计算机科学 ›› 2021, Vol. 48 ›› Issue (8): 291-299.doi: 10.11896/jsjkx.210100148
李少辉, 张国敏, 宋丽华, 王秀磊
LI Shao-hui, ZHANG Guo-min, SONG Li-hua, WANG Xiu-lei
摘要: 网络侦察为网络攻击杀伤链的首要阶段,而指纹识别是网络侦察的重要组成部分,是成功实施网络攻击的先决条件。主动防御尤其是欺骗防御理念的推广促使防御者采取指纹信息隐藏、混淆等手段迷惑攻击者,降低其网络侦察效能,从而使防御者在对抗中获得一定的先发优势,攻防双方的对抗行为也因此提前到了网络侦察阶段。欺骗是攻防双方理性主体之间的战略对抗,博弈论正是研究理性决策者之间冲突与合作的定量科学,可以对各种防御性欺骗的参与者、行动等元素进行建模,指导防御者如何更好地利用欺骗技术。文中使用不完全信息动态博弈模型分析网络攻防双方从侦察到攻击的交互过程,分析计算了可能出现的各种精炼贝叶斯纳什均衡,并基于不同场景对均衡结果进行了讨论,为防御者优化欺骗策略达到更好的反指纹识别效果提出建议。
中图分类号:
[1]ACHLEITNER S,PORTA T L,MCDANIEL P,et al.CyberDeception:Virtual Networks to Defend Insider Reconnaissance[C]//The 2016 International Workshop.ACM,2016. [2]JIA Z P,FANG B X,LIU C G,et al.Survey on cyber deception[J].Journal on Communications,2017,38(12):128-143. [3]MAHON J E.Two definitions of lying[J].International Journal of Applied Philosophy,2008,22(2):211-230. [4]ALBANESE M,BATTISTA E,JAJODIA S.A deception based approach for defeating OS and service fingerprinting[C]//Communications & Network Security.IEEE,2015:317-325. [5]ALBANESE M,BATTISTA E,JAJODIA S,et al.Manipulating the attacker's view of a system's attack surface[C]//2014 IEEE Conference on Communications and Network Security (CNS).IEEE,2014. [6]JAJODIA S,PARK N,PIERAZZI F,et al.A Probabilistic Logic of Cyber Deception[J].IEEE Transactions on Information Forensics and Security,2017,12(11):2532-2544. [7]WANG L,WU D.Moving Target Defense Against Network Reconnaissance with Software Defined Networking[C]//International Conference on Information Security.Springer Internatio-nal Publishing,2016. [8]KIEKINTVELD C,LIS V,PIVIL R.Game-theoretic founda-tions for the strategic use of honeypots in network security[M]//Cyber Warfare.Cham:Springer,2015:81-101. [9]PAWLICK J,COLBERT E,ZHU Q.A Game-Theoretic Taxono-my and Survey of Defensive Deception for Cybersecurity and Privacy[J].ACM Computing Surveys,2017,52(4):1-28. [10]CARROLL T E,GROSU D.A game theoretic investigation of deception in network security[J].Security & Communication Networks,2011,4(10):1162-1172. [11]YE D,ZHU T,SHEN S,et al.A Differentially Private GameTheoretic Approach for Deceiving Cyber Adversaries [J].IEEE Transactions on Information Forensics and Security,2020,16:569-584. [12]KARAL H,ZHU Q,BOANSK B.Manipulating Adversary'sBelief:A Dynamic Game Approach to Deception by Design forProactive Network Security[C]//International Conference on Decision and Game Theory for Security.Cham:Springer,2017. [13]HUANG L,ZHU Q.Analysis and Computation of Adaptive Defense Strategies Against Advanced Persistent Threats for Cyber-Physical Systems[C]//International Conference on Decision and Game Theory for Security.Cham:Springer,2018. [14]SCHLENKER A,THAKOOR O,XU H,et al.Deceiving cyber adversaries:A game theoretic approach[C]International Confe-rence on Autonomous Agents and Multiagent Systems,2018. [15]THAKOOR O,TAMBE M,VAYANOS P,et al.Cyber Camouflage Games for Strategic Deception[C]//International Conference on Decision and Game Theory for Security.Cham:Springer,2019:525-541. [16]WANG W,ZENG B.A two-stage deception game for network defense[C]//International Conference on Decision and Game Theory for Security.Springer,2018. [17]RAHMAN M A,HASAN M,MANSHAEI M H,et al.A game-theoretic analysis to defend against remote operating system fingerprinting[J].Journal of Information Security and Applications,2020,52:102456. [18]RAHMAN M A,MANSHAEI M H,AL-SHAER E.A game-theoretic approach for deceiving Remote Operating System Fingerprinting[C]//Communications & Network Security.IEEE,2013. [19]PAWLICK J,COLBERT E,ZHU Q.Modeling and Analysis of Leaky Deception using Signaling Games with Evidence[J].IEEE Transactions on Information Forensics and Security,2018,14(7):1871-1886. |
[1] | 姜洋洋, 宋丽华, 邢长友, 张国敏, 曾庆伟. 蜜罐博弈中信念驱动的攻防策略优化机制 Belief Driven Attack and Defense Policy Optimization Mechanism in Honeypot Game 计算机科学, 2022, 49(9): 333-339. https://doi.org/10.11896/jsjkx.220400011 |
[2] | 高春刚, 王永杰, 熊鑫立. MTDCD:一种对抗网络入侵的混合防御机制 MTDCD:A Hybrid Defense Mechanism Against Network Intrusion 计算机科学, 2022, 49(7): 324-331. https://doi.org/10.11896/jsjkx.210600193 |
[3] | 刘亚群, 邢长友, 高雅卓, 张国敏. TopoObfu:一种对抗网络侦察的网络拓扑混淆机制 TopoObfu:A Network Topology Obfuscation Mechanism to Defense Network Reconnaissance 计算机科学, 2021, 48(10): 278-285. https://doi.org/10.11896/jsjkx.210400296 |
[4] | 赵金龙, 张国敏, 邢长友, 宋丽华, 宗祎本. 一种对抗网络侦察的自适应欺骗防御机制 Self-adaptive Deception Defense Mechanism Against Network Reconnaissance 计算机科学, 2020, 47(12): 304-310. https://doi.org/10.11896/jsjkx.200900126 |
[5] | 王宸东, 郭渊博, 甄帅辉, 杨威超. 网络资产探测技术研究 Research on Network Asset Detection Technology 计算机科学, 2018, 45(12): 24-31. https://doi.org/10.11896/j.issn.1002-137X.2018.12.004 |
[6] | 申普兵,赵占东,宫强兵. 网络作战能力评估指标体系构建问题的研究 Research on Evaluation of Computer Network Operation Based on Capacity Factor 计算机科学, 2016, 43(Z6): 505-507. https://doi.org/10.11896/j.issn.1002-137X.2016.6A.119 |
[7] | 梅园,赵波,朱之丹. 基于直线曲线混合Gabor滤波器的指纹增强算法 Fingerprint Enhancement Based on Straight-curved Line Gabor Filter 计算机科学, 2016, 43(Z6): 149-151. https://doi.org/10.11896/j.issn.1002-137X.2016.6A.035 |
[8] | 朱之丹,马廷淮,梅园. 基于大尺度方向场描述子的指纹分类算法 Fingerprint Classification Approach Based on Orientation Descriptor 计算机科学, 2016, 43(Z11): 179-182. https://doi.org/10.11896/j.issn.1002-137X.2016.11A.039 |
[9] | 杨霞,刘志伟,雷航. 基于TrustZone的指纹识别安全技术研究与实现 Research and Implementation of Fingerprint Identification Security Technology Based on ARM TrustZone 计算机科学, 2016, 43(7): 147-152. https://doi.org/10.11896/j.issn.1002-137X.2016.07.026 |
[10] | 梅园. 基于多层次验证的指纹细节点对获取算法 Acquisition of Fingerprints’ Minutiae Pairs Based on Multi-layers Validation 计算机科学, 2013, 40(11): 312-315. |
[11] | 官群健,祝恩,殷建平,梁小龙,赵建民. 一种基于形态学运算的指纹方向场计算方法 Fingerprint Orientation Estimation Based on Morphological Operation 计算机科学, 2012, 39(11): 246-248. |
[12] | 梁小龙,殷建平,祝恩,官群健. 基于纹路的三维指纹模型重建算法 Ridge Based 3D Fingerprint Reconstruction Method 计算机科学, 2012, 39(10): 282-285. |
[13] | 韩智,刘昌平. 基于多种特征融合的指纹识别方法 Fingerprint Recognition Method Based on Multi-feature Fusion 计算机科学, 2010, 37(7): 255-259. |
[14] | 梅园,曹国,孙怀江,孙权森,夏德深. 一种基于新特征的有效指纹图像分割算法 Effective Method for the Segmentation of Fingerprint Images Based on New Feature 计算机科学, 2009, 36(11): 273-278. |
[15] | . 基于局部方向场的指纹褶皱检测 计算机科学, 2007, 34(1): 183-186. |
|