计算机科学

计算机科学 ›› 2018, Vol. 45 ›› Issue (6): 117-123.doi: 10.11896/j.issn.1002-137X.2018.06.020

• 信息安全 • 上一篇    下一篇

基于网络攻防博弈模型的最优防御策略选取方法

刘景玮1,2, 刘京菊1, 陆余良1, 杨斌1, 朱凯龙1   

  1. 国防科技大学电子对抗学院 合肥2300371;
    31007部队 北京1000392
  • 收稿日期:2017-04-14 出版日期:2018-06-15 发布日期:2018-07-24
  • 作者简介:刘景玮(1990-),男,硕士生,主要研究方向为网络安全态势感知,E-mail:jjszjpsg@163.com;刘京菊(1974-),女,硕士,副教授,主要研究方向为网络安全态势感知、网络安全检测,E-mail:80822448@qq.com(通信作者);陆余良(1964-),男,博士,教授,主要研究方向为网络安全评估;杨 斌(1989-),男,博士生,主要研究方向为计算机网络安全;朱凯龙(1991-),男,硕士生,主要研究方向为网络异常检测
  • 基金资助:
    本文受国家自然科学基金(61602491)资助

Optimal Defense Strategy Selection Method Based on Network Attack-Defense Game Model

LIU Jing-wei1,2, LIU Jing-ju1, LU Yu-liang1, YANG Bin1, ZHU Kai-long1   

  1. College of Electromagnetic Countermeasure,National University of Defense Technology,Hefei 230037,China1;
    Troops 31007,Beijing 100039,China2
  • Received:2017-04-14 Online:2018-06-15 Published:2018-07-24

PDF (PC)

2056

摘要: 为了降低安全风险损失,并在有限的资源下做出最优网络防御决策,设计了一种网络攻防博弈最优策略选取方法。首先,建立网络攻防博弈模型,证明了该模型混合策略纳什均衡的存在性;然后,给出了基于该模型的网络攻防策略选取算法,包括基于网络攻防策略图的攻防策略搜索算法、攻防双方不同策略下基于通用漏洞评分系统的效用函数量化计算方法和混合策略纳什均衡求解方法等;最后,在一个典型的网络攻防实例场景下对模型的有效性进行了分析和验证。实验结果表明,该模型能够有效地生成最优防御决策方案。

关键词: 博弈论, 攻防博弈, 网络安全, 最优策略

Abstract: In order to reduce the loss of security risk and make the optimal network defense decision under the limited resources,the optimal defense strategy selection method based on attack-defense game model was proposed.First,network attack-defense game model was established and the existence of equilibrium model of the mixed strategy Nash was proved.Then,the network attack-defense strategy selection algorithm based on the model was given,including the attack-defense strategy searching algorithm based on network attack-defense strategy graph,the calculation method of utility function under varied attack-defense strategies based on the common vulnerability scoring system and the method for solving mixed strategy Nash equilibrium.Finally,the validity of the model was analyzed and verified in a typical attack-defense experiment.The experimental results show that the model can effectively generate the optimal defense strategy.

Key words: Attack-defense game, Game theory, Network security, Optimal strategy

中图分类号: 

  • TP393
[1]HAMILTON S N,MILLER W L,OTT A,et al.The Role of Game Theory in Information Warfare[C]//14th Information Surlivability Workshop(ISW-2001/2002).Vancouver,Canada,2002:46-56.
[2]WU Y,FENG G,WANG N,et al.Game of information security investment:Impact of attack types and network vulnerability[J].Expert Systems with Applications,2015,42(15/16):6132-6146.
[3]ROY S,ELLIS C,SHIVA S,et al.A Survey of Game Theory as Applied to Network Security[C]//Hawaii International Confe-rence on System Sciences.IEEE,2010:1-10.
[4]KUHN H W,MORGENSTERN O,RUBINSTEIN A.Theory of Games and Economic Behavior (60th AnniversaryCommemo-rative Edition)[M]//Theory of Games and Economic Behavior.Princeton:Princeton University Press,1944:2-14.
[5]LYE K W,WING J M.Game strategies in network security[J].International Journal of Information Security,2005,4(1):71-86.
[6]MEDIA.Game Theory for Network Security[J].Game Theory Applications in Network Design,2013,15(1):472-486.
[7]XI R R,YUN X C,ZHANG Y Z,et al.An Improved Quantitative Evaluation Method for Network Security [J].Chinese Journal of Computer,2015,38(4):749-758.(in Chinese)
席荣荣,云晓春,张永铮,等.一种改进的网络安全态势量化评估方法[J].计算机学报,2015,38(4):749-758.
[8]GAO N,GAO L,HE Y Y,et al.Dynamic security risk assessment model based on Bayesian attack graph[J].Journal of Sichuan University(Engineering Science Edition),2016,48(1):111-118.(in Chinese)
高妮,高岭,贺毅岳,等.基于贝叶斯攻击图的动态安全风险评估模型[J].四川大学学报(工程科学版),2016,48(1):111-118.
[9]JIANG W,FANG B X,TIAN Z H,et al.Evaluating Network Security and Optimal Active Defense Based on Attack-Defense Game Model [J].Chinese Journal of Computer,2009,32(4):817-827.(in Chinese)
姜伟,方滨兴,田志宏,等.基于攻防博弈模型的网络安全测评和最优主动防御[J].计算机学报,2009,32(4):817-827.
[10]JIANG W,TIAN Z H,ZHANG H L,et al.A Stochastic Game Theoretic Approach to Attack Prediction and Optimal Active Defense Strategy Decision[C]//IEEE International Conference on Networking,Sensing and Control.IEEE,2008:648-653.
[11]LIN W Q,WANG H,LIU J H,et al.Research on Active Defense Technology in Network Security Based on Non-Cooperative Dynamic Game Theory [J].Journal of Computer Research and Development,2011,48(2):306-316.(in Chinese)
林旺群,王慧,刘家红,等.基于非合作动态博弈的网络安全主动防御技术研究[J].计算机研究与发展,2011,48(2):306-316.
[12]LIU G,ZHANG H,LI Q M.Network security optimal attack and defense decision-making method based on game model [J].Journal of Nanjing University of Science and Technology,2014,38(1):12-21.(in Chinese)
刘刚,张宏,李千目.基于博弈模型的网络安全最优攻防决策方法[J].南京理工大学学报(自然科学版),2014,38(1):12-21.
[13]FIRST.Common Vulnerability Scoring System[EB/OL].[2017-01-28].https://www.first.org/CVSS.
[14]CHENG P,WANG L,JAJODIA S,et al.Aggregating CVSS Base Scores for Semantics-Rich Network Security Metrics[C]//IEEE Symposium on Reliable Distributed Systems.IEEE Computer Society,2012:31-40.
[15]NASH J F.Equilibrium points in n-person games[J].Proceedings of the National Academy of Sciences of the United States of America,1950,36(1):48-49.
[16]FUDENBERG D,TIROLE J.Game Theory[J].Mit Press Books,2009,1(7):29-30.
[17]NASH J.Non-Cooperative Games[J].Annals of Mathematics,1951,54(2):286-295.
[18]CHATTERJEE B.An optimization formulation to compute Nash equilibrium in finite games[C]//International Conference on Methods and MODELS in Computer Science.IEEE,2009:1-5.
[19]黄象鼎,曾钟钢,马亚南.非线性数值分析的理论与方法[M].武汉:武汉大学出版社,2004.
[1] 柳杰灵, 凌晓波, 张蕾, 王博, 王之梁, 李子木, 张辉, 杨家海, 吴程楠.
基于战术关联的网络安全风险评估框架
Network Security Risk Assessment Framework Based on Tactical Correlation
计算机科学, 2022, 49(9): 306-311. https://doi.org/10.11896/jsjkx.210600171
[2] 姜洋洋, 宋丽华, 邢长友, 张国敏, 曾庆伟.
蜜罐博弈中信念驱动的攻防策略优化机制
Belief Driven Attack and Defense Policy Optimization Mechanism in Honeypot Game
计算机科学, 2022, 49(9): 333-339. https://doi.org/10.11896/jsjkx.220400011
[3] 王磊, 李晓宇.
基于随机洋葱路由的LBS移动隐私保护方案
LBS Mobile Privacy Protection Scheme Based on Random Onion Routing
计算机科学, 2022, 49(9): 347-354. https://doi.org/10.11896/jsjkx.210800077
[4] 赵冬梅, 吴亚星, 张红斌.
基于IPSO-BiLSTM的网络安全态势预测
Network Security Situation Prediction Based on IPSO-BiLSTM
计算机科学, 2022, 49(7): 357-362. https://doi.org/10.11896/jsjkx.210900103
[5] 杜鸿毅, 杨华, 刘艳红, 杨鸿鹏.
基于网络媒体的非线性动力学信息传播模型
Nonlinear Dynamics Information Dissemination Model Based on Network Media
计算机科学, 2022, 49(6A): 280-284. https://doi.org/10.11896/jsjkx.210500043
[6] 吕鹏鹏, 王少影, 周文芳, 连阳阳, 高丽芳.
基于进化神经网络的电力信息网安全态势量化方法
Quantitative Method of Power Information Network Security Situation Based on Evolutionary Neural Network
计算机科学, 2022, 49(6A): 588-593. https://doi.org/10.11896/jsjkx.210200151
[7] 方韬, 杨旸, 陈佳馨.
D2D辅助移动边缘计算下的卸载策略优化
Optimization of Offloading Decisions in D2D-assisted MEC Networks
计算机科学, 2022, 49(6A): 601-605. https://doi.org/10.11896/jsjkx.210200114
[8] 陶礼靖, 邱菡, 朱俊虎, 李航天.
面向网络安全训练评估的受训者行为描述模型
Model for the Description of Trainee Behavior for Cyber Security Exercises Assessment
计算机科学, 2022, 49(6A): 480-484. https://doi.org/10.11896/jsjkx.210800048
[9] 邓凯, 杨频, 李益洲, 杨星, 曾凡瑞, 张振毓.
一种可快速迁移的领域知识图谱构建方法
Fast and Transmissible Domain Knowledge Graph Construction Method
计算机科学, 2022, 49(6A): 100-108. https://doi.org/10.11896/jsjkx.210900018
[10] 胥昊, 曹桂均, 闫璐, 李科, 王振宏.
面向铁路集装箱的高可靠低时延无线资源分配算法
Wireless Resource Allocation Algorithm with High Reliability and Low Delay for Railway Container
计算机科学, 2022, 49(6): 39-43. https://doi.org/10.11896/jsjkx.211200143
[11] 张师鹏, 李永忠.
基于降噪自编码器和三支决策的入侵检测方法
Intrusion Detection Method Based on Denoising Autoencoder and Three-way Decisions
计算机科学, 2021, 48(9): 345-351. https://doi.org/10.11896/jsjkx.200500059
[12] 周仕承, 刘京菊, 钟晓峰, 卢灿举.
基于深度强化学习的智能化渗透测试路径发现
Intelligent Penetration Testing Path Discovery Based on Deep Reinforcement Learning
计算机科学, 2021, 48(7): 40-46. https://doi.org/10.11896/jsjkx.210400057
[13] 李贝贝, 宋佳芮, 杜卿芸, 何俊江.
DRL-IDS:基于深度强化学习的工业物联网入侵检测系统
DRL-IDS:Deep Reinforcement Learning Based Intrusion Detection System for Industrial Internet of Things
计算机科学, 2021, 48(7): 47-54. https://doi.org/10.11896/jsjkx.210400021
[14] 陈海彪, 黄声勇, 蔡洁锐.
一个基于智能电网的跨层路由的信任评估协议
Trust Evaluation Protocol for Cross-layer Routing Based on Smart Grid
计算机科学, 2021, 48(6A): 491-497. https://doi.org/10.11896/jsjkx.201000169
[15] 王金恒, 单志龙, 谭汉松, 王煜林.
基于遗传优化PNN神经网络的网络安全态势评估
Network Security Situation Assessment Based on Genetic Optimized PNN Neural Network
计算机科学, 2021, 48(6): 338-342. https://doi.org/10.11896/jsjkx.201200239
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发