基于攻防微分博弈的网络安全防御决策方法

doi:10.3969/j.issn.0372-2112.2018.06.023

摘要
图/表
参考文献(0)
相关文章 (15)

全文: PDF (2912 KB) HTML (1 KB)
输出: BibTeX | EndNote (RIS)

摘要为准确分析快速变化和连续对抗的网络攻防行为，借鉴传染病动力学理论，提出安全状态演化模型分析网络系统安全状态的变化过程.在此基础上，构建攻防微分博弈模型，设计鞍点策略的求解方法，并以此为依据给出最优防御策略选取算法，实现在动态连续攻防过程中的实时最优防御决策.通过仿真实验验证了模型和算法的有效性，并在分析实验数据的基础上提出了针对性的网络防御建议.

	服务

	把本文推荐给朋友
	加入我的书架
	加入引用管理器
	E-mail Alert
	RSS
	作者相关文章
	张恒巍
	李涛
	黄世锐

关键词 ：网络安全, 网络攻防, 安全状态演化, 博弈论, 微分博弈, 网络防御, 攻防行为分析, 最优策略选取

Abstract：To precisely analyze the quick status transformation and continuous confrontation in network,the security status transformation model is formulated to analyze the transformation of network security status,referring to the infectious disease dynamics.Based on the mentioned above,the attack-defense differential game model is formulated in the paper.Then saddle point strategies of the game model are figured out,through which the algorithm of optimal defense strategies selection in the consistent confrontation is given,which could help make optimal defense decision in dynamic and continuous attack-defense confrontation.Finally,the experimental results show model and method proposed in this paper are valid,and some instructive conclusions on network defense are drawn by the experimental analysis.

Key words： network security network attack and defense security status transformation game theory differential game network defense attack-defense analysis optimal strategies selection

收稿日期: 2016-12-18

ZTFLH:

TP309

基金资助:国家自然科学基金（No.61303074，No.61309013）；信息保障技术重点实验室开放基金（No.KJ-15-110）

通讯作者: 李涛 E-mail: 1527105421@qq.com

作者简介: 张恒巍,男,1978年出生,河南洛阳人,博士,信息工程大学副教授,研究方向为网络安全与攻防对抗、信息安全风险评估.E-mail:zhw11qd@126.com;黄世锐,男,1994年出生,广东汕头人,信息工程大学硕士研究生,研究方向为网络安全行为分析.E-mail:hsrfzhac@qq.com

引用本文:

张恒巍, 李涛, 黄世锐. 基于攻防微分博弈的网络安全防御决策方法[J]. 电子学报, 2018, 46(6): 1428-1435. ZHANG Heng-wei, LI Tao, HUANG Shi-rui. Network Defense Decision-Making Method Based on Attack-Defense Differential Game. Acta Electronica Sinica, 2018, 46(6): 1428-1435.

链接本文:

http://www.ejournal.org.cn/CN/10.3969/j.issn.0372-2112.2018.06.023 或 http://www.ejournal.org.cn/CN/Y2018/V46/I6/1428

[1] Gordon L,Loeb M.Budgeting process for information security expenditures[J].Communications of the ACM,2016,49(10):121-125.
[2] 王元卓,于建业,邱雯.网络群体行为的演化博弈模型与分析方法[J].计算机学报,2015,38(2):282-300. WANG Yuan-zhuo,YU Jian-ye,QIU Wen.Evolutionary game model and analysis methods for network group behavior[J].Chinese Journal of Computers,2015,38(2):282-300.(in Chinese)
[3] 姜伟,方滨兴,田志宏.基于攻防博弈模型的网络安全测评和最优主动防御[J].计算机学报,2013,32(4):818-827. JIANG Wei,FANG Bing-xing.Defense strategies selection based on attack-defense game model[J].Chinese Journal of Computers,2013,47(12):818-827.(in Chinese)
[4] 余定坤,王晋东.静态贝叶斯博弈主动防御策略选取方法[J].西安电子科技大学学报,2016,43(1):163-169. YU Ding-kun,WANG Jin-dong.Active defense strategy selection based on static Bayesian game[J].Journal of Xidian University,2016,43(1):163-169.(in Chinese)
[5] WANG Yuan-zhuo,LIN Chuang,CHENG Xue-Qi,FANG Bing-xing.Evolutionary game model and analysis methods for network group behavior[J].Journal of Computer Science and Technology,2014,38(2):282-300.
[6] Wang Chun-lei,Miao Qing,Dai Yi-qi.Network survivability analysis based on stochastic game model[J].Multimedia Information Networking and Security,2015,55(10):199-204.
[7] 张恒巍,余定坤.信号博弈网络安全威胁评估方法[J],西安电子科技大学学报,2016,43(3):137-143. ZHANG Heng-wei,YU Ding-kun.Network security threat assessment based on signaling game[J].Journal of Xidian University,2016,43(3):137-143.(in Chinese)
[8] 张恒巍,王晋东,李涛.基于攻防信号博弈模型的防御策略选取方法[J].通信学报,2016,37(5):32-43. ZHANG Heng-wei,WANG Jin-dong,LI Tao.Defense policies selection method based on attack-defense signaling game model[J].Journal on Communications,2016,37(5):32-43.(in Chinese)
[9] SHEN S G,LI Y J,XU H Y.Signaling game based strategy of intrusion detection in wireless sensor networks[J].Computers & Mathematics with Applications,2015,62(6):2404-2416.
[10] Doraszel A.Preventing DDoS attacks in wireless sensor networks:a repeated game theory approach[J].ACM Transactions on Information and System Security,2015,13(2):145-153.
[11] 张恒巍,李涛.基于多阶段攻防信号博弈的最优主动防御[J].电子学报,2017,45(2):431-439. ZHANG Heng-wei,LI Tao.Optimal active defense based on multi-stage attack-defense signaling game[J].Acta electronica Sinica,2017,45(2):431-439.(in Chinese)
[12] 范红旗,王胜,付强.离散时间二人随机微分对策问题信息模式的数学描述[J].电子学报,2015,43(2):1355-1361. FAN Hong-qi,WANG Sheng,FU Qiang.Mathematical descriptionfor information pattern of stochastic differential games[J].Acta Electronica Sinica,2015,42(2):1355-1361.(in Chinese)
[13] Martin A Nowak.Evolutionary Dynamics:Exploring the Equations of Life[M].Boston:Harvard University Press,2013.
[14] David W K Yeung,Leon A Petrosyan.Differential Games Theory[M].New York:Springer Press,2014.
[15] Gordon L,Loeb M,Lucyshyn W,Richardson R.2015 CSI/FBI computer crime and security survey[A].Proceedings of the 2015 Computer Security Institute[C].San Francisco,USA:IEEE Press,2015.48-64.
[16] Maleki H,Valizadeh M,Koch W.Scalable simulation framework on network[DB/OL].http://www.ssfnet.org,2012-11-08/2016-09-23.
[17] Moore D,Shannon C,Voelker GM.Internet quarantine:Requirements for containing self-propagating code[A].Proceedings of the 22th International Conference of the IEEE Computer and Communications Societies[C].Houston,USA:IEEE Press,2015.169-179.