基于不完全信息博弈的反指纹识别分析

doi:10.11896/jsjkx.210100148

计算机科学 ›› 2021, Vol. 48 ›› Issue (8): 291-299.doi: 10.11896/jsjkx.210100148

基于不完全信息博弈的反指纹识别分析

李少辉, 张国敏, 宋丽华, 王秀磊

陆军工程大学南京210000

收稿日期:2021-01-09 修回日期:2021-03-29 发布日期:2021-08-10
通讯作者: 张国敏(zhang_gmwn@163.com)
基金资助:
江苏省自然科学青年基金(BK20200582)

Incomplete Information Game Theoretic Analysis to Defend Fingerprinting

LI Shao-hui, ZHANG Guo-min, SONG Li-hua, WANG Xiu-lei

Army Engineering University,Nanjing 210000,China

Received:2021-01-09 Revised:2021-03-29 Published:2021-08-10
About author:LI Shao-hui,born in 1994,postgra-duate.His main research interests include cyberspace security and information system security.(shaohuil@foxmail.com)ZHANG Guo-min,born in 1979,Ph.D,associate professor.His main research interests include cyberspace security and network management.
Supported by:
Natural Science Youth Foundation of Jiangsu Province(BK20200582).

摘要/Abstract

摘要： 网络侦察为网络攻击杀伤链的首要阶段,而指纹识别是网络侦察的重要组成部分,是成功实施网络攻击的先决条件。主动防御尤其是欺骗防御理念的推广促使防御者采取指纹信息隐藏、混淆等手段迷惑攻击者,降低其网络侦察效能,从而使防御者在对抗中获得一定的先发优势,攻防双方的对抗行为也因此提前到了网络侦察阶段。欺骗是攻防双方理性主体之间的战略对抗,博弈论正是研究理性决策者之间冲突与合作的定量科学,可以对各种防御性欺骗的参与者、行动等元素进行建模,指导防御者如何更好地利用欺骗技术。文中使用不完全信息动态博弈模型分析网络攻防双方从侦察到攻击的交互过程,分析计算了可能出现的各种精炼贝叶斯纳什均衡,并基于不同场景对均衡结果进行了讨论,为防御者优化欺骗策略达到更好的反指纹识别效果提出建议。

关键词: 不完全信息动态博弈, 精炼贝叶斯纳什均衡, 欺骗防御, 网络侦察, 指纹识别

Abstract: Fingerprinting,which is an important part of reconnaissance,the first stage of network attack killing chain,is the prerequisite of successful implementation of network attack.The promotion of the concept of active defense,especially deception defense,encourages the defenders to confuse the attackers by means of fingerprint information hiding and obfuscation,thus reducing the effectiveness of their network reconnaissance.Therefore,the defenders can obtain a certain first-mover advantage in the confrontation,and the confrontation of both sides is also advanced to the stage of reconnaissance.Deception is the strategic confrontation between the rational agents of both sides,game theory is a quantitative science to study the conflict and cooperation between rational decision players.It can model the players and actions of various defensive deception,and guide the defenders to make better use of deception technology.In this paper,the dynamic game model with incomplete information is used to analyze the interactive process from reconnaissance to attack.The possible perfect Bayesian Nash equilibrium are analyzed and calculated,and the equilibrium are discussed based on different scenarios.Suggestions are put forward for the defenders to optimize the deceptive strategy to achieve better anti-fingerprinting effect.

Key words: Deception defense, Dynamic game with incomplete information, Fingerprint identification, Network reconnaissance, Perfect Bayesian Nash equilibrium

中图分类号:

TP398.08

李少辉, 张国敏, 宋丽华, 王秀磊. 基于不完全信息博弈的反指纹识别分析[J]. 计算机科学, 2021, 48(8): 291-299. https://doi.org/10.11896/jsjkx.210100148

LI Shao-hui, ZHANG Guo-min, SONG Li-hua, WANG Xiu-lei. Incomplete Information Game Theoretic Analysis to Defend Fingerprinting[J]. Computer Science, 2021, 48(8): 291-299. https://doi.org/10.11896/jsjkx.210100148

参考文献

[1]ACHLEITNER S,PORTA T L,MCDANIEL P,et al.CyberDeception:Virtual Networks to Defend Insider Reconnaissance[C]//The 2016 International Workshop.ACM,2016.
[2]JIA Z P,FANG B X,LIU C G,et al.Survey on cyber deception[J].Journal on Communications,2017,38(12):128-143.
[3]MAHON J E.Two definitions of lying[J].International Journal of Applied Philosophy,2008,22(2):211-230.
[4]ALBANESE M,BATTISTA E,JAJODIA S.A deception based approach for defeating OS and service fingerprinting[C]//Communications & Network Security.IEEE,2015:317-325.
[5]ALBANESE M,BATTISTA E,JAJODIA S,et al.Manipulating the attacker's view of a system's attack surface[C]//2014 IEEE Conference on Communications and Network Security (CNS).IEEE,2014.
[6]JAJODIA S,PARK N,PIERAZZI F,et al.A Probabilistic Logic of Cyber Deception[J].IEEE Transactions on Information Forensics and Security,2017,12(11):2532-2544.
[7]WANG L,WU D.Moving Target Defense Against Network Reconnaissance with Software Defined Networking[C]//International Conference on Information Security.Springer Internatio-nal Publishing,2016.
[8]KIEKINTVELD C,LIS V,PIVIL R.Game-theoretic founda-tions for the strategic use of honeypots in network security[M]//Cyber Warfare.Cham:Springer,2015:81-101.
[9]PAWLICK J,COLBERT E,ZHU Q.A Game-Theoretic Taxono-my and Survey of Defensive Deception for Cybersecurity and Privacy[J].ACM Computing Surveys,2017,52(4):1-28.
[10]CARROLL T E,GROSU D.A game theoretic investigation of deception in network security[J].Security & Communication Networks,2011,4(10):1162-1172.
[11]YE D,ZHU T,SHEN S,et al.A Differentially Private GameTheoretic Approach for Deceiving Cyber Adversaries [J].IEEE Transactions on Information Forensics and Security,2020,16:569-584.
[12]KARAL H,ZHU Q,BOANSK B.Manipulating Adversary'sBelief:A Dynamic Game Approach to Deception by Design forProactive Network Security[C]//International Conference on Decision and Game Theory for Security.Cham:Springer,2017.
[13]HUANG L,ZHU Q.Analysis and Computation of Adaptive Defense Strategies Against Advanced Persistent Threats for Cyber-Physical Systems[C]//International Conference on Decision and Game Theory for Security.Cham:Springer,2018.
[14]SCHLENKER A,THAKOOR O,XU H,et al.Deceiving cyber adversaries:A game theoretic approach[C]International Confe-rence on Autonomous Agents and Multiagent Systems,2018.
[15]THAKOOR O,TAMBE M,VAYANOS P,et al.Cyber Camouflage Games for Strategic Deception[C]//International Conference on Decision and Game Theory for Security.Cham:Springer,2019:525-541.
[16]WANG W,ZENG B.A two-stage deception game for network defense[C]//International Conference on Decision and Game Theory for Security.Springer,2018.
[17]RAHMAN M A,HASAN M,MANSHAEI M H,et al.A game-theoretic analysis to defend against remote operating system fingerprinting[J].Journal of Information Security and Applications,2020,52:102456.
[18]RAHMAN M A,MANSHAEI M H,AL-SHAER E.A game-theoretic approach for deceiving Remote Operating System Fingerprinting[C]//Communications & Network Security.IEEE,2013.
[19]PAWLICK J,COLBERT E,ZHU Q.Modeling and Analysis of Leaky Deception using Signaling Games with Evidence[J].IEEE Transactions on Information Forensics and Security,2018,14(7):1871-1886.

相关文章 15

[1]	姜洋洋, 宋丽华, 邢长友, 张国敏, 曾庆伟. 蜜罐博弈中信念驱动的攻防策略优化机制 Belief Driven Attack and Defense Policy Optimization Mechanism in Honeypot Game 计算机科学, 2022, 49(9): 333-339. https://doi.org/10.11896/jsjkx.220400011
[2]	高春刚, 王永杰, 熊鑫立. MTDCD:一种对抗网络入侵的混合防御机制 MTDCD:A Hybrid Defense Mechanism Against Network Intrusion 计算机科学, 2022, 49(7): 324-331. https://doi.org/10.11896/jsjkx.210600193
[3]	刘亚群, 邢长友, 高雅卓, 张国敏. TopoObfu:一种对抗网络侦察的网络拓扑混淆机制 TopoObfu:A Network Topology Obfuscation Mechanism to Defense Network Reconnaissance 计算机科学, 2021, 48(10): 278-285. https://doi.org/10.11896/jsjkx.210400296
[4]	赵金龙, 张国敏, 邢长友, 宋丽华, 宗祎本. 一种对抗网络侦察的自适应欺骗防御机制 Self-adaptive Deception Defense Mechanism Against Network Reconnaissance 计算机科学, 2020, 47(12): 304-310. https://doi.org/10.11896/jsjkx.200900126
[5]	王宸东, 郭渊博, 甄帅辉, 杨威超. 网络资产探测技术研究 Research on Network Asset Detection Technology 计算机科学, 2018, 45(12): 24-31. https://doi.org/10.11896／j.issn.1002-137X.2018.12.004
[6]	申普兵,赵占东,宫强兵. 网络作战能力评估指标体系构建问题的研究 Research on Evaluation of Computer Network Operation Based on Capacity Factor 计算机科学, 2016, 43(Z6): 505-507. https://doi.org/10.11896/j.issn.1002-137X.2016.6A.119
[7]	梅园,赵波,朱之丹. 基于直线曲线混合Gabor滤波器的指纹增强算法 Fingerprint Enhancement Based on Straight-curved Line Gabor Filter 计算机科学, 2016, 43(Z6): 149-151. https://doi.org/10.11896/j.issn.1002-137X.2016.6A.035
[8]	朱之丹,马廷淮,梅园. 基于大尺度方向场描述子的指纹分类算法 Fingerprint Classification Approach Based on Orientation Descriptor 计算机科学, 2016, 43(Z11): 179-182. https://doi.org/10.11896/j.issn.1002-137X.2016.11A.039
[9]	杨霞,刘志伟,雷航. 基于TrustZone的指纹识别安全技术研究与实现 Research and Implementation of Fingerprint Identification Security Technology Based on ARM TrustZone 计算机科学, 2016, 43(7): 147-152. https://doi.org/10.11896/j.issn.1002-137X.2016.07.026
[10]	梅园. 基于多层次验证的指纹细节点对获取算法 Acquisition of Fingerprints’ Minutiae Pairs Based on Multi-layers Validation 计算机科学, 2013, 40(11): 312-315.
[11]	官群健,祝恩,殷建平,梁小龙,赵建民. 一种基于形态学运算的指纹方向场计算方法 Fingerprint Orientation Estimation Based on Morphological Operation 计算机科学, 2012, 39(11): 246-248.
[12]	梁小龙，殷建平，祝恩，官群健. 基于纹路的三维指纹模型重建算法 Ridge Based 3D Fingerprint Reconstruction Method 计算机科学, 2012, 39(10): 282-285.
[13]	韩智，刘昌平. 基于多种特征融合的指纹识别方法 Fingerprint Recognition Method Based on Multi-feature Fusion 计算机科学, 2010, 37(7): 255-259.
[14]	梅园,曹国,孙怀江,孙权森,夏德深. 一种基于新特征的有效指纹图像分割算法 Effective Method for the Segmentation of Fingerprint Images Based on New Feature 计算机科学, 2009, 36(11): 273-278.
[15]	. 基于局部方向场的指纹褶皱检测计算机科学, 2007, 34(1): 183-186.

Metrics

Viewed

Full text

Abstract

Cited

Shared

Discussed

基于不完全信息博弈的反指纹识别分析

Incomplete Information Game Theoretic Analysis to Defend Fingerprinting

PDF (PC)

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

Metrics

本文评价

推荐阅读 0