拟态防御马尔可夫博弈模型及防御策略选择

张兴明; 顾泽宇; 魏帅; 沈剑良

doi:10.11959/j.issn.1000-436x.2018223

您当前的位置：

首页 >

文章列表页 >

拟态防御马尔可夫博弈模型及防御策略选择

学术通信 | 更新时间：2024-06-05

- 拟态防御马尔可夫博弈模型及防御策略选择
- Markov game modeling of mimic defense and defense strategy determination
- 通信学报 2018年39卷第10期页码：143-154
- 作者机构：
  
  国家数字交换系统工程技术研究中心，河南郑州 450002
- 作者简介：
  
  [ "张兴明（1963-），男，河南新乡人，国家数字交换系统工程技术研究中心教授，主要研究方向为拟态安全、高性能计算等。" ]
  [ "顾泽宇（1993-），男，辽宁沈阳人，国家数字交换系统工程技术研究中心硕士生，主要研究方向为网络主动防御、网络安全等。" ]
  [ "魏帅（1984-），男，河南南阳人，博士，国家数字交换系统工程技术研究中心讲师，主要研究方向为拟态安全、嵌入式计算等。" ]
  [ "沈剑良（1982-），男，浙江德清人，博士，国家数字交换系统工程技术研究中心讲师，主要研究方向为可重构计算等。" ]
- 基金信息：
  
  国家自然科学基金面上基金资助项目(61572520);国家自然科学基金创新群体基金资助项目(61521003);国家科技重大专项基金资助项目(2016ZX01012101)
- DOI：10.11959/j.issn.1000-436x.2018223
  中图分类号： TP393
- 网络出版日期：2018-10，
  
  纸质出版日期：2018-10-25
- 稿件说明：
移动端阅览
张兴明, 顾泽宇, 魏帅, 等. 拟态防御马尔可夫博弈模型及防御策略选择[J]. 通信学报, 2018,39(10):143-154.

Xingming ZHANG, Zeyu GU, Shuai WEI, et al. Markov game modeling of mimic defense and defense strategy determination[J]. Journal on communications, 2018, 39(10): 143-154.
张兴明, 顾泽宇, 魏帅, 等. 拟态防御马尔可夫博弈模型及防御策略选择[J]. 通信学报, 2018,39(10):143-154. DOI： 10.11959/j.issn.1000-436x.2018223.

Xingming ZHANG, Zeyu GU, Shuai WEI, et al. Markov game modeling of mimic defense and defense strategy determination[J]. Journal on communications, 2018, 39(10): 143-154. DOI： 10.11959/j.issn.1000-436x.2018223.

摘要

网络拟态防御通过冗余执行体动态性、多样性以及裁决反馈机制增强了主动防御顽健性，而对于其安全性评估尚缺少有效的分析模型，基于经典博弈模型无法满足于其多状态、动态性特点，不具有通用性等问题，提出拟态防御 Markov 博弈模型分析攻防状态间的转移关系以及安全可靠性度量方法，通过非线性规划算法计算攻防博弈均衡，以确定考虑防御代价的最佳防御策略。实验与多目标隐藏技术对比，结果表明拟态防御具有更高的防御效果，结合具体案例给出了针对利用系统漏洞攻击的具体攻防路径，验证了防御策略算法有效性。

Abstract

Network mimic defense technology enhances the robustness of active defense through the redundancy

dynamic and diversity as well as the decision feedback mechanism.However

little work has been done for its security assessment and existing classic game models are not suitable for its dynamic characteristics and lack of universality.A Markov game model was proposed to analyze the transfer relationship between offensive and defensive status and the measurement method of safety and reliability of mimic defense

and calculated the offensive and defensive game equilibrium through non-linear programming algorithm to determine the best defensive strategy considering performance.Experiments give a comparison with the multi-target hiding technique and shows that the mimic defense has a higher defensive effect.Combining with the specific network case

the specific attack and defense path for the exploit of the system vulnerability is given and the effectiveness of the defense strategy algorithm is verified.

关键词

Keywords

references

SUBRAHMANIAN V S , OVELGONNE M , DUMITRAS T , et al . The global cyber-vulnerability report [M ] . Springer International Publishing , 2015 .

OKHRAVI H , HOBSON T , BIGELOW D , et al . Finding focus in the blur of moving-target techniques [J ] . IEEE Security ＆ Privacy Magazine , 2014 , 12 ( 2 ): 16 - 26 .

邬江兴 . 网络空间拟态防御研究 [J ] . 信息安全学报 , 2016 , 1 ( 4 ): 1 - 10 .

WU J X . Research on cyber mimic defense [J ] . Journal of Cyber Security , 2016 , 1 ( 4 ): 1 - 10 .

PRAKASH A , WELLMAN M P . empirical game-theoretic analysis for moving target defense [C ] // ACM Workshop on Moving Target Defense . 2015 : 57 - 65 .

ELDOSOUKY A R , SAAD W , NIYATO D . Single controller stochastic games for optimized moving target defense [C ] // ICC 2016 IEEE International Conference on Communications . 2016 : 1 - 6 .

FARHANG S , MANSHAEI M H , ESFAHANI M N , et al . A dynamic bayesian security game framework for strategic defense mechanism design [M ] // Decision and Game Theory for Security . Springer International Publishing , 2014 : 319 - 328 .

KAMBHAMPATI S , KAMBHAMPATI S , KAMBHAMPATI S , et al . Moving target defense for web applications using bayesian stackelberg games [C ] // International Conference on Autonomous Agents ＆Multiagent Systems . 2016 : 1377 - 1378 .

LEI C , MA D H , ZHANG H Q . Optimal strategy selection for moving target defense based on markov game [J ] . IEEE Access , 2017 ,PP( 99 ): 1 - 1 .

MALEKI H , VALIZADEH S , KOCH W , et al . Markov modeling of moving target defense games [C ] // ACM Workshop on Moving Target Defense . 2016 : 81 - 92 .

魏帅 , 于洪 , 顾泽宇 , 等 . 面向工控领域的拟态安全处理机架构 [J ] . 信息安全学报 , 2017 , 2 ( 1 ): 54 - 73 .

WEI S , YU H , GU Z Y , et al . Architecture of mimic security processor for industry control system [J ] . Journal of Cyber Security , 2017 , 2 ( 1 ): 54 - 73 .

仝青 , 张铮 , 张为华 , 等 . 拟态防御 Web 服务器设计与实现 [J ] . 软件学报 , 2017 , 28 ( 4 ): 883 - 897 .

TONG Q , ZHANG Z , ZHANG W H , et al . Design and implementation of mimic defense Web server [J ] . Journal of Software , 2017 , 28 ( 4 ): 883 - 897 .

马海龙 , 伊鹏 , 江逸茗 , 等 . 基于动态异构冗余机制的路由器拟态防御体系结构 [J ] . 信息安全学报 , 2017 , 2 ( 1 ): 29 - 42 .

MA H L , YI P , JIANG Y M , et al . Dynamic heterogeneous redundancy based router architecture with mimic defense [J ] . Journal of Cyber Security , 2017 , 2 ( 1 ): 29 - 42 .

CARTER K M , RIORDAN J F , OKHRAVI H . A game theoretic approach to strategy determination for dynamic platform defenses [C ] // ACM Workshop on Moving Target Defense . 2014 : 21 - 30 .

WANG H , LI F , CHEN S . Towards cost-effective moving target defense against DDoS and covert channel attacks [C ] // ACM Workshop on Moving Target Defense . 2016 : 15 - 25 .

WINTERROSE M L , CARTER K M . Strategic evolution of adversaries against temporal platform diversity active cyber defenses [C ] // Proceedings of the Agent-Directed Simulation Symposium at the Spring Simulation Multi-conference . 2014 : 68 - 76 .

DORASZELSKI U , ESCOBAR J F . A theory of regular Markov perfect equilibria in dynamic stochastic games:genericity,stability,and purification [J ] . Theoretical Economics , 2010 , 5 ( 3 ): 369 - 402 .

BORKOVSKY R N , DORASZELSKI U , KRYUKOV Y . A user’s guide to solving dynamic stochastic games using the homotopy method [J ] . Operation Research , 2010 , 58 ( 4 ): 1116 - 1132

陈小军 , 方滨兴 , 谭庆丰 , 等 . 基于概率攻击图的内部攻击意图推断算法研究 [J ] . 计算机学报 , 2014 , 37 ( 1 ): 62 - 72 .

CHEN X J , FANG B X , TAN Q F , et al . Inferring attack Intent of malicious insider based on probabilistic attack graph model [J ] . Journal of Computer , 2014 , 37 ( 1 ): 62 - 72 .

SINGH U K , JOSHI C . Quantitative security risk evaluation using cvss metrics by estimation of frequency and maturity of exploit [C ] // Proceedings of the World Congress on Engineering and Computer Science (WCECS2016) . 2016 .

姜伟 , 方滨兴 , 田志宏 , 等 . 基于攻防博弈模型的网络安全测评和最优主动防御 [J ] . 计算机学报 , 2009 , 32 ( 4 ): 817 - 827 .

JIANG W , FANG B X , TIAN Z H , et al . Evaluating network security and optimal active defense based on attack-defense game model [J ] . Journal of Computer , 2009 , 32 ( 4 ): 817 - 827 .

浏览量

1193

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

暂无数据