基于信号博弈的移动目标防御最优策略选取方法

蒋侣; 张恒巍; 王晋东

doi:10.11959/j.issn.1000-436x.2019125

您当前的位置：

首页 >

文章列表页 >

基于信号博弈的移动目标防御最优策略选取方法

学术论文 | 更新时间：2024-06-05

- 基于信号博弈的移动目标防御最优策略选取方法
- Optimal strategy selection method for moving target defense based on signaling game
- 通信学报 2019年40卷第6期页码：128-137
- 作者机构：
  
  1. 战略支援部队信息工程大学三院，河南郑州 450001
  2. 信息保障技术重点实验室，北京 100093
- 作者简介：
  
  [ "蒋侣（1995- ），男，四川广安人，战略支援部队信息工程大学博士生，主要研究方向为移动目标防御、网络安全与攻防对抗。" ]
  [ "张恒巍（1978- ），男，河南洛阳人，博士，战略支援部队信息工程大学副教授，主要研究方向为网络安全与攻防对抗、信息安全风险评估。" ]
  [ "王晋东（1966- ），男，山西洪桐人，战略支援部队信息工程大学教授，主要研究方向为网络与信息安全、云资源管理。" ]
- 基金信息：
  
  国家自然科学基金创新群体基金资助项目(61521003);国家自然科学基金资助项目(61572517);河南省科技攻关计划基金资助项目(182102210144)
- DOI：10.11959/j.issn.1000-436x.2019125
  中图分类号： TP309
- 网络出版日期：2019-06，
  
  纸质出版日期：2019-06-25
- 稿件说明：
移动端阅览
蒋侣, 张恒巍, 王晋东. 基于信号博弈的移动目标防御最优策略选取方法[J]. 通信学报, 2019,40(6):128-137.

Lyu JIANG, Hengwei ZHANG, Jindong WANG. Optimal strategy selection method for moving target defense based on signaling game[J]. Journal on communications, 2019, 40(6): 128-137.
蒋侣, 张恒巍, 王晋东. 基于信号博弈的移动目标防御最优策略选取方法[J]. 通信学报, 2019,40(6):128-137. DOI： 10.11959/j.issn.1000-436x.2019125.

Lyu JIANG, Hengwei ZHANG, Jindong WANG. Optimal strategy selection method for moving target defense based on signaling game[J]. Journal on communications, 2019, 40(6): 128-137. DOI： 10.11959/j.issn.1000-436x.2019125.

摘要

针对移动目标防御最优策略选取问题，从攻击面转换（ASS）和探测面扩展（ESE）的角度形式化来定义防御策略，阐释了防御原理；采用动态对抗和有限信息的视角对网络攻防行为进行研究，在分析攻防博弈类型和攻防过程的基础上，构建了基于信号博弈的移动目标防御模型；改进了攻防策略量化计算方法，提出了精炼贝叶斯均衡求解算法，并通过对博弈均衡的分析设计了最优防御策略选取算法。仿真实验验证了所提模型和方法的有效性。

Abstract

To solve the problem of the optimal strategy selection for moving target defense

the defense strategy was defined formally

the defense principle from the perspective of attack surface shifting and exploration surface enlarging was taken into account.Then

network attack-defense behaviors were analyzed from the sight of dynamic confrontation and bounded information.According to the analysis of attack-defense game types and confrontation process

the moving target defense model based on signaling game was constructed.Meanwhile

the method to quantify strategies was improved and the solution of perfect Bayesian equilibrium was proposed.Furthermore

the optimal defense strategy selection algorithm was designed by the equilibrium analysis.Finally

the simulation demonstrates the effectiveness and feasibility of the proposed optimal strategy and selection method.

关键词

Keywords

references

方滨兴 . 从层次角度看网络空间安全技术的覆盖领域 [J ] . 网络与信息安全学报 , 2015 , 1 ( 1 ): 1 - 6 .

FANG B X . A hierarchy model on the research fields of cyberspace security technology [J ] . Chinese Journal of Network and Information Security , 2015 , 1 ( 1 ): 1 - 6 .

JAJODIA S , GHOSH A K , SWARUP V , et al . Moving target defense:creating asymmetric uncertainty for cyber threats [M ] . Berlin : Springer Science Business MediaPress , 2011 .

蔡桂林 , 王宝生 , 王天佐 , 等 . 移动目标防御技术研究进展 [J ] . 计算机研究与发展 , 2016 , 53 ( 5 ): 968 - 987 .

CAI G L , WANG B S , WANG T Z , et al . Research on development of moving target defense technology [J ] . Journal of Computer Research and Development , 2016 , 53 ( 5 ): 968 - 987 .

刘效武 , 王慧强 , 吕宏武 , 等 . 网络安全态势认知融合感控模型 [J ] . 软件学报 , 2016 , 27 ( 8 ): 2099 - 2114 .

LIU X W , WANG H Q , LV H W , et al . Fusion-based cognitive awareness-control model for network security situation [J ] . Journal of Software , 2016 , 27 ( 8 ): 2099 - 2114 .

朱建明 , 王秦 . 基于博弈论的网络空间安全若干问题分析 [J ] . 网络与信息安全学报 , 2015 , 1 ( 1 ): 43 - 49 .

ZHU J M , WANG Q . Analysis of cyberspace security based on game theory [J ] . Chinese Journal of Network and Information Security , 2015 , 1 ( 1 ): 43 - 49 .

MANADHATA P K . Game theoretic approaches to attack surface shifting [J ] . ACM Transactions on Information and System Security , 2017 , 23 ( 2 ): 145 - 153 .

CARTER K M , RIORDAN J F , OKHRAVI H . A game theoretic approach to strategy determination for dynamic platform defenses [C ] // ACM Workshop on Moving Target Defense . ACM , 2017 : 21 - 30 .

VADLAMUDI S G , SENGUPTA S , KAMBHAMPATI S , et al . Moving target defense for Web applications using Bayesian Stackelberg games [J ] . Adaptive Agents and Multi-Agents Systems , 2016 : 1377 - 1378 .

FILLER T , JUDAS J , FRIDRICH J . Signaling game model:DDoS defense analysis [J ] . Journal of Security Engineering , 2016 , 39 ( 3 ): 414 - 417 .

张恒巍 , 余定坤 , 韩继红 , 等 . 信号博弈网络安全威胁评估方法 [J ] . 西安电子科技大学学报 , 2016 , 43 ( 3 ): 137 - 143 .

ZHANG H W , YU D K , HAN J H , et al . Network security threat assessment based on the signaling game [J ] . Journal of Xidian University , 2016 , 43 ( 3 ): 137 - 143 .

张恒巍 , 余定坤 , 韩继红 , 等 . 基于攻防信号博弈模型的防御策略选取方法 [J ] . 通信学报 , 2016 , 37 ( 5 ): 51 - 61 .

ZHANG H W , YU D K , HAN J H , et al . Defense policies selection method based on attack-defense signaling game model [J ] . Journal on Communications , 2016 , 37 ( 5 ): 51 - 61 .

OKHRAVI H , COMELLA A , ROBINSON E , et al . Creating a cyber moving target for critical infrastructure applications using platform diversity [J ] . International Journal of Critical Infrastructure Protection , 2014 , 5 ( 1 ): 30 - 39 .

BENZEL T . A strategic plan for cyber security research and development [J ] . IEEE Security ＆ Privacy , 2015 , 13 ( 4 ): 3 - 5 .

FENG X , ZHENG Z , CANSEVER D . A signaling game model for moving target defense [C ] // 2017 IEEE Conference on Computer Communications . IEEE , 2017 : 1 - 9 .

LEI C , ZHANG H Q , WAN L M , et al . Incomplete information Markov game theoretic approach to strategy generation for moving target defense [J ] . Computer Communications , 2018 , 116 : 184 - 199 .

HUANG S R , ZHANG H W , WANG J , et al . Markov differential game for network defense decision-making method [J ] . IEEE Access , 2018 : 39621 - 39634 .

刘江 , 张红旗 , 刘艺 . 基于不完全信息动态博弈的动态目标防御最优策略选取研究 [J ] . 电子学报 , 2018 , 46 ( 1 ): 82 - 89 .

LIU J , ZHANG H Q , LIU Y . Research on optimal selection of moving target defense policy based on dynamic game with incomplete information [J ] . Acta Electronica Sinica , 2018 , 46 ( 1 ): 82 - 89 .

GORDON L , LOEB M , LUCYSHYN W , et al . Computer crime and security survey [C ] // 2014 Computer Security Institute . 2014 : 11 - 34 .

MANADHATA P K , WING J M . An attack surface metric [J ] . IEEE Transactions on Software Engineering , 2011 , 37 ( 3 ): 371 - 386 .

LIN J Q , LIU P , JING J W . Using signaling games to model the multi-step attack-defense scenarios on confidentiality [J ] . Security Lecture Notes in Computer Science , 2017 , 39 ( 6 ): 118 - 137 .

MALEKI H , VALIZADEH S , KOCH W , et al . Markov modeling of moving target defense games [C ] // ACM Workshop on Moving Target Defense . ACM , 2018 : 104 - 110 .

ZHUANG R , BARDAS A G , DELOACH S A , et al . A theory of cyber attacks:a step towards analyzing MTD systems [C ] // ACM Workshop on Moving Target Defense . ACM , 2017 : 211 - 220 .

GAO X , ZHU Y F . Defense mechanism analysis based on signaling game model [C ] // International Conference on Intelligent Human-Machine Systems and Cybernetics . IEEE , 2016 : 414 - 417 .

FUDENBERG D , TIROLE J . Game theory [M ] . Boston : Massachusetts Institute of Technology PressPress , 2012 .

ZHU Q,BAŞAR T , . Game-theoretic approach to feedback-driven multi-stage moving target defense [C ] // Decision and Game Theory for Security . Springer International Publishing , 2013 : 246 - 263 .

浏览量

1049

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于改进马尔可夫链的高效域名生成算法

基于信誉的域间路由选择机制的研究与实现

基于空间感知的多级损失目标跟踪对抗攻击方法

基于威胁情报的网络安全态势感知模型

基于深度确定性策略梯度的随机路由防御方法