Policy-tree based proactive defense model for network security

Abstract

In-depth defense for network security offers promotion on robusticity and survivability of information system. It prevents attacker from damaging system even he has already broken through one or several but not all layers of the system. Proactive defense integrates in-depth defense and shows the activeness greatly in contrast with traditional defense. It predicts intrusion trend and obtains attacker's information, dynamically evaluates and responds to intrusion. This reflects the counteracting property of security. Formally defined in Z language, policy-tree model for proactive defense is proposed in this paper. Moreover, completeness, correctness and consistency are analyzed. A completely building method, an abstract for correctness validating and an auto consistency checking method on security policy are designed. Policy-tree model gives theoretical and methodological support for proactive defense. © Springer-Verlag 2004.