| 题名 |
以彩色Petri網分析客戶端面對勒索病毒攻擊之行為模式 |
| DOI |
10.29428/9789860544169.201801.0160 |
| 作者 |
陳興忠;莊栢瑞;郭錫勳 |
| 关键词 |
勒索病毒 ; 網路犯罪 ; 網路安全 ; Colored Petri Net ; 區塊鏈 ; Ransomware ; Computer crime ; Cybersecurity ; Colored Petri Net ; Blockchain |
| 期刊名称 |
NCS 2017 全國計算機會議 |
| 卷期/出版年月 |
2017(2018 / 01 / 01) |
| 页次 |
855 - 860 |
| 内容语文 |
繁體中文 |
| 中文摘要 |
於1962 年,Carl Adam Petri 所提出名為“Communication With Automata”在博士論文中首先提出了Petri 網的觀念[3]。自此之後,持續的研究與改良成為現今各種的Petri 網應用,使得Petri 網發展成為一個廣泛被使用於控制流程的建模工具。Petri 網的特點是具有方向性、可雙向具基於條件控制的系統流程圖。由於基於金融科技區塊鏈技術下的各種線上虛擬貨幣的盛行-例如數位貨幣比特幣,新的網路犯罪也利用各種相關平台已取得不法財物,例如勒索軟體。因此,在本篇論文中,我們使用彩色Petri 網(CPN)分析客戶端面對勒索病毒攻擊之行為模式,並進一步提出模擬勒索病毒進行之狀態改變與客戶端若具備資訊安全素養時的兩個面向的案例探討。本文的貢獻如下:利用彩色Petri 網(CPN)分析與描述勒索病毒攻擊時的情境,從而給出適當的以及足夠的資訊安全素養教育訓練能得到更強健的個人防衛能力。最後,可藉由彩色標記(token)的轉移情形來分析並掌控勒索病毒的下一步攻擊的目標,提供客戶端面對勒索病毒時處理該攻擊之方法。 |
| 英文摘要 |
The concept of Petri net is first proposed by Carl Adam Petri in 1962. Nowadays, a variety of Petri nets come from sustained research and refinements that have made Petri nets a modeling tool widely used in control processes. Petri nets have characteristics of directional and bi-directional system flowcharts based on conditional control. Due to the gain popularity of various online virtual currencies, e.g. digital currency bitcoin, under the financial technology blockchain technology, the new cybercrime has also exploited various related platforms to obtain unlawful possessions such as ransomware. In this paper, Color Petri Net (CPN) are employed to analyze patterns of client behavior when encounter ransomware attacks. Furthermore, two case studies are discussed. First, the state changes of ransomware is analyzed and explained. Second, the behavior of client having enough information security ability. The contribution of this paper is as follows: the use of Color Petri Net (CPN) to analyze and describe the situation of ransomware attacks, and appropriate and sufficient training programs will be given to enhance individual defense capabilities. Finally, the target of the next attack by ransomware can be analyzed and controlled through the transfer of colored token. The method to deal with ransomeware attacks are also provided for the client. |
| 主题分类 |
基礎與應用科學 >
資訊科學 |
