基于攻防微分博弈的网络安全防御决策方法

doi:10.3969/j.issn.0372-2112.2018.06.023

电子学报 ›› 2018, Vol. 46 ›› Issue (6): 1428-1435.DOI: 10.3969/j.issn.0372-2112.2018.06.023

基于攻防微分博弈的网络安全防御决策方法

张恒巍^1,2, 李涛¹, 黄世锐¹

1. 信息工程大学三院, 河南郑州 450001;
2. 信息保障技术重点实验室, 北京 100093

收稿日期:2016-12-18 修回日期:2017-03-22 出版日期:2018-06-25
- 通讯作者:
- 李涛
- 作者简介:
- 张恒巍,男,1978年出生,河南洛阳人,博士,信息工程大学副教授,研究方向为网络安全与攻防对抗、信息安全风险评估.E-mail:zhw11qd@126.com;黄世锐,男,1994年出生,广东汕头人,信息工程大学硕士研究生,研究方向为网络安全行为分析.E-mail:hsrfzhac@qq.com
- 基金资助:
- 国家自然科学基金 (No.61303074，No.61309013）; 信息保障技术重点实验室开放基金 (No.KJ-15-110）

Network Defense Decision-Making Method Based on Attack-Defense Differential Game

ZHANG Heng-wei^1,2, LI Tao¹, HUANG Shi-rui¹

1. The Third Institute, Information Engineering University, Zhengzhou, Henan 450001, China;
2. Science and Technology on Information Assurance Laboratory, Beijing 100093, China

Received:2016-12-18 Revised:2017-03-22 Online:2018-06-25 Published:2018-06-25
- Corresponding author:
- LI Tao
- Supported by:
- National Natural Science Foundation of China (No.61303074, No.61309013); Open Fund of Key Laboratory of Information Assurance Technology (No.KJ-15-110)

摘要/Abstract

摘要： 为准确分析快速变化和连续对抗的网络攻防行为，借鉴传染病动力学理论，提出安全状态演化模型分析网络系统安全状态的变化过程.在此基础上，构建攻防微分博弈模型，设计鞍点策略的求解方法，并以此为依据给出最优防御策略选取算法，实现在动态连续攻防过程中的实时最优防御决策.通过仿真实验验证了模型和算法的有效性，并在分析实验数据的基础上提出了针对性的网络防御建议.

关键词: 网络安全, 网络攻防, 安全状态演化, 博弈论, 微分博弈, 网络防御, 攻防行为分析, 最优策略选取

Abstract: To precisely analyze the quick status transformation and continuous confrontation in network,the security status transformation model is formulated to analyze the transformation of network security status,referring to the infectious disease dynamics.Based on the mentioned above,the attack-defense differential game model is formulated in the paper.Then saddle point strategies of the game model are figured out,through which the algorithm of optimal defense strategies selection in the consistent confrontation is given,which could help make optimal defense decision in dynamic and continuous attack-defense confrontation.Finally,the experimental results show model and method proposed in this paper are valid,and some instructive conclusions on network defense are drawn by the experimental analysis.

Key words: network security, network attack and defense, security status transformation, game theory, differential game, network defense, attack-defense analysis, optimal strategies selection

中图分类号:

TP309

张恒巍, 李涛, 黄世锐. 基于攻防微分博弈的网络安全防御决策方法[J]. 电子学报, 2018, 46(6): 1428-1435.

ZHANG Heng-wei, LI Tao, HUANG Shi-rui . Network Defense Decision-Making Method Based on Attack-Defense Differential Game[J]. Acta Electronica Sinica, 2018, 46(6): 1428-1435.

参考文献

[1] Gordon L,Loeb M.Budgeting process for information security expenditures[J].Communications of the ACM,2016,49(10):121-125.
[2] 王元卓,于建业,邱雯.网络群体行为的演化博弈模型与分析方法[J].计算机学报,2015,38(2):282-300. WANG Yuan-zhuo,YU Jian-ye,QIU Wen.Evolutionary game model and analysis methods for network group behavior[J].Chinese Journal of Computers,2015,38(2):282-300.(in Chinese)
[3] 姜伟,方滨兴,田志宏.基于攻防博弈模型的网络安全测评和最优主动防御[J].计算机学报,2013,32(4):818-827. JIANG Wei,FANG Bing-xing.Defense strategies selection based on attack-defense game model[J].Chinese Journal of Computers,2013,47(12):818-827.(in Chinese)
[4] 余定坤,王晋东.静态贝叶斯博弈主动防御策略选取方法[J].西安电子科技大学学报,2016,43(1):163-169. YU Ding-kun,WANG Jin-dong.Active defense strategy selection based on static Bayesian game[J].Journal of Xidian University,2016,43(1):163-169.(in Chinese)
[5] WANG Yuan-zhuo,LIN Chuang,CHENG Xue-Qi,FANG Bing-xing.Evolutionary game model and analysis methods for network group behavior[J].Journal of Computer Science and Technology,2014,38(2):282-300.
[6] Wang Chun-lei,Miao Qing,Dai Yi-qi.Network survivability analysis based on stochastic game model[J].Multimedia Information Networking and Security,2015,55(10):199-204.
[7] 张恒巍,余定坤.信号博弈网络安全威胁评估方法[J],西安电子科技大学学报,2016,43(3):137-143. ZHANG Heng-wei,YU Ding-kun.Network security threat assessment based on signaling game[J].Journal of Xidian University,2016,43(3):137-143.(in Chinese)
[8] 张恒巍,王晋东,李涛.基于攻防信号博弈模型的防御策略选取方法[J].通信学报,2016,37(5):32-43. ZHANG Heng-wei,WANG Jin-dong,LI Tao.Defense policies selection method based on attack-defense signaling game model[J].Journal on Communications,2016,37(5):32-43.(in Chinese)
[9] SHEN S G,LI Y J,XU H Y.Signaling game based strategy of intrusion detection in wireless sensor networks[J].Computers & Mathematics with Applications,2015,62(6):2404-2416.
[10] Doraszel A.Preventing DDoS attacks in wireless sensor networks:a repeated game theory approach[J].ACM Transactions on Information and System Security,2015,13(2):145-153.
[11] 张恒巍,李涛.基于多阶段攻防信号博弈的最优主动防御[J].电子学报,2017,45(2):431-439. ZHANG Heng-wei,LI Tao.Optimal active defense based on multi-stage attack-defense signaling game[J].Acta electronica Sinica,2017,45(2):431-439.(in Chinese)
[12] 范红旗,王胜,付强.离散时间二人随机微分对策问题信息模式的数学描述[J].电子学报,2015,43(2):1355-1361. FAN Hong-qi,WANG Sheng,FU Qiang.Mathematical descriptionfor information pattern of stochastic differential games[J].Acta Electronica Sinica,2015,42(2):1355-1361.(in Chinese)
[13] Martin A Nowak.Evolutionary Dynamics:Exploring the Equations of Life[M].Boston:Harvard University Press,2013.
[14] David W K Yeung,Leon A Petrosyan.Differential Games Theory[M].New York:Springer Press,2014.
[15] Gordon L,Loeb M,Lucyshyn W,Richardson R.2015 CSI/FBI computer crime and security survey[A].Proceedings of the 2015 Computer Security Institute[C].San Francisco,USA:IEEE Press,2015.48-64.
[16] Maleki H,Valizadeh M,Koch W.Scalable simulation framework on network[DB/OL].http://www.ssfnet.org,2012-11-08/2016-09-23.
[17] Moore D,Shannon C,Voelker GM.Internet quarantine:Requirements for containing self-propagating code[A].Proceedings of the 22th International Conference of the IEEE Computer and Communications Societies[C].Houston,USA:IEEE Press,2015.169-179.

基于攻防微分博弈的网络安全防御决策方法

Network Defense Decision-Making Method Based on Attack-Defense Differential Game

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

[1]	张清华, 黄志康, 高满, 艾志华. 基于不确定性与错误分类率博弈的序贯三支决策模型[J]. 电子学报, 2022, 50(5): 1033-1041.
[2]	王刚, 陆世伟, 冯云, 刘文斌, 马润年. 网络节点增减下的潜伏型病毒传播行为建模研究[J]. 电子学报, 2022, 50(2): 273-283.
[3]	蒋侣, 张恒巍, 王晋东. 基于多阶段Markov信号博弈的移动目标防御最优决策方法[J]. 电子学报, 2021, 49(3): 527-535.
[4]	黄美根, 郁滨. 软件定义WSN规则一致更新研究[J]. 电子学报, 2019, 47(9): 1965-1971.
[5]	罗睿辞, 叶蔚, 刘学洋, 孙基男, 张世琨. 基于拥塞博弈的微服务运行时资源管理方法[J]. 电子学报, 2019, 47(7): 1497-1505.
[6]	李艳, 王纯子, 黄光球, 赵旭, 张斌, 李盈超. 网络安全态势感知分析框架与实现方法比较[J]. 电子学报, 2019, 47(4): 927-945.
[7]	张恒巍, 黄世锐. Markov微分博弈模型及其在网络安全中的应用[J]. 电子学报, 2019, 47(3): 606-612.
[8]	李秋贤, 田有亮, 王缵. 基于全同态加密的理性委托计算协议[J]. 电子学报, 2019, 47(2): 470-474.
[9]	王鹏超, 陈福才, 程国振, 陈扬, 谷允捷. 软件定义的L2/L3地址协同拟态伪装策略研究[J]. 电子学报, 2019, 47(10): 2032-2039.
[10]	黄健明, 张恒巍. 基于随机演化博弈模型的网络防御策略选取方法[J]. 电子学报, 2018, 46(9): 2222-2228.
[11]	张恒巍, 黄健明. 基于Markov演化博弈的网络防御策略选取方法[J]. 电子学报, 2018, 46(6): 1503-1509.
[12]	李立勋, 张斌, 董书琴, 唐慧林. 基于脆弱性变换的网络动态防御有效性分析方法[J]. 电子学报, 2018, 46(12): 3014-3020.
[13]	汪志勇, 张沪寅, 徐宁, 郝圣. 认知无线电网络中基于随机学习博弈的信道分配与功率控制[J]. 电子学报, 2018, 46(12): 2870-2877.
[14]	张恒巍, 李涛. 基于多阶段攻防信号博弈的最优主动防御[J]. 电子学报, 2017, 45(2): 431-439.
[15]	陈白, 辛敏洁, 刘伟静, 姚宁, 郝晓辰, 汝小月. 一种基于链路质量的自维护拓扑控制博弈算法[J]. 电子学报, 2016, 44(9): 2227-2234.