电子学报 ›› 2018, Vol. 46 ›› Issue (6): 1503-1509.DOI: 10.3969/j.issn.0372-2112.2018.06.033

• 学术论文 • 上一篇    下一篇

基于Markov演化博弈的网络防御策略选取方法

张恒巍1,2, 黄健明1   

  1. 1. 信息工程大学三院, 河南郑州 450001;
    2. 信息保障技术重点实验室, 北京 100093
  • 收稿日期:2017-01-16 修回日期:2017-03-23 出版日期:2018-06-25
    • 通讯作者:
    • 黄健明
    • 作者简介:
    • 张恒巍,男,1978年出生,河南洛阳人,博士,信息工程大学副教授,主要研究方向为网络安全与攻防对抗、信息安全风险评估.E-mail:zhw11qd@126.com
    • 基金资助:
    • 国家自然科学基金 (No.61303074,No.61309013); 信息保障技术重点实验室开放基金 (No.KJ-15-110)

Network Defense Strategy Selection Method Based on Markov Evolutionary Game

ZHANG Heng-wei1,2, HUANG Jian-ming1   

  1. 1. The Third Institute, Information Engineering University. Zhengzhou, Henan 450001, China;
    2. Science and Technology on Information Assurance Laboratory, Beijing 100093, China
  • Received:2017-01-16 Revised:2017-03-23 Online:2018-06-25 Published:2018-06-25
    • Supported by:
    • National Natural Science Foundation of China (No.61303074, No.61309013); Open Fund of Key Laboratory of Information Assurance Technology (No.KJ-15-110)

摘要: 当前运用博弈理论的网络安全研究大多采用完全理性假设,本文针对现实社会中攻防双方的有限理性限制条件和攻防过程的动态变化特征,基于非合作演化博弈理论,从有限理性约束出发,将演化博弈模型与Markov决策相结合,构建多阶段Markov攻防演化博弈模型,实现对多阶段、多状态攻防对抗的动态分析推演;依据博弈的折扣总收益设计目标函数,提出多阶段博弈均衡的求解方法,给出最优防御策略选取算法.通过实验验证了模型和方法的有效性.

关键词: 网络安全, 网络攻防, 博弈论, 有限理性, 演化博弈, 网络防御, Markov决策, 多阶段最优防御

Abstract: Most research of network security based on the traditional game theory use completely rational assumption.For the condition of bounded rationality and the characteristic of dynamic changing process,we combined the evolutionary game model with Markov decision-making process based on the theory of non-cooperative evolutionary game,which is on the restraint of bounded rationality.Thus we constructed a multi-stage Markov attack-defense evolutionary game model to achieve multi-stage and multi-state dynamic analysis and evolution.Besides,on the basis of the sum discount payoffs to design objective function,the method to solve the evolutionary stable equilibrium was proposed,and the optimal defense strategy selection algorithm was provided.Finally,the validity of the model and method is validated by numerical simulation.

Key words: network security, network attack-defense, game theory, bounded rationality, evolutionary game, network defense, Markov decision-making, multi-stage optimal defense

中图分类号: