基于随机博弈模型的网络攻防策略选取

doi:10.13190/j.jbupt.2014.s1.007

北京邮电大学学报 ›› 2014, Vol. 37 ›› Issue (s1): 35-39.doi: 10.13190/j.jbupt.2014.s1.007

基于随机博弈模型的网络攻防策略选取

付钰¹, 陈永强¹, 吴晓平¹, 宋衍²

1. 海军工程大学信息安全系, 武汉 430033;
2. 信息保障技术重点实验室, 北京 100091

收稿日期:2014-01-26 出版日期:2014-06-28 发布日期:2014-06-28
作者简介:付钰（1982- ），女，博士生，E-mail：fuyu0219@163.com；吴晓平（1961- ），男，教授，博士生导师.
基金资助:
国家自然科学基金项目（71171198，61100042）；海军工程大学基金项目（HGDYDJJ12009）

Network Attack-Defense Strategies Selection Based on Stochastic Game Model

FU Yu¹, CHEN Yong-qiang¹, WU Xiao-ping¹, SONG Yan²

1. Department of Information Security, Naval University of Engineering, Wuhan 430033, China;
2. Information Security Technology Key Laboratory, Beijing 100091, China

Received:2014-01-26 Online:2014-06-28 Published:2014-06-28
Supported by:

摘要/Abstract

摘要：

针对网络攻防过程中无法有效应对攻击意图与策略变化的问题，提出一种基于随机博弈模型的网络安全攻防策略选取方法.将网络安全攻防理解为二人随机博弈问题，以主机脆弱性信息为基础，结合主机重要度与防御措施成功率，生成单一安全属性攻防收益值，根据攻防意图对整体攻防收益进行量化.在此基础上，给出攻防均衡策略选取算法.实例分析表明，所研究的模型与算法在攻防策略选取方面合理、可行.

关键词: 网络安全, 攻防模型, 策略选取, 随机博弈, 脆弱性

Abstract:

Game theory was applied on network defense very well. And static model was used widely in most of the previous studies. However, there shows that such models have not take attack-defense cost into consideration and also cannot follow the evolving of the intention and strategies of attacks. A stochastic game model is proposed based on host vulnerability information. Combining host important degree and success rate of defense measures, attack-defense cost in single security attribute is analyzed, then a cost quantitative method with attack-defense intention is provided. An algorithm for attack-defense equilibrium strategy selection based on those models is proposed. Another example is given to illustrate the efficacy of this model and algorithm.

Key words: network security, attack-defense model, strategies selection, stochastic game, vulnerability

中图分类号:

TP309

付钰, 陈永强, 吴晓平, 宋衍. 基于随机博弈模型的网络攻防策略选取[J]. 北京邮电大学学报, 2014, 37(s1): 35-39.

FU Yu, CHEN Yong-qiang, WU Xiao-ping, SONG Yan. Network Attack-Defense Strategies Selection Based on Stochastic Game Model[J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2014, 37(s1): 35-39.

参考文献

[1] 姜伟, 方滨兴, 田志宏, 等. 基于攻防博弈模型的网络安全测评和最优主动防御[J]. 计算机学报, 2009, 32(4): 817-827. Jiang Wei, Fang Binxing, Tian Zhihong, et al. Evaluating network security and optimal active defense based on attack-defense game model[J]. Chinese Journal of Computers, 2009, 32(4): 817-827.

[2] Liu Peng, Zang Wanyu, Yu Meng. Incentive-based modeling and inference of attacker intent, objectives, and strategies. ACM Transactions on Information and System Security, 2005, 8(1): 1-41.

[3] Lye K, Wing J M. Game strategies in network security[C]//Proceedings of the 15^th IEEE Computer Security Foundations Workshop. Copenhagen, 2002, 4(1-2): 71-86.

[4] Hadi O, Mona M, Chadi A, et al. Game theoretic models for detecting network intrusions[J]. Computer Communications, 2008, 31(10): 1934-1944.

[5] 林旺群, 王慧, 刘家红, 等. 基于非合作动态博弈的网络安全主动防御技术研究[J]. 计算机研究与发展, 2011, 48(2): 306-316. Lin Wangqun, Wang Hui, Liu Jiahong, et al. Research on active defense technology in network security based on non-cooperative dynamic game theory[J]. Journal of Computer Research and Development, 2011, 48(2): 306-316.

[6] 石进, 郭山清, 陆音, 等. 一种基于攻击图的入侵响应方法[J]. 软件学报, 2009, 19(10): 2746-2753. Shi Jin, Guo Shanqing, Lu Yin, et al. An intrusion response method based on attack graph[J]. Journal of Software, 2009, 19(10): 2746-2753.

[7] 王元卓, 林闯, 程学旗, 等. 基于随机博弈模型的网络攻防量化分析[J]. 计算机学报, 2010, 33(9): 1748-1762. Wang Yuanzhuo, Lin Chuang, Cheng Xueqi, et al. Analysis for network attack-fefense based on stochastic game model[J]. Chinese Journal of Computers, 2010, 33(9): 1748-1762.

[8] 张永铮, 方滨兴, 迟悦, 等. 网络风险评估中网络节点关联性的研究[J]. 计算机学报, 2007, 30(2): 234-240. Zhang Yongzheng, Fang Binxing, Chi Yue, et al. Research on network node correlation in network risk assessment[J]. Chinese Journal of Computers, 2007, 30(2): 234-240.

[1]	石子成, 李新, 唐颖, 黄善国. 基于全光模式匹配的光包过滤系统[J]. 北京邮电大学学报, 2022, 45(3): 96-101.
[2]	杨宏宇, 袁海航, 张良. 一种基于主机重要度的网络主机节点风险评估方法[J]. 北京邮电大学学报, 2022, 45(2): 16-21.
[3]	李永成, 刘树美, 于尧, 李爽. 兼顾路段和交叉口的路网脆弱性识别机制[J]. 北京邮电大学学报, 2020, 43(1): 14-20.
[4]	唐宏伟, 冯圣中, 赵晓芳. TOChain:一种高性能虚拟网络安全服务功能链[J]. 北京邮电大学学报, 2018, 41(1): 70-80.
[5]	李旭, 鲍京京, 刘颖. 编队通信安全中的黑洞问题[J]. 北京邮电大学学报, 2016, 39(1): 12-17.
[6]	白媛, 王倩, 贾其兰, 张会兵. 一种高效安全的EPS AKA协议[J]. 北京邮电大学学报, 2015, 38(s1): 10-14.
[7]	刘胜利, 彭飞, 武东英, 邹睿, 肖达. CHoney:一个面向Cisco路由器攻击捕获的新型蜜罐[J]. 北京邮电大学学报, 2015, 38(5): 47-53.
[8]	王秀娟, 孙博, 廖彦文, 相从斌. 贝叶斯属性攻击图网络脆弱性评估[J]. 北京邮电大学学报, 2015, 38(4): 110-116.
[9]	刘敬, 谷利泽, 钮心忻, 杨义先, 李忠献. 基于神经网络和遗传算法的网络安全事件分析方法[J]. 北京邮电大学学报, 2015, 38(2): 50-54.
[10]	陈永强, 吴晓平, 付钰, 宋衍. 基于随机博弈与网络熵的网络安全性评估[J]. 北京邮电大学学报, 2014, 37(s1): 92-96.
[11]	钟尚勤徐国胜姚文斌杨义先. 基于主机安全组划分的网络安全性分析 [J]. 北京邮电大学学报, 2012, 35(1): 19-23.
[12]	龙门,夏靖波,张子阳,郭戎潇. 节点相关的隐马尔可夫模型的网络安全评估[J]. 北京邮电大学学报, 2010, 33(6): 121-124.
[13]	秦华旺戴跃伟王执铨. 入侵容忍系统的安全态势评估[J]. 北京邮电大学学报, 2009, 32(2): 57-61.
[14]	陈天平乔向东郑连清. 图论在网络安全威胁态势分析中的应用[J]. 北京邮电大学学报, 2009, 32(1): 113-117.
[15]	王玉龙, 杨放春, 孙其博. 基于模型的网络脆弱性定量分析方法[J]. 北京邮电大学学报, 2008, 31(4): 58-61.

基于随机博弈模型的网络攻防策略选取

Network Attack-Defense Strategies Selection Based on Stochastic Game Model

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

本文评价