基于Markov演化博弈的网络防御策略选取方法

doi:10.3969/j.issn.0372-2112.2018.06.033

电子学报 ›› 2018, Vol. 46 ›› Issue (6): 1503-1509.DOI: 10.3969/j.issn.0372-2112.2018.06.033

基于Markov演化博弈的网络防御策略选取方法

张恒巍^1,2, 黄健明¹

1. 信息工程大学三院, 河南郑州 450001;
2. 信息保障技术重点实验室, 北京 100093

收稿日期:2017-01-16 修回日期:2017-03-23 出版日期:2018-06-25
- 通讯作者:
- 黄健明
- 作者简介:
- 张恒巍,男,1978年出生,河南洛阳人,博士,信息工程大学副教授,主要研究方向为网络安全与攻防对抗、信息安全风险评估.E-mail:zhw11qd@126.com
- 基金资助:
- 国家自然科学基金 (No.61303074，No.61309013）; 信息保障技术重点实验室开放基金 (No.KJ-15-110）

Network Defense Strategy Selection Method Based on Markov Evolutionary Game

ZHANG Heng-wei^1,2, HUANG Jian-ming¹

1. The Third Institute, Information Engineering University. Zhengzhou, Henan 450001, China;
2. Science and Technology on Information Assurance Laboratory, Beijing 100093, China

Received:2017-01-16 Revised:2017-03-23 Online:2018-06-25 Published:2018-06-25
- Supported by:
- National Natural Science Foundation of China (No.61303074, No.61309013); Open Fund of Key Laboratory of Information Assurance Technology (No.KJ-15-110)

摘要/Abstract

摘要： 当前运用博弈理论的网络安全研究大多采用完全理性假设，本文针对现实社会中攻防双方的有限理性限制条件和攻防过程的动态变化特征，基于非合作演化博弈理论，从有限理性约束出发，将演化博弈模型与Markov决策相结合，构建多阶段Markov攻防演化博弈模型，实现对多阶段、多状态攻防对抗的动态分析推演；依据博弈的折扣总收益设计目标函数，提出多阶段博弈均衡的求解方法，给出最优防御策略选取算法.通过实验验证了模型和方法的有效性.

关键词: 网络安全, 网络攻防, 博弈论, 有限理性, 演化博弈, 网络防御, Markov决策, 多阶段最优防御

Abstract: Most research of network security based on the traditional game theory use completely rational assumption.For the condition of bounded rationality and the characteristic of dynamic changing process,we combined the evolutionary game model with Markov decision-making process based on the theory of non-cooperative evolutionary game,which is on the restraint of bounded rationality.Thus we constructed a multi-stage Markov attack-defense evolutionary game model to achieve multi-stage and multi-state dynamic analysis and evolution.Besides,on the basis of the sum discount payoffs to design objective function,the method to solve the evolutionary stable equilibrium was proposed,and the optimal defense strategy selection algorithm was provided.Finally,the validity of the model and method is validated by numerical simulation.

Key words: network security, network attack-defense, game theory, bounded rationality, evolutionary game, network defense, Markov decision-making, multi-stage optimal defense

中图分类号:

TP309

张恒巍, 黄健明. 基于Markov演化博弈的网络防御策略选取方法[J]. 电子学报, 2018, 46(6): 1503-1509.

ZHANG Heng-wei, HUANG Jian-ming . Network Defense Strategy Selection Method Based on Markov Evolutionary Game[J]. Acta Electronica Sinica, 2018, 46(6): 1503-1509.

参考文献

[1] 方滨兴.从层次角度看网络空间安全技术的覆盖领域[J].网络与信息安全学报,2015,1(1):1-6. FANG Bing-xing.A hierarchy model on the research fields of cyberspace security technology[J].Chinese Journal of Network and Information Security,2015,1(1):1-6.(in Chinese)
[2] Gordon L,Loeb M.Budgeting process for information security expenditures[J].Communications of ACM,2016,49(9):121-125.
[3] Drew Fudenberg,Jean Tirole.Game Theory[M].Boston:Massachusetts Institute of Technology Press,2012.
[4] 朱建明,王秦.基于博弈论的网络空间安全若干问题分析[J].网络与信息安全学报,2015,1(1):43-49. ZHU Jian-ming,WANG Qin.Analysis of cyberspace security based on game theory[J].Chinese Journal of Network and Information Security,2015,1(1):43-49.(in Chinese)
[5] Lye K W,Jeannette W.Markov game strategies in network security[J].Information Security,2005,24(1):71-86.
[6] 余定坤,王晋东,张恒巍.静态贝叶斯博弈主动防御策略选取方法[J].西安电子科技大学学报,2016,43(1):163-169. YU Ding-kun,WANG Jin-dong,ZHANG Heng-wei.Active defense strategy selection based on static Bayesian game[J].Journal of Xidian University,2016,43(1):163-169.(in Chinese)
[7] 林旺群,王慧,刘家红.基于非合作动态博弈的网络安全主动防御技术研究[J].计算机研究与发展,2013,48(2):306-316. LIN Wang-qun,WANG Hui,LIU Jia-hong.Research on active defense technology in network security based on non-cooperative dynamic game theory[J].Journal of Computer Research and Development,2013,48(2):306-316.(in Chinese)
[8] 张恒巍,王晋东,李涛.基于攻防信号博弈模型的防御策略选取方法[J].通信学报,2016,37(5):32-43. ZHANG Heng-wei,WANG Jin-dong,Li Tao.Defense policies selection method based on attack-defense signaling game model[J].Journal on Communications,2016,37(5):32-43.(in Chinese)
[9] 张恒巍,李涛.基于多阶段攻防信号博弈的最优主动防御[J].电子学报,2017,45(2):431-439. ZHANG Heng-wei,LI Tao.Optimal active defense based on multi-stage attack-defense signaling game[J].Acta Electronica Sinica,2017,45(2):431-439.(in Chinese)
[10] 王元卓,于建业,邱雯.网络群体行为的演化博弈模型与分析方法[J].计算机学报,2015,38(2):282-300. WANG Yuan-zhuo,YU Jian-ye,QIU Wen.Evolutionary game model and analysis methods for network group behavior[J].Chinese Journal of Computers,2015,38(2):282-300.(in Chinese)
[11] 朱建明,宋彪,黄启发.基于系统动力学的网络安全攻防演化博弈模型[J].通信学报,2014,35(1):54-61. ZHU Jian-ming,SONG Biao,HUANG Qi-fa.Evolution game model of offense-defense for network security based on system dynamics[J].Journal on Communications,2014,35(1):54-61.(in Chinese)
[12] SUN Wei,KONG Xiangwei,HE Dequan.Research on attack and deference in information security based on evolutionary game[J].Information Science,2016,27(9),1408-1412.
[13] LIU Fengming,DING Yongsheng.Dynamics analysis of evolutionary game-based trust computing for P2P networks[J].Application Research of Computers,2016,33(8):2460-2463.
[14] 姜伟,方滨兴,田志宏.基于攻防随机博弈模型的防御策略选取研究[J].计算机研究与发展,2013,47(10):1714-1723. JIANG Wei,FANG Bing-xing,TIAN Zhi-hong.Research on defense strategies selection based on attack-defense stochastic game model[J].Journal of Computer Research and Development,2013,47(10):1714-1723.(in Chinese)
[15] 王元卓,林闯,程学旗,等.基于随机博弈模型的网络攻防量化分析方法[J].计算机学报,2013,33(9):1748-1764. WANG Yuanzhuo,LIN Chuang,CHENG Xueqi,et al.Analysis for network attack-defense based on stochastic game model[J].Chinese Journal of Computers,2013,33(9):1748-1764.(in Chinese)
[16] Herbert Gintis.Game Theory Evolving[M].Boston:Priceton University Press,2015.
[17] 方兆本,廖伯其.随机过程[M].北京:科学出版社,2015. FANG Zhao-ben,LIAO Bo-qi.Stochastic Process[M].Beijing:China Science Press,2015.(in Chinese)
[18] 张勇.基于Markov博弈模型的网络安全态势感知方法[J].软件学报,2016,22(3):495-508. ZHANG Yong.Network security situation awareness approach based on Markov game model[J].Journal of Software,2016,22(3):495-508.(in Chinese)
[19] Borkovsky R N,Doraszelski U,Kryukov Y.A user's guide to solving dynamic stochastic games using the homotopy method[J].Operation Research,2015,58(4):1116-1132.
[20] Doraszelski U,Escobar J F.A theory of regular Markov perfect equilibria in dynamic stochastic games genericity,stability and purification[J].Theoretical Economics,2015,5(2):369-402.
[21] Nilim A,Ghaoui L E.Robust control of Markov decision processes with uncertain transition matrices[J].Operations Research,2016,53(5):780-798.
[22] China National Vulnerability Database of Information Security[DB/OL].http://www.cnnvd.org.cn,2015-05-23/2016-10-26.
[23] Maleki H,Valizadeh M H,Koch W,et al.Markov modeling of moving target defense games[J].Cryptology and Security Engineering,2016,29(10):47-83.
[24] 张恒巍,余定坤.信号博弈网络安全威胁评估方法[J],西安电子科技大学学报,2016,43(3):137-143. ZHANG Heng-wei,YU Ding-kun.Network security threat assessment based on signaling game[J].Journal of Xidian University,2016,43(3):137-143.(in Chinese)

基于Markov演化博弈的网络防御策略选取方法

Network Defense Strategy Selection Method Based on Markov Evolutionary Game

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

[1]	张清华, 黄志康, 高满, 艾志华. 基于不确定性与错误分类率博弈的序贯三支决策模型[J]. 电子学报, 2022, 50(5): 1033-1041.
[2]	王刚, 陆世伟, 冯云, 刘文斌, 马润年. 网络节点增减下的潜伏型病毒传播行为建模研究[J]. 电子学报, 2022, 50(2): 273-283.
[3]	蒋侣, 张恒巍, 王晋东. 基于多阶段Markov信号博弈的移动目标防御最优决策方法[J]. 电子学报, 2021, 49(3): 527-535.
[4]	黄美根, 郁滨. 软件定义WSN规则一致更新研究[J]. 电子学报, 2019, 47(9): 1965-1971.
[5]	罗睿辞, 叶蔚, 刘学洋, 孙基男, 张世琨. 基于拥塞博弈的微服务运行时资源管理方法[J]. 电子学报, 2019, 47(7): 1497-1505.
[6]	李艳, 王纯子, 黄光球, 赵旭, 张斌, 李盈超. 网络安全态势感知分析框架与实现方法比较[J]. 电子学报, 2019, 47(4): 927-945.
[7]	张恒巍, 黄世锐. Markov微分博弈模型及其在网络安全中的应用[J]. 电子学报, 2019, 47(3): 606-612.
[8]	李秋贤, 田有亮, 王缵. 基于全同态加密的理性委托计算协议[J]. 电子学报, 2019, 47(2): 470-474.
[9]	肖海林, 吴彬, 张中山. C-V2X下车载安全数据两阶段组播的中继选择与功耗分析[J]. 电子学报, 2019, 47(11): 2248-2255.
[10]	王鹏超, 陈福才, 程国振, 陈扬, 谷允捷. 软件定义的L2/L3地址协同拟态伪装策略研究[J]. 电子学报, 2019, 47(10): 2032-2039.
[11]	黄健明, 张恒巍. 基于随机演化博弈模型的网络防御策略选取方法[J]. 电子学报, 2018, 46(9): 2222-2228.
[12]	张恒巍, 李涛, 黄世锐. 基于攻防微分博弈的网络安全防御决策方法[J]. 电子学报, 2018, 46(6): 1428-1435.
[13]	汪志勇, 张沪寅, 徐宁, 郝圣. 认知无线电网络中基于随机学习博弈的信道分配与功率控制[J]. 电子学报, 2018, 46(12): 2870-2877.
[14]	李立勋, 张斌, 董书琴, 唐慧林. 基于脆弱性变换的网络动态防御有效性分析方法[J]. 电子学报, 2018, 46(12): 3014-3020.
[15]	于建业, 王元卓, 靳小龙, 程学旗. 基于社交演化博弈的社交网络用户信息分享行为演化分析[J]. 电子学报, 2018, 46(1): 223-229.