电子学报 ›› 2018, Vol. 46 ›› Issue (6): 1428-1435.DOI: 10.3969/j.issn.0372-2112.2018.06.023

• 学术论文 • 上一篇    下一篇

基于攻防微分博弈的网络安全防御决策方法

张恒巍1,2, 李涛1, 黄世锐1   

  1. 1. 信息工程大学三院, 河南郑州 450001;
    2. 信息保障技术重点实验室, 北京 100093
  • 收稿日期:2016-12-18 修回日期:2017-03-22 出版日期:2018-06-25
    • 通讯作者:
    • 李涛
    • 作者简介:
    • 张恒巍,男,1978年出生,河南洛阳人,博士,信息工程大学副教授,研究方向为网络安全与攻防对抗、信息安全风险评估.E-mail:zhw11qd@126.com;黄世锐,男,1994年出生,广东汕头人,信息工程大学硕士研究生,研究方向为网络安全行为分析.E-mail:hsrfzhac@qq.com
    • 基金资助:
    • 国家自然科学基金 (No.61303074,No.61309013); 信息保障技术重点实验室开放基金 (No.KJ-15-110)

Network Defense Decision-Making Method Based on Attack-Defense Differential Game

ZHANG Heng-wei1,2, LI Tao1, HUANG Shi-rui1   

  1. 1. The Third Institute, Information Engineering University, Zhengzhou, Henan 450001, China;
    2. Science and Technology on Information Assurance Laboratory, Beijing 100093, China
  • Received:2016-12-18 Revised:2017-03-22 Online:2018-06-25 Published:2018-06-25
    • Corresponding author:
    • LI Tao
    • Supported by:
    • National Natural Science Foundation of China (No.61303074, No.61309013); Open Fund of Key Laboratory of Information Assurance Technology (No.KJ-15-110)

摘要: 为准确分析快速变化和连续对抗的网络攻防行为,借鉴传染病动力学理论,提出安全状态演化模型分析网络系统安全状态的变化过程.在此基础上,构建攻防微分博弈模型,设计鞍点策略的求解方法,并以此为依据给出最优防御策略选取算法,实现在动态连续攻防过程中的实时最优防御决策.通过仿真实验验证了模型和算法的有效性,并在分析实验数据的基础上提出了针对性的网络防御建议.

关键词: 网络安全, 网络攻防, 安全状态演化, 博弈论, 微分博弈, 网络防御, 攻防行为分析, 最优策略选取

Abstract: To precisely analyze the quick status transformation and continuous confrontation in network,the security status transformation model is formulated to analyze the transformation of network security status,referring to the infectious disease dynamics.Based on the mentioned above,the attack-defense differential game model is formulated in the paper.Then saddle point strategies of the game model are figured out,through which the algorithm of optimal defense strategies selection in the consistent confrontation is given,which could help make optimal defense decision in dynamic and continuous attack-defense confrontation.Finally,the experimental results show model and method proposed in this paper are valid,and some instructive conclusions on network defense are drawn by the experimental analysis.

Key words: network security, network attack and defense, security status transformation, game theory, differential game, network defense, attack-defense analysis, optimal strategies selection

中图分类号: