基于定性微分博弈的网络安全威胁预警方法

黄世锐; 张恒巍; 王晋东; 窦睿彧

doi:10.11959/j.issn.1000-436x.2018134

您当前的位置：

首页 >

文章列表页 >

基于定性微分博弈的网络安全威胁预警方法

论文Ⅰ：人工智能与网络安全 | 更新时间：2024-06-05

- 基于定性微分博弈的网络安全威胁预警方法
- Network security threat warning method based on qualitative differential game
- 通信学报 2018年39卷第8期页码：29-36
- 作者机构：
  
  1. 信息工程大学三院，河南郑州 450001
  2. 信息保障技术重点实验室，北京 100093
- 作者简介：
  
  [ "黄世锐（1994-），男，广东汕头人，信息工程大学工程师，主要研究方向为网络安全预警与防御决策。" ]
  [ "张恒巍（1978-），男，河南洛阳人，博士，信息工程大学副教授，主要研究方向为网络安全与攻防对抗、信息安全风险评估。" ]
  [ "王晋东（1966-），男，山西洪桐人，信息工程大学教授，主要研究方向为网络与信息安全、云资源管理。" ]
  [ "窦睿彧（1981-），女，江苏江都人，信息工程大学讲师，主要研究方向为网络信息安全。" ]
- 基金信息：
  
  国家自然科学基金资助项目(61303074);国家自然科学基金资助项目(61309013);河南省科技攻关计划基金资助项目(182102210144);信息保障技术重点实验室开放基金资助项目(KJ-15-110)
- DOI：10.11959/j.issn.1000-436x.2018134
  中图分类号： TP309
- 网络出版日期：2018-08，
  
  纸质出版日期：2018-08-25
- 稿件说明：
移动端阅览
黄世锐, 张恒巍, 王晋东, 等. 基于定性微分博弈的网络安全威胁预警方法[J]. 通信学报, 2018,39(8):29-36.

Shirui HUANG, Hengwei ZHANG, Jindong WANG, et al. Network security threat warning method based on qualitative differential game[J]. Journal on communications, 2018, 39(8): 29-36.
黄世锐, 张恒巍, 王晋东, 等. 基于定性微分博弈的网络安全威胁预警方法[J]. 通信学报, 2018,39(8):29-36. DOI： 10.11959/j.issn.1000-436x.2018134.

Shirui HUANG, Hengwei ZHANG, Jindong WANG, et al. Network security threat warning method based on qualitative differential game[J]. Journal on communications, 2018, 39(8): 29-36. DOI： 10.11959/j.issn.1000-436x.2018134.

摘要

目前，基于博弈理论的网络安全研究大多采用静态博弈或多阶段动态博弈模型，不符合实际网络攻防连续对抗、实时变化的特点，为了更加贴近攻防实际进行安全威胁预警，借鉴传染病动力学模型分析安全威胁传播过程，基于定性微分博弈理论构建网络攻防博弈模型，推演安全威胁动态变化趋势。在此基础上，提出攻防定性微分博弈求解方法，构造攻防界栅以及捕获区和躲避区；引入多维欧氏距离，度量不同安全状态的威胁严重程度；进而设计预警算法，实现对网络安全威胁的动态预警，且具有更好的准确性和时效性。仿真实验结果表明，所提模型和算法有效且可行。

Abstract

Most current network security research based on game theory adopts the static game or multi-stage dynamic game model

which does not accord with the real-time change and continuity of the actual network attack-defense process.To make security threats warning more consistent with the attack-defense process

the threat propagation process was analyzed referring to the epidemic model.Then the network attack-defense game model was constructed based on the qualitative differential game theory

by which the evolution of the network security state could be predicted.Based on the model

the qualitative differential game solution method was designed to construct the attack-defense barrier and divide the capture area.Furthermore

the threat severity in different security states were evaluated by introducing multidimensional Euclidean distance.By designing the warning algorithm

the dynamic warning of the network security threat was realized

which had better accuracy and timeliness.Finally

simulation results verify the effectiveness of the proposed algorithm and model.

关键词

Keywords

references

HERMANOWSKI D , . Open source security information management system supporting IT security audit [C ] // IEEE International Conference on Cybernetics . 2015 : 336 - 341 .

KATIPALLY R , GASIOR W , CUI X , et al . Multistage attack detection system for network administrators using data mining [C ] // BMJ . 2015 : 1 - 4 .

FUDENBERG D , TIROLE J . Game theory [M ] . Boston : Massachusettes Institute of Technology PressPress , 2015 .

朱建明 , 王秦 . 基于博弈论的网络空间安全问题分析 [J ] . 通信学报 , 2017 , 32 ( 10 ): 43 - 49 .

ZHU J M , WANG Q . Analysis of cyberspace security based on game theory [J ] . Journal on Communications , 2017 , 32 ( 10 ): 43 - 49 .

WHITE J , PARK J S , KAMHOUA C A , et al . Game theoretic attack analysis in online social network (OSN) services [C ] // IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining . 2013 : 1012 - 1019 .

王元卓 , 林闯 , 程学旗 , 等 . 基于随机博弈模型的网络攻防量化分析方法 [J ] . 计算机学报 , 2015 , 33 ( 9 ): 1748 - 1764 .

WANG Y Z , LIN C , CHENG X Q , et al . Analysis for network attack-defense based on stochastic game model [J ] . Chinese Journal of Computers , 2015 , 33 ( 9 ): 1748 - 1764 .

张恒巍 , 余定坤 , 韩继红 , 等 . 基于攻防信号博弈模型的防御策略选取方法 [J ] . 通信学报 , 2016 , 37 ( 5 ): 51 - 61 .

ZHANG H W , YU D K , HAN J H , et al . Defense policies selection method based on attack-defense signaling game model [J ] . Journal on Communications , 2016 , 37 ( 5 ): 51 - 61 .

DAVID W K Y , LEON A P . Differential games theory [M ] . New York : Springer PressPress , 2015 .

张恒巍 , 李涛 . 基于攻防微分博弈的网络安全防御决策方法 [J ] . 电子学报 , 2017 , 45 ( 2 ): 431 - 439 .

ZHANG H W , LI T . Defense strategy selection method based on attack-defense differential game model [J ] . Acta Electronica Sinica , 2017 , 45 ( 2 ): 431 - 439 .

NILIM A , GHAOUI L E . Active defense strategy selection based on differential game [J ] . Operations Research , 2016 , 43 ( 12 ): 163 - 169 .

范红旗 , 王胜 , 付强 . 二人微分对策问题信息模式的数学描述 [J ] . 电子学报 , 2015 , 42 ( 2 ): 1355 - 1361 .

FAN H Q , WANG S , FU Q . Mathematical description for information pattern of stochastic differential games [J ] . Acta Electronica Sinica , 2015 , 42 ( 2 ): 1355 - 1361 .

NOWAK M A . Evolutionary dynamics:exploring the equations of life [M ] . Boston : Harvard University PressPress , 2015 .

ROESCH M , . Snort-lightweight intrusion detection for networks [C ] // The 13th System Administration Conference and Exhibition . 2015 : 229 - 238 .

余定坤 , 王晋东 , 张恒巍 . 静态贝叶斯博弈主动防御策略选取方法 [J ] . 西安电子科技大学学报 , 2016 , 43 ( 1 ): 163 - 169 .

YU D K , WANG J D , ZHANG H W . Active defense strategy selection based on static Bayesian game [J ] . Journal of Xidian University , 2016 , 43 ( 1 ): 163 - 169 .

石乐义 , 赵俊楠 , 李芹 , 等 . 基于信令博弈的网络诱骗防御策略分析与仿真 [J ] . 系统仿真学报 , 2016 , 28 ( 2 ): 348 - 353 .

SHI L Y , ZHAO J N , LI Q , et al . Signaling game analysis and simulation on network decoy defense strategies [J ] . Chinese Journal of System Simulation , 2016 , 28 ( 2 ): 348 - 353 .

林闯 , 王元卓 , 汪洋 . 基于随机博弈模型的网络安全分析与评价 [M ] . 北京 : 清华大学出版社 , 2014 .

LIN C , WANG Y Z , WANG Y . Analysis and evaluation for network security based on stochastic game model [M ] . Beijing : Tsinghua University PressPress , 2014 .

LIU F M , DING Y S . Dynamics analysis of stochastic game based trust computing for networks [J ] . Application Research of Computers , 2016 , 33 ( 2 ): 460 - 463 .

SUN W , KONG X W , HE D Q , et al . Research on attack and deference in information security based on stochastic game [J ] . ACM Information security Science and technology , 2016 , 27 ( 9 ): 1408 - 1412 .

GORDON L , LOEB M , LUCYSHYN W , et al . 2016 CSI/FBI computer crime and security survey [C ] // The 2016 Computer Security Institute . 2016 : 48 - 66 .

浏览量

967

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于不完全信息随机博弈与Q-learning的防御决策方法