可信决策的风险信任平衡模型研究[J1.计算机工程与科学,29(4):31-35.
贾晓琳,张森,覃征.2009.构造基于证据理论的群组信任管理模型[J].小型微型计算机系统,30(12):2369-2373.
李青山,陈平.2004.逆向工程中反射植入的研究[J].计算机学报,27(4):535-542.
李闻,戴英侠,连一峰,等.2009.基于混杂模型的上下文相关主机入侵检测系统[J].软件学报,20(1):138-151.
林闯,彭雪海.2005.可信网络研究[J].计算机学报,28(5):751-758.
林闯,田立勤,王元卓.2008.可信网络中用户行为可信的研究[J].计算机研究与发展,45(12):2033-2043.
林闯,孔祥震,周寰.2009.增强计算系统可信赖性:融合虚拟化和SOA[J].软件学报,20(7):1986-2004.
刘巍伟,韩臻,沈昌祥.2009.基于终端行为的可信网络连接控制方案[J].通信学报,30(11):127-134.
刘毅,陈泽茂,沈昌祥.2008.恶意代码的机理与模型研究[J].计算机工程与设计,29(22):5709-5712.
刘真.2008.虚拟机技术的复兴[J].计算机工程与科学,30(2):105-109.
马恒太,蒋建春,陈伟锋,等.2000.基于Agent的分布式入侵检测系统模型[J].软件学报,11(10):1312-1319.
马可方.2007.基于语义Web的服务匹配机制的研究[D]:[硕士].南宁:广西大学,9-11.
孟江涛,冯登国,薛锐.2004.分布式拒绝服务攻击的原理与防范[J].中国科学院研究生院学报,21(1):90-94.
卿斯汉.2008.可信计算的研究进展概述[J].信息网络安全,(11):18-19.
曲成义.2008.信息安全面临的新挑战和安全技术发展的新趋势[J].信息网络安全,(1):11-12.
屈延文.2005.软件行为学[M].北京:电子工业出版社.
屈延文.2007.中国信息安全产业未来20年科学发展[J].通信市场,(7-9):74-78.
沈昌祥.2002.关于加强信息安全保障体系的思考[J].信息安全与通信保密,(12):11-14.
沈昌祥.2003.信息安全国家发展战略思考与对策[J].中国人民公安大学学报(自然科学版),9(4):1-6.
沈昌祥.2006.坚持自主创新,加速发展可信计算[J].计算机安全,(6):2-4.
沈昌祥,张焕国,冯登国,等.2007.信息安全综述[J].中国科学E辑:信息科学,37(2):129-150.
石纯一,张伟.2007.基于Agent的计算[M].北京:清华大学出版社.
史一民,李冠宇,刘宁.2008.语义网服务中的本体综述[J].计算机工程与设计,29(23):5976-5979.
史忠植.2000.智能主体及其应用[M].北京:科学出版社.
谭小彬,王卫平,奚宏生,等.2003.计算机系统入侵检测的隐马尔可夫模型[J].计算机研究与发展,40(2):245-250.
唐文,陈钟.2003.基于模糊集合理论的主观信任管理模型研究[J].软件学报,14(8):1401-1408.
田立勤,林闯,杨扬.2008.分布式网络环境下实体行为信任的评估方法[J].计算机工程与应用,44(17):1-5.
田俊峰,肖冰,马晓雪,等.2007.TDDSS中可信模型及其分析[J].计算机研究与发展,44(4):598-605.
田新广,邱志明,李文法,等.2008.基于系统调用和数据挖掘的程序行为异常检测[J].计算机工程,34(2):1-3.
王怀民,唐扬斌,尹刚,等.2006.互联网软件的可信机理[J].中国科学E辑:信息科学,36(10):1156-1169.
王伟,曾国荪.2006.一种基于Bayesian信任模型的多Agent协作系统[J].计算机研究与发展,43(z1):122-126.
王伟,韦韬,罗海宁.2007.基于流分析的可执行程序结构化表示工具[J].计算机工程与应用,43(16):95-98.
王文杰,田启家1998.多主体系统中对其它主体的研究[J].计算机研究与发展,35(11):971-974.
王雨晨.2001.系统漏洞原理与常见攻击方法[J].计算机工程与应用,37(3):62-64.
魏克.2007.信息安全发展趋势及对策[J].中国教育网络,(4):46-47.
吴鹏,吴国新,方群.2008.一种基于概率统计方法的P2P系统可信评测模型[J].计算机研究与发展,45(3):408-416.
徐明迪,张焕国,严飞.2009.基于标记变迁系统的可信计算平台信任链测试[J].计算机学报,32(4):635-645.
薛庆.2006.基于语义距离的Web服务发现算法[D]:[硕士].济南:山东大学,7-10.
杨翠,谭成翔.2009.远端非可信平台Agent完整性保护机制研究与设计[J].计算机应用,29(11):3001-3004.
杨善林,丁帅,褚伟.2009.一种基于效用和证据理论的可信软件评估方法[J].计算机研究与发展,46(7):1152-1159.
姚立红,訾小超,谢立,等.2003.基于系统调用特征的入侵检测研究[J].电子学报,31(8):1134-1137.
余发江,张焕国.2004.可信安全计算平台的一种实现[J].武汉大学学报(理学版),50(1):69-73.
袁春,文振煜,张基宏,等.2006.基于密码学的访问控制和加密安全数据库[J].电子学报,34(11):2043-2046.
张焕国,何炎祥,赵波,等.2010.我国可信计算研究与发展[J].中国计算机学会通讯, 6(2):8-19.
张焕国,黄传河,刘玉珍,等.2004a.信息安全本科专业的人才培养与课程体系[J].高等理科教育,(2):16-20.
张焕国,毋国庆,覃中平,等.2004b.一种新型安全计算机[J].武汉大学学报(理学版),50(S1):1-6.
张焕国,刘玉珍,余发江,等.2004c.一种新型安全计算机[J].武汉大学学报(理学版),50(S1):7-11.
张焕国,罗捷,金刚,等.2006.可信计算研究进展[J].武汉大学学报(理学版),52(5):513-518.
张双,卿斯汉.2002.拒绝服务攻击的分析和防范[J].计算机工程与应用,38(12):183-187.
张伟,徐晋晖,石纯一.2001.[J].计算机科学,28(6):76-80.
张兴,沈昌祥.2008.一种新的可信平台控制模块设计方案[J].武汉大学学报:信息科学版,33(10):1011-1014.
张兴,沈昌祥.2010.一种基于无干扰模型的信任链传递分析方法[J].计算机学报,33(1):74-81.
张志猛,庄越挺,潘云鹤.2003.面向对象软件的逆向工程[J].计算机研究与发展,40(7):1062-1068.
张志平,杨建伟.2008.语义网技术及应用研究综述[J].情报学报,27(5):721-726.
赵巾帼.2008.基于语义距离的概念语义相似度研究[D]:[硕士].长沙:中南大学,25-28.
周明辉,梅宏.2004.可信计算研究的初步探疑[J].计算机科学,31(7):5-8.
周明天,谭良.2006.可信计算及其进展[J].电子科技大学学报,35(4):686-697.
周子学.2004.信息社会的基本特征和趋势探讨[J].理论前沿,(23):19-20.
Abrams M D, Joyce M V.1995a. Trusted System Concepts[J]. Computers & Security,14(1): 45-56.
Abrams M D, Joyce M V.1995b. Trusted Computing Update[J]. Computers & Security,14(1): 57-68.
Abrams M D, Joyce M V.1995c. New Thinking About Information Technology Security[J]. Computers & Security,14(1):69-81.
Anderson J P.1972. Computer Security Technology Planning Study[S]. ESD-TR-73-51. Bedford, MA:Electronic System Division, Air Force Systems Command, USA.
Ashri R, Ramchurn S D, Sabater J, et al.2005. Trust evaluation through relationship analysis[C]. Proceedings of the 4th international joint conference on Autonomous agents and multiagent systems. New York:ACM Press,1005-1011.
Avizienis Algirdas, Laprie J C, Randell B, et al.2004. Basic Concepts and Taxonomy Dependable and Secure Computing[J]. IEEE Transactions on Dependable and Secure Computing,1(1):11-33.
Balasubramaniyan J S, Garcia-fernandez J O, Isacoff D, et al.1998. An Architecture for Intrusion Detection using Autonomous Agents[C]. Proceedings of the 1998 Annual Computer Security Applications Conference.1-19.
Berners-Lee T, Hendler J, Lassila O.2001. The Semantic Web[J]. Scientific American Magazine, (5):1-12.
Bohnet J, Dollner J.2006. Visual exploration of function call graphs for feature location in complex software systems[C]. Proceedings of the 2006 ACM symposium on Software visualization. New York:ACM,95-104.
Bond M D, McKinley K S.2007. Probabilistic Call Context[C]. Proceedings of the 22nd Annual ACM SIGPLAN conference on Object-oriented programming systems and applications. New York:ACM,97-112.
Christodorescu M, Jha S, Kruegel C.2007. Mining specifications of malicious behavior[C]. Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering. New York:ACM, 5-14.
Cohen F.1987. Computer virues:Theory and Experiments[J]. Computers and Security,6(1): 22-35.
Dempster A P.1967. Upper and lower probabilities induced by a multivalued mapping[J]. The Annals of Mathematical Statistics,38 (2):325-339.
Dempster A P.1968. A generalization of Bayesian inference[J]. Journal of the Royal Statistical Society, Series B,30:205-247.
Deursen A, Burd E.2005. Software Reverse Engineering[J]. Journal of Systems and Software, 77(3):209-211.
DoD.1985. Department of Defense Trusted Computer System Evaluation Criteria[S]. DoD 5200.28-STD. Washington, DC:Department of Defense, USA.
Ehris M, Staab Steffen.2004a. QOM—Quick Ontology Mapping[C]. Proceedings of the 3rd International Semantic Web Conference (LNCS3298). Berlin, Heidelberg:Springer,683-697.
Ehris M, Sure Y.2004b. Ontology Mapping-An Integrated Approach[C]. The Semantic Web: Research and Applications (LNCS3053). Berlin, Heidelberg:Springer,76-91.
Feng H H, Kolesnikov O M, Fogla P, et al.2003. Anomaly Detection Using Call Stack Information[C]. Proceedings of the 2003 IEEE Symposium on Security and Privacy. Washington, DC:IEEE Computer Society,62-75.
Flaminioa T, Pinnab G M, Tiezzia E B P.2007. A complete fuzzy logical system to deal with trust management systems[J]. Fuzzy Sets and Systems,159(10):1191-1207.
Forrest S, Hofmeyr S A, Somayaji A, et al.1996. A Sense of Self for Unix Processes[C]. Proceedings of the 1996 IEEE Symposium on Security and Privacy. Washington, DC:IEEE Computer Society,120-128.
Frossi A, Maggi F, Rizzo G L, et al.2009. Selecting and Improving System Call Models for Anomaly Detection[C]. Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. Heidelberg:Springer-Verlag,206-223.
Giffin J T, Dagon David, Jha S, et al.2005. Environment-Sensitive Intrusion Detection[C]. Proceedings of the 8th International Symposium on Recent Advances in Intrusion Detection. Heidelberg:Springer Berlin,185-206.
Godefroid P, Levin M Y, Molnar D.2008. Automated Whitebox Fuzz Testing[C]. Proceedings of 16th Annual Network & Distributed System Security Symposium. San Diego, CA, USA: Internet Society.
Golbeck J, Parsia B, Hendler J.2003. Trust Networks on the Semantic Web[C]. Cooperative Information Agents Ⅶ(LNAI2782).Berlin, Heidelberg:Springer,238-249.
Gopalakrishna R, Spafford E H, Vitek J.2005. Efficient Intrusion Detection Using Automaton Inlining[C]. Proceedings of the 2005 IEEE Symposium on Security and Privacy. Washington, DC:IEEE Computer Society,18-31.
Hofmeyr S A, Forrest S, Somayaji A.1998. Intrusion Detection Using Sequences of System Calls[J]. Journal of Computer Security,6(3):151-180.
Huang C L, Hu H P, Wang Z Y.2005. The Extension of Subjective Logic for Time-Related Trust[J]. Wuhan University Journal of Natural sciences,10(1):56-60.
Huberman B A, Wu F.2004. The dynamics of reputations[J]. Journal of Statistical Mechanics: Theory and Experiment, (4):6-22.
Husserl E.1969. Formal and Transcendental Logic[M]. Hague, Netherlands:Martinus Nijhoff.
Huynh T D, Jennings N R, Shadbolt N R.2006. An integrated trust and reputation model for open multi-agent systems[J]. Autonomous Agents and Multi-Agent Systems,13(2):119-154.
Intel.2003. Intel Trusted Execution Technology[EB/OL]. Santa Clara, CA:Intel Corp., [2010-4-5]. http://www.intel.com/technology/security/.
ISO.2009. Information technology-Security techniques-Evaluation criteria for IT security-Part 1:Introduction and general model[S]. ISO/IEC 15408-1:2009(E). Switzerland: International Standard Organization.
ITU-T.2005. Information technology-Open Systems Interconnection-The Directory: Public-key and attribute certificate frameworks[S]. ITU-T Rec. X.519|ISO/IEC 9594-8(5th ed). Switzerland:International Standard Organization.
Jesi G P.2009. PeerSim:A Peer-to-Peer Simulator[EB/OL]. USA:Source Forge. [2009-3-10]. http://peersim. sourceforge.net/
Jones A, Li S.2001. Temporal Signatures for Intrusion Detection[C]. Proceedings of the 17th Annual Computer Security Applications Conference. Washington, DC:IEEE Computer Society,252-252.
Josang A.1997a. Artificial Reasoning with Subjective Logic[C]. Proceedings of the 2nd Australian Workshop on Commonsense Reasoning. Perth:Australian Computer Society,1-17.
Josang A.1997b. Prospectives for Modelling Trust in Information Security[C]. Proceedings of the 2rd Australasian Conference on information Security and Privacy. London, UK: Springer-Verlag,2-13.
Josang A.1997c. A Trust policy framework[C]. Proceedings of the 1st International Conference on Information and Communication Security. London, UK:Springer-Verlag,192-202.
Josang A.1998. A Subjective Metric of Authentication[C]. Proceedings of the 5th European Symposium on Research in Computer Security. London, UK:Springer-Verlag,329-344.
Josang A.1999. An Algebra for Assessing Trust in Certification Chains[C]. Proceedings of the 1999 Network and Distributed Systems Security Symposium. The Internet Society.
Josang A.2001. A logic for uncortain probabilities[J]. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems,9(3):279-311.
Josang A.2002. The consensus operator for combining beliefs[J]. Artificial Intelligent,141(1): 157-170.
Josang A.2007. Probabilistic logic under uncertainty[C]. Proceedings of the 13th Australasian symposium on Theory of computing (Vol.65). Darlinghurst, Australia:Australian Computer Society,101-110.
Josang A.2008. Conditional Reasoning with Subjective Logic[J]. Journal of Multiple-Valued Logic and Soft Computing,15(1):5-38.
Josang A, Bradley D, Knapskog S J.2004. Belief-based risk analysis[C]. Proceedings of the 2nd Workshop on Australasian information Security, Data Mining and Web intelligence, and Software internationalisation (Vol.32). Darlinghurst, Australia:Australian Computer Society, 63-68.
Josang A, Hayward R, Pope S.2006. Trust network analysis with subjective logic[C]. ACM International Conference Proceeding Series(Vol.171); Proceedings of the 29th Australasian Computer Science Conference (Vol.48). Hobart, Australia:ACM,85-94.
Josang A, Haller J.2007. Dirichlet Reputation Systems[C]. Proceedings of the the 2nd International Conference on Availability, Reliability and Security. Washington, DC:IEEE Computer Society,112-119.
Josang A, Bhuiyan T.2008. Optimal Trust Network Analysis with Subjective Logic[C]. Proceedings of the 2008 International Conference on Emerging Security information, Systems and Technologies. Washington, DC:IEEE Computer Society,179-184.
Josang A, Diaz J, Rifqi M.2010. Cumulative and averaging fusion of beliefs[J]. Information Fusion,11(2):192-200.
Lin J, Keogh E, Lonardi S, et al.2003. A Symbolic Representation of Time Series, with Implications for Streaming Algorithms[C]. Proceedings of the 8th ACM SIGMOD workshop on Research issues in data mining and knowledge discovery. New York:ACM,2-11.
Lin J, Keogh E, Wei L, et al.2007. Experiencing SAX:a Novel Symbolic Representation of Time Series. Data Mining and Knowledge Discovery,15(2):107-144.
Liu B D.2007. Uncertainty Theory[C]. Studies in Fuzziness and Soft Computing. Berlin, Heidelberg:Springer,154:205-234.
Liu Z, Bridges S M, Vaughn R B.2005. Combining Static Analysis and Dynamic Learning to Build Accurate Intrusion Detection Models[C]. Proceedings of the 3rd IEEE International Workshop on Information Assurance. Washington, DC:IEEE Computer Society,164-177.
McConnell M.2002. Information assurance in the twenty-first century[J]. Computer,32(4): 16-19.
Microsoft.2002. A Trustworthy Vision for Computing[EB/OL]. Seattle, Washington:Microsoft Corp., [2010-4-5]. http://www.microsoft.com/mscorp/twc/overview.mspx.
Microsoft.2003. Next-Generation Secure Computing Base[EB/OL]. Seattle, Washington: Microsoft Corp., [2010-4-5]. http://www.microsoft.com/resources/ngscb/default.mspx.
Minsky M.1985. The Society of Mind[M]. New York:Simon & Schuster.
Mitzenmacher Michael, Upfal E.2005. Probability and computing:randomized algorithms and probabilistic analysis[M]. New York:Cambridge University Press.
Muller H A, Jahnke J H, Smith D B.2000. Reverse engineering:a roadmap[C]. Proceedings of the Conference on The Future of Software Engineering. New York:ACM,47-60.
Mutz D, Valeur F, Vigna G, et al.2006. Anomalous System Call Detection[J]. ACM Transactions on Information and System Security,9(1):61-93.
NCSC,1987. Trusted Network Interpretation of the Trusted Computer System Evaluation Criteria[S]. NCSC-TG-005. Washington, DC:National Computer Security Center, USA.
NCSC.1991. Trusted Database Management System Interpretation of the Trusted Computer System Evaluation Criteria[S]. NCSC-TG-021. Washington, DC:National Computer Security Center, USA.
Nibaldi G H.1979. Proposed Technical Evaluation Criteria for Trusted Computer Systems[S]. M79-225. Bedford, MA:MITRE Corp.
Nibaldi G H.1979. Specification of a Trusted Computing Base[S]. M79-228. Bedford, MA: MITRE Corp.
NSA.2002. Information Assurance Technical Framework [S]. IATF Release 3.1. Fort Meade, MD:National Security Agency, USA.
NSF.2010. Trustworthy Computing Program[EB/OL]. Arlington, Virginia:The National Science Foundation, USA, [2010-2-23]. http://www.nsf.gov/funding/pgm_summ.jsp?pims_id=503326.
OpenTC.2010. The Open Trusted Computing Consortium[EB/OL]. http://www.opentc.net/.
Parampalli C, Sekar R, Johnson R.2008. A practical mimicry attack against powerful system-call monitors[C]. Proceedings of the 2008 ACM symposium on Information, computer and communications security. New York, USA:ACM,156-167.
Patel J, Teacy W T L, Jennings N R, et al.2005. A Probabilistic Trust Model for Handling Inaccurate Reputation Sources[C].Trust Management,3rd International Conference on iTrust. Heidelberg:Springer Berlin,193-209.
Peng G J, Pan X C, Zhang H G, et al.2008. Dynamic trustiness authentication framework based on software's behavior integrity[C]. Proceeding? of The 9th International Conference for Young Computer Scientists. Washington, DC:IEEE Computer Society,2283-2288.
Peng G J, Tao F, Zhang H G, et al.2009. Research on Theory Model of Software Dynamic Trustiness Based on Behavior Integrity[C]. Proceedings of the 2009 International Conference on Multimedia Information Networking and Security, Vol.01. Washington, DC:IEEE Computer Society,130-134.
Peterson D S, Bishop M, Pandey R.2002. A Flexible Containment Mechanism for Executing Untrusted Code[C]. Proceedings of the 11th USENIX Security Symposium. San Francisco, CA, USA:USENIX,207-225.
Pfleeger C P, Pfleeger S L.2006. Security in Computing[M].4th ed. New Jersey:Prentice Hall.
Ramchurn S D, Huynh T D, Jennings N R.2004. Trust in multi-agent systems[J]. The Knowledge Engineering Review,19(1):1-25.
Russell B.1923. Vagueness[J]. The Australasian Journal of Psychology and Philosophy,1: 84-92.
Shafer G.1976. A Mathematical Theory of Evidence[M]. Princeton, USA:Princeton University Press.
Shafer G.1990. Perspectives on the theory and practice of belief functions[J]. International Journal of Approximate Reasoning,4(5-6):323-362.
Spivey J M.2004. Fast, Accurate Call Graph Profiling[J]. Software-Practice & Experience,34(3): 249-264.
Strongin G.2005. Trusted Computing Using AMD "Pacifica" and "Presidio" Secure Virtual Machine Technology [J]. Information Security Technical Report,10(2):120-132.
Studer R, Benjamins V R, Fensel D.1998. Knowledge engineering:Principles and methods[J]. Data & Knowledge Engineering,25(1-2):161-197.
Takanen A, DeMott J, Miller C.2008. Fuzzing for software security testing and quality assurance[M]. Norwood, MA, USA:Artech House.
Tan K M C, Killourhy Kevin S, Maxion R A.2002. Undermining an Anomaly-Based Intrusion Detection System Using Common Exploits[C]. Recent Advances in Intrusion Detection(LNCS2516). Berlin, Heidelberg:Springer,54-73.
Tan K M C, Maxion R A.2003. Determining the operational limits of an anomaly-based intrusion detector[J]. IEEE Journal on Selected Areas in Communications,21(1):96-110.
TCG.2005a. PC Client Work Group Specific Implementation Specification for Conventional Bios Specification, Version 1.2[EB/OL]. Beaverton, Oregon:Trusted Computing Group, [2005-7-13]. http://www.trustedcomputinggroup.org/resources/pc_client_work_group_specific_implementation_specification_for_conventional_bios_specification_version_12/.
TCG 2005b. PC Client Work Group PC Client Specific TPM Interface Specification (TIS), Version 1.2[EB/OL]. Beaverton, Oregon:Trusted Computing Group, [2005-7-13]. http://www. trustedcomputinggroup.org/resources/pc_client_work_group_pc_client_specific_tpm_interfac e_specification_tis_version_12/.
TCG.2007. TCG Specification Architecture Overview Specification Revision 1.4[EB/OL]. Beaverton, Oregon:Trusted Computing Group, [2007-8-2]. http://www.trustedcomputinggroup.org/resources/tcg_architecture_overview_version_14.
TCG.2010a. Trusted Computing Group可信计算组[EB/OL]. Beaverton, Oregon:Trusted Computing Group, [2010-4-5]. http://www.trustedcomputinggroup.org/cn.
TCG.2010b. Resources of Trusted Computing Group[EB/OL]. Beaverton, Oregon:Trusted Computing Group, [2010-4-5]. http://www.trustedcomputinggroup.org/resources.
Teo L, Sun Y A, Ahn G J.2004. Defeating Internet Attacks Using Risk Awareness and Active Honeypots[C]. Proceedings of the 2nd IEEE International Information Assurance Workshop. Washington, DC, USA:IEEE Computer Society,155-155.
Tian J F, Li J.2009. A Trust Domain-Based Resource Selection Model for Multi-Agent[C]. Proceedings of the 2nd International Symposium on Electronic Commerce and Security Volume 01. Washington, DC:IEEE Computer Society,280-286.
Wagner D, Dean Drew.2001. Intrusion Detection via Static Analysis [C]. Proceedings of the 2001 IEEE Symposium on Security and Privacy. Washington, DC:IEEE Computer Society, 156-169.
Wang W, Guan X H, Zhang X L, et al.2006. Profiling Program Behavior for Anomaly Intrusion Detection Based on The Transition and Frequency Property of Computer Audit Data[J]. Computers & Security,25(5):539-550.
Wei L, Keogh E.2006. Semi-supervised time series classification[C]. Proceedings of the 12th ACM SIGKDD International conference on Knowledge discovery and data mining. New York: ACM,748-753.
Wooldridge M, Jennings N R.1995. Agent theories, architectures, and languages:A survey[C]. Proceedings of the workshop on agent theories, architectures, and languages on Intelligent agents. New York:Springer-Verlag,1-39.
Zadeh L A.1984. Review of Shafer's A Mathematical Theory of Evidence[J]. The AI Magazine, 5(3):84-83.
Zhang F, Zhou S, Qin Z, et al.2003. Honeypot:A supplemented active defense system for network security[C]. Proceedings of the 4th International Conference on Parallel and Distributed Computing, Applications and Technologies. Washington, DC, USA:IEEE Computer Society,231-235.
Zhuang X T, Serrano M J, Cain H W, et al.2006. Accurate, Efficient, and Adaptive Call Context Profiling[C]. Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation. New York:ACM,263-271.
© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号 地址:北京市海淀区学院路29号 邮编:100083 电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700 |