基于Markov演化博弈的网络防御策略选取方法

doi:10.3969/j.issn.0372-2112.2018.06.033

摘要
图/表
参考文献(0)
相关文章 (15)

全文: PDF (1728 KB) HTML (1 KB)
输出: BibTeX | EndNote (RIS)

摘要当前运用博弈理论的网络安全研究大多采用完全理性假设，本文针对现实社会中攻防双方的有限理性限制条件和攻防过程的动态变化特征，基于非合作演化博弈理论，从有限理性约束出发，将演化博弈模型与Markov决策相结合，构建多阶段Markov攻防演化博弈模型，实现对多阶段、多状态攻防对抗的动态分析推演；依据博弈的折扣总收益设计目标函数，提出多阶段博弈均衡的求解方法，给出最优防御策略选取算法.通过实验验证了模型和方法的有效性.

	服务

	把本文推荐给朋友
	加入我的书架
	加入引用管理器
	E-mail Alert
	RSS
	作者相关文章
	张恒巍
	黄健明

关键词 ：网络安全, 网络攻防, 博弈论, 有限理性, 演化博弈, 网络防御, Markov决策, 多阶段最优防御

Abstract：Most research of network security based on the traditional game theory use completely rational assumption.For the condition of bounded rationality and the characteristic of dynamic changing process,we combined the evolutionary game model with Markov decision-making process based on the theory of non-cooperative evolutionary game,which is on the restraint of bounded rationality.Thus we constructed a multi-stage Markov attack-defense evolutionary game model to achieve multi-stage and multi-state dynamic analysis and evolution.Besides,on the basis of the sum discount payoffs to design objective function,the method to solve the evolutionary stable equilibrium was proposed,and the optimal defense strategy selection algorithm was provided.Finally,the validity of the model and method is validated by numerical simulation.

Key words： network security network attack-defense game theory bounded rationality evolutionary game network defense Markov decision-making multi-stage optimal defense

收稿日期: 2017-01-16 出版日期: 2017-03-17

ZTFLH:

TP309

基金资助:国家自然科学基金（No.61303074，No.61309013）；信息保障技术重点实验室开放基金（No.KJ-15-110）

通讯作者: 黄健明 E-mail: hjm-i-jbb@126.com

作者简介: 张恒巍,男,1978年出生,河南洛阳人,博士,信息工程大学副教授,主要研究方向为网络安全与攻防对抗、信息安全风险评估.E-mail:zhw11qd@126.com

引用本文:

张恒巍, 黄健明. 基于Markov演化博弈的网络防御策略选取方法[J]. 电子学报, 2018, 46(6): 1503-1509. ZHANG Heng-wei, HUANG Jian-ming. Network Defense Strategy Selection Method Based on Markov Evolutionary Game. Acta Electronica Sinica, 2018, 46(6): 1503-1509.

链接本文:

http://www.ejournal.org.cn/CN/10.3969/j.issn.0372-2112.2018.06.033 或 http://www.ejournal.org.cn/CN/Y2018/V46/I6/1503

[1] 方滨兴.从层次角度看网络空间安全技术的覆盖领域[J].网络与信息安全学报,2015,1(1):1-6. FANG Bing-xing.A hierarchy model on the research fields of cyberspace security technology[J].Chinese Journal of Network and Information Security,2015,1(1):1-6.(in Chinese)
[2] Gordon L,Loeb M.Budgeting process for information security expenditures[J].Communications of ACM,2016,49(9):121-125.
[3] Drew Fudenberg,Jean Tirole.Game Theory[M].Boston:Massachusetts Institute of Technology Press,2012.
[4] 朱建明,王秦.基于博弈论的网络空间安全若干问题分析[J].网络与信息安全学报,2015,1(1):43-49. ZHU Jian-ming,WANG Qin.Analysis of cyberspace security based on game theory[J].Chinese Journal of Network and Information Security,2015,1(1):43-49.(in Chinese)
[5] Lye K W,Jeannette W.Markov game strategies in network security[J].Information Security,2005,24(1):71-86.
[6] 余定坤,王晋东,张恒巍.静态贝叶斯博弈主动防御策略选取方法[J].西安电子科技大学学报,2016,43(1):163-169. YU Ding-kun,WANG Jin-dong,ZHANG Heng-wei.Active defense strategy selection based on static Bayesian game[J].Journal of Xidian University,2016,43(1):163-169.(in Chinese)
[7] 林旺群,王慧,刘家红.基于非合作动态博弈的网络安全主动防御技术研究[J].计算机研究与发展,2013,48(2):306-316. LIN Wang-qun,WANG Hui,LIU Jia-hong.Research on active defense technology in network security based on non-cooperative dynamic game theory[J].Journal of Computer Research and Development,2013,48(2):306-316.(in Chinese)
[8] 张恒巍,王晋东,李涛.基于攻防信号博弈模型的防御策略选取方法[J].通信学报,2016,37(5):32-43. ZHANG Heng-wei,WANG Jin-dong,Li Tao.Defense policies selection method based on attack-defense signaling game model[J].Journal on Communications,2016,37(5):32-43.(in Chinese)
[9] 张恒巍,李涛.基于多阶段攻防信号博弈的最优主动防御[J].电子学报,2017,45(2):431-439. ZHANG Heng-wei,LI Tao.Optimal active defense based on multi-stage attack-defense signaling game[J].Acta Electronica Sinica,2017,45(2):431-439.(in Chinese)
[10] 王元卓,于建业,邱雯.网络群体行为的演化博弈模型与分析方法[J].计算机学报,2015,38(2):282-300. WANG Yuan-zhuo,YU Jian-ye,QIU Wen.Evolutionary game model and analysis methods for network group behavior[J].Chinese Journal of Computers,2015,38(2):282-300.(in Chinese)
[11] 朱建明,宋彪,黄启发.基于系统动力学的网络安全攻防演化博弈模型[J].通信学报,2014,35(1):54-61. ZHU Jian-ming,SONG Biao,HUANG Qi-fa.Evolution game model of offense-defense for network security based on system dynamics[J].Journal on Communications,2014,35(1):54-61.(in Chinese)
[12] SUN Wei,KONG Xiangwei,HE Dequan.Research on attack and deference in information security based on evolutionary game[J].Information Science,2016,27(9),1408-1412.
[13] LIU Fengming,DING Yongsheng.Dynamics analysis of evolutionary game-based trust computing for P2P networks[J].Application Research of Computers,2016,33(8):2460-2463.
[14] 姜伟,方滨兴,田志宏.基于攻防随机博弈模型的防御策略选取研究[J].计算机研究与发展,2013,47(10):1714-1723. JIANG Wei,FANG Bing-xing,TIAN Zhi-hong.Research on defense strategies selection based on attack-defense stochastic game model[J].Journal of Computer Research and Development,2013,47(10):1714-1723.(in Chinese)
[15] 王元卓,林闯,程学旗,等.基于随机博弈模型的网络攻防量化分析方法[J].计算机学报,2013,33(9):1748-1764. WANG Yuanzhuo,LIN Chuang,CHENG Xueqi,et al.Analysis for network attack-defense based on stochastic game model[J].Chinese Journal of Computers,2013,33(9):1748-1764.(in Chinese)
[16] Herbert Gintis.Game Theory Evolving[M].Boston:Priceton University Press,2015.
[17] 方兆本,廖伯其.随机过程[M].北京:科学出版社,2015. FANG Zhao-ben,LIAO Bo-qi.Stochastic Process[M].Beijing:China Science Press,2015.(in Chinese)
[18] 张勇.基于Markov博弈模型的网络安全态势感知方法[J].软件学报,2016,22(3):495-508. ZHANG Yong.Network security situation awareness approach based on Markov game model[J].Journal of Software,2016,22(3):495-508.(in Chinese)
[19] Borkovsky R N,Doraszelski U,Kryukov Y.A user's guide to solving dynamic stochastic games using the homotopy method[J].Operation Research,2015,58(4):1116-1132.
[20] Doraszelski U,Escobar J F.A theory of regular Markov perfect equilibria in dynamic stochastic games genericity,stability and purification[J].Theoretical Economics,2015,5(2):369-402.
[21] Nilim A,Ghaoui L E.Robust control of Markov decision processes with uncertain transition matrices[J].Operations Research,2016,53(5):780-798.
[22] China National Vulnerability Database of Information Security[DB/OL].http://www.cnnvd.org.cn,2015-05-23/2016-10-26.
[23] Maleki H,Valizadeh M H,Koch W,et al.Markov modeling of moving target defense games[J].Cryptology and Security Engineering,2016,29(10):47-83.
[24] 张恒巍,余定坤.信号博弈网络安全威胁评估方法[J],西安电子科技大学学报,2016,43(3):137-143. ZHANG Heng-wei,YU Ding-kun.Network security threat assessment based on signaling game[J].Journal of Xidian University,2016,43(3):137-143.(in Chinese)