基于Markov时间博弈的移动目标防御最优策略选取方法

谭晶磊; 张恒巍; 张红旗; 金辉; 雷程

doi:10.11959/j.issn.1000-436x.2020003

您当前的位置：

首页 >

文章列表页 >

基于Markov时间博弈的移动目标防御最优策略选取方法

学术论文 | 更新时间：2024-06-05

- 基于Markov时间博弈的移动目标防御最优策略选取方法
- Optimal strategy selection approach of moving target defense based on Markov time game
- 通信学报 2020年41卷第1期页码：42-52
- 作者机构：
  
  1. 信息工程大学三院，河南郑州 450001
  2. 河南省信息安全重点实验室，河南郑州 450001
- 作者简介：
  
  [ "谭晶磊（1994- ），男，山东章丘人，信息工程大学博士生，主要研究方向为网络信息安全、移动目标防御、攻防博弈对抗等" ]
  [ "张恒巍（1978- ），男，河南洛阳人，博士，信息工程大学副教授，主要研究方向为网络安全与攻防对抗、信息安全风险评估" ]
  [ "张红旗（1962- ），男，河北遵化人，博士，信息工程大学教授、博士生导师，主要研究方向为网络安全、移动目标防御、等级保护和信息安全管理等" ]
  [ "金辉（1988- ），男，北京人，信息工程大学硕士生，主要研究方向为网络信息安全等" ]
  [ "雷程（1989- ），男，北京人，信息工程大学博士生，主要研究方向为网络信息安全、移动目标防御、数据安全交换和网络流指纹等" ]
- 基金信息：
  
  国家重点研发计划基金资助项目(2016YFF0204002);国家重点研发计划课题基金资助项目(2016YFF0204003);国家自然科学基金资助项目(61902427)
- DOI：10.11959/j.issn.1000-436x.2020003
  中图分类号： TN918.1
- 网络出版日期：2020-01，
  
  纸质出版日期：2020-01-25
- 稿件说明：
移动端阅览
谭晶磊, 张恒巍, 张红旗, 等. 基于Markov时间博弈的移动目标防御最优策略选取方法[J]. 通信学报, 2020,41(1):42-52.

Jinglei TAN, Hengwei ZHANG, Hongqi ZHANG, et al. Optimal strategy selection approach of moving target defense based on Markov time game[J]. Journal on communications, 2020, 41(1): 42-52.
谭晶磊, 张恒巍, 张红旗, 等. 基于Markov时间博弈的移动目标防御最优策略选取方法[J]. 通信学报, 2020,41(1):42-52. DOI： 10.11959/j.issn.1000-436x.2020003.

Jinglei TAN, Hengwei ZHANG, Hongqi ZHANG, et al. Optimal strategy selection approach of moving target defense based on Markov time game[J]. Journal on communications, 2020, 41(1): 42-52. DOI： 10.11959/j.issn.1000-436x.2020003.

摘要

针对现有博弈模型难以有效建模网络攻防对抗动态连续特性的问题，提出了一种基于 Markov 时间博弈的移动目标防御最优策略选取方法。在分析移动目标攻防对抗过程的基础上，构建了移动目标攻防策略集合，利用时间博弈刻画了单阶段移动目标防御过程的动态性，利用 Markov 决策过程描述了多阶段移动目标防御状态转化的随机性。同时，将攻防双方对资源脆弱性抽象为对攻击面控制权的交替，从而有效保证了博弈模型的通用性。在此基础上，分析并证明了均衡的存在性，设计了最优策略选取算法。最后，通过应用实例验证了所提模型的实用性和算法的有效性。

Abstract

For the problem that the existed game model was challenging to model the dynamic continuous characteristics of network attack and defense confrontation effectively

a method based on Markov time game was proposed to select the optimal strategy for moving target defense.Based on the analysis of the attack and defense confrontation process of moving targets

the set of moving target attack and defense strategies was constructed.The dynamics of the single-stage moving target defense process was described by time game.The randomness of multi-stage moving target defense state transformation was described by Markov decision process.At the same time

by abstracting the use of resource vulnerability by attack-defense participants as the alternation of the control of the attack surface

the versatility of the game model was effectively guaranteed.On this basis

the existence of equilibrium was analyzed and proved

and the optimal strategy selection algorithm was designed.Finally

the practicality of the constructed model and the effectiveness of the algorithm are verified by an application example.

关键词

Keywords

references

MITROPOULOS D , LOURIDAS P , POLYCHRONAKIS M , et al . Defending against web application attacks:approaches,challenges and implications [J ] . IEEE Transactions on Dependable and Secure Computing , 2017 :1.

ZHENG J , NAMIN A S . A survey on the moving target defense strategies:an architectural perspective [J ] . Journal of Computer Science and Technology , 2019 , 34 ( 1 ): 207 - 233 .

CAI G L , WANG B S , XING Q Q . Game theoretic analysis for the mechanism of moving target defense [J ] . Frontiers of Information Technology ＆ Electronic Engineering , 2017 , 18 ( 12 ): 2017 - 2034 .

姜伟 , 方滨兴 , 田志宏 . 基于攻防博弈模型的网络安全测评和最优主动防御 [J ] . 计算机学报 , 2013 , 32 ( 4 ): 818 - 827 .

JIANG W , FANG B X , TIAN Z H . Defense strategies selection based on attack-defense game model [J ] . Chinese Journal of Computers , 2013 , 47 ( 12 ): 818 - 827 .

林旺群 , 王慧 , 刘家红 . 基于非合作动态博弈的网络安全主动防御技术研究 [J ] . 计算机研究与发展 , 2013 , 48 ( 2 ): 306 - 316 .

LIN W Q , WANG H , LIU J H . Research on active defense technology in network security based on non-cooperative dynamic game theory [J ] . Journal of Computer Research and Development , 2013 , 48 ( 2 ): 306 - 316 .

MANADHATA P K . Game theoretic approaches to attack surface shifting [M ] . New York : SpringerPress , 2013 : 1 - 13 .

VADLAMUDI S G , SENGUPTA S , TAGUINOD M , et al . Moving target defense for web applications using Bayesian Stackelberg games [C ] // The 2016 International Conference on Autonomous Agents＆ Multiagent Systems . International Foundation for Autonomous Agents and Multiagent Systems , 2016 : 1377 - 1378 .

LEI C , ZHANG H Q , WAN L M , et al . Incomplete information Markov game theoretic approach to strategy generation for moving target defense [J ] . Computer Communications , 2018 , 116 : 184 - 199 .

MALEKI H , VALIZADEH M H , KOCH W , et al . Markov modeling of moving target defense games [J ] . Journal of Cryptology , 2016 : 47 - 83 .

JAJODIA S , GHOSH A K , SWARUP V , et al . Moving target defense:creating asymmetric uncertainty for cyber threats [J ] . Springer Ebooks , 2011 ，54.

LEI C , ZHANG H Q , WANG L M , et al . Incomplete information Markov game theoretic approach to strategy generation for moving target defense [J ] . 2018 , 116 : 184 - 199 .

ZHENG J J , NAMIN A S . A survey on the moving target defense strategies:an architectural perspective [J ] . Journal of Computer Science and Technology , 2019 , 34 ( 1 ): 207 - 233 .

谭晶磊 , 张红旗 , 雷程 , 等 . 面向SDN的移动目标防御技术研究进展 [J ] . 网络与信息安全学报 , 2018 , 4 ( 7 ): 1 - 12 .

TAN J L , ZHANG H Q , LEI C , et al . Research progress on moving target defense for SDN [J ] . Chinese Journal of Network and Information Security , 2018 , 4 ( 7 ): 1 - 12 .

DIJK M V , ARI JUELS , ALINA OPREA , et al . FlipIt:the game of“stealthy takeover” [J ] . Journal of Cryptology , 2013 , 26 ( 4 ): 655 - 713 .

ZHENG J , SIAMI NAMIN A . A Markov decision process to determine optimal policies in moving target [C ] // The 2018 ACM SIGSAC Conference on Computer and Communications Security . ACM , 2018 : 2321 - 2323 .

刘江 , 张红旗 , 刘艺 . 基于不完全信息动态博弈的动态目标防御最优策略选取研究 [J ] . 电子学报 , 2018 , 46 ( 1 ): 82 - 89 .

LIU J , ZHANG H Q , LIU Y . Research on optimal selection of moving target defense policy based on dynamic game with incomplete information [J ] . Acta Electronica Sinica , 2018 , 46 ( 1 ): 82 - 89 .

LEI C , MA D H , ZHANG H Q . Optimal strategy selection for moving target defense based on Markov game [J ] . IEEE Access , 2017 ,PP( 99 ):1.

BORKOVSKY R N , DORASZELSKI U , KRYUKOV Y . A user’ s guide to solving dynamic stochastic games using the homotopy method [J ] . Operation Research , 2015 , 58 ( 4 ): 1116 - 1132 .

CHEN M , SAAD W , YIN C . Virtual reality over wireless networks:quality-of-service model and learning-based resource management [J ] . IEEE Transactions on Communications , 2018 , 66 ( 11 ): 5621 - 5635 .

NILIM A , GHAOUI L E . Robust control of Markov decision processes with uncertain transition matrices [J ] . Operations Research , 2016 , 53 ( 5 ): 780 - 798 .

SULEIMAN R . On gamesmen and fair men:explaining fairness in non-cooperative bargaining games [J ] . Royal Society Open Science , 2018 , 5 ( 2 ):171709.

MANADHATA P K . Game theoretic approaches to attack surface shifting [M ] . New York : SpringerPress , 2013 : 1 - 13 .

CLARK A , SUN K , BUSHNELL L , et al . A game-theoretic approach to IP address randomization in decoy-based cyber defense [C ] // International Conference on Decision and Game Theory for Security . Springer , 2015 : 3 - 21 .

浏览量

591

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于深度确定性策略梯度的随机路由防御方法

基于DPDK的内网动态网关关键技术设计

基于信号博弈的移动目标防御最优策略选取方法

基于POF的网络窃听攻击移动目标防御方法

基于OpenFlow的网络层移动目标防御方案