基于动态伪装网络的主动欺骗防御方法

王硕; 王建华; 裴庆祺; 汤光明; 王洋; 刘小虎

doi:10.11959/j.issn.1000-436x.2020026

您当前的位置：

首页 >

文章列表页 >

基于动态伪装网络的主动欺骗防御方法

学术论文 | 更新时间：2024-06-05

- 基于动态伪装网络的主动欺骗防御方法
- Active deception defense method based on dynamic camouflage network
- 通信学报 2020年41卷第2期页码：97-111
- 作者机构：
  
  1. 信息工程大学密码工程学院，河南郑州 450001
  2. 西安电子科技大学综合业务网理论及关键技术国家重点实验室，陕西西安 710071
  3. 西安电子科技大学陕西省区块链与安全计算重点实验室，陕西西安 710071
- 作者简介：
  
  [ "王硕（1991- ），男，河南南阳人，信息工程大学博士生，主要研究方向为网络与信息安全、机器学习" ]
  [ "王建华（1962- ），男，北京人，博士，信息工程大学教授、博士生导师，主要研究方向为密码学、信息安全管理、计算机网络" ]
  [ "裴庆祺（1975- ），男，广西玉林人，博士，西安电子科技大学教授、博士生导师，主要研究方向为无线网络安全、区块链安全技术" ]
  [ "汤光明（1963- ），女，湖南常德人，博士，信息工程大学教授、博士生导师，主要研究方向为网络与信息安全、信息安全管理、信息隐藏" ]
  [ "王洋（1985- ），女，陕西西安人，信息工程大学博士生，主要研究方向为网络与信息安全" ]
  [ "刘小虎（1989- ），男，河南太康人，信息工程大学讲师，主要研究方向为网络与信息安全、移动目标防御" ]
- 基金信息：
  
  国家自然科学基金资助项目(U1636209)
- DOI：10.11959/j.issn.1000-436x.2020026
  中图分类号： TP393.8
- 网络出版日期：2020-02，
  
  纸质出版日期：2020-02-25
- 稿件说明：
移动端阅览
王硕, 王建华, 裴庆祺, 等. 基于动态伪装网络的主动欺骗防御方法[J]. 通信学报, 2020,41(2):97-111.

Shuo WANG, Jianhua WANG, Qingqi PEI, et al. Active deception defense method based on dynamic camouflage network[J]. Journal on communications, 2020, 41(2): 97-111.
王硕, 王建华, 裴庆祺, 等. 基于动态伪装网络的主动欺骗防御方法[J]. 通信学报, 2020,41(2):97-111. DOI： 10.11959/j.issn.1000-436x.2020026.

Shuo WANG, Jianhua WANG, Qingqi PEI, et al. Active deception defense method based on dynamic camouflage network[J]. Journal on communications, 2020, 41(2): 97-111. DOI： 10.11959/j.issn.1000-436x.2020026.

摘要

针对现有蜜罐易被攻击者识破而导致其抵御渗透攻击时经常失效的问题，提出一种基于动态伪装网络的主动欺骗防御方法。首先，给出动态伪装网络定义并描述基于动态伴随网络的主动欺骗攻防场景；然后，在分析攻防交互过程的基础上，构建信号博弈模型来指导最优欺骗策略选取；进一步，设计基于双层威胁渗透图的攻防策略收益量化方法；最后，提出一种统一纯策略与混策略的博弈均衡求解方法。实验结果表明，基于动态伪装网络，精炼贝叶斯均衡能够为防御者实施最优防御策略提供有效指导，实现防御者收益最大化。此外，还总结了利用动态伪装网络进行主动欺骗防御的特点与规律。

Abstract

In view of the problem that the existing honeypots often fail to resist the penetration attack due to the lack of confidentiality

an active deception defense method based on dynamic camouflage network (DCN) was presented.The definition of DCN was given firstly

and then the attacker-defender scenario of active deception based on DCN was described.Next

the interaction process of the attacker-defender scenario was modeled by using a signaling game

whose equilibrium can guide the selection of optimal deception strategy.Furthermore

to quantify the payoffs accurately

the two-layer threat penetration graph (TLTPG) was introduced.Finally

the solution for game equilibrium was designed

through which pure strategy and mixed strategy could be calculated simultaneously.The experimental results show that

based on the dynamic camouflage network

the perfect Bayesian equilibrium can provide effective guidance for the defender to implement the optimal defense strategy and maximize the benefits of the defender.In addition

the characteristics and rules of active deception defense DCN-based are summarized.

关键词

Keywords

references

国家计算机网络应急技术处理协调中心 . 2018 年中国互联网络网络安全报告 [M ] . 北京 : 人民邮电出版社 , 2019 .

National Internet Emergency Center . 2018 Annual report of Chinese Internet security [M ] . Beijing : Posts and Telecom PressPress , 2019 .

贾召鹏 , 方滨兴 , 刘潮歌 , 等 . 网络欺骗技术综述 [J ] . 通信学报 , 2017 , 38 ( 12 ): 128 - 143 .

JIA Z P , FANG B X , LIU C G , et al . Survey on cyber deception [J ] . Journal on Communications , 2017 , 38 ( 12 ): 128 - 143 .

胡永进 , 马骏 , 郭渊博 . 基于博弈论的网络欺骗研究 [J ] . 通信学报 , 2018 , 39 ( Z2 ): 13 - 22 .

HU Y J , MA J , GUO Y B . Research on cyber deception based on game theory [J ] . Journal on Communications , 2018 , 39 ( Z2 ): 13 - 22 .

WANG C , LU Z . Cyber deception:overview and the road ahead [J ] . IEEE Security ＆ Privacy , 2018 , 16 ( 2 ): 80 - 85 .

JAJODIA S , GHOSH A K , SWARUP V , et al . Moving target defense:creating asymmetric uncertainty for cyber threats [M ] . Berlin : SpringerPress , 2011 .

ZHUANG R , DELOACH S A , OU X . Toward a theory of moving target defense [C ] // The 2014 ACM Workshop on Moving Target Defense (MTD) . ACM , 2014 : 31 - 44 .

JAJODIA S , SUBRAHMANLAN V S , WANG C . Cyber deception:building the scientific foundation [M ] . Berlin : SpringerPress , 2016 .

PROVOS N , . A virtual honeypot framework [C ] // The 13th USENIX Security Symp . USENIX Association , 2004 : 1 - 14 .

PA Y M P , SUZUKI S , YOSHIOKA K , et al . IoTPOT:analysing the rise of IoT compromises [C ] // The 9th USENIX Conference on Offensive Technologies . USENIX Association , 2015 : 9 - 17 .

FRUNHOLZ D , SCHOTTEN H D . Defending web servers with feints,distraction and obfuscation [C ] // The International Conference on Computer Network and Communications(ICNC) . IEEE , 2018 : 21 - 25 .

AHMED H M , HASSAN N F , FAHAD A A . Designing a smartphone honeypot system using performance counters [J ] . Karbala International Journal of Modern Science , 2017 , 3 ( 1 ): 46 - 52 .

YEHUDA R B , KEVORKIAN D , ZAMIR G L , et al . Virtual USB honeypot [C ] // 12th ACM International Conference on Systems and Storage . ACM , 2019 :181.

JICHA A , PATTON M , CHEN H . SCADA honeypots:an in-depth analysis of Conpot [C ] // IEEE International Conference on Intelligence＆ Security Informatics . IEEE , 2016 : 196 - 198 .

JUELS A , RIVEST R L . Honeywords:making password-cracking detectable [C ] // ACM Sigsac Conference on Computer ＆ Communications Security . ACM , 2013 : 145 - 160 .

ARAUJO F , HAMLEN K W , BIEDERMANN S , et al . From patches to honey-patches:lightweight attacker misdirection,deception,and disinformation [C ] // ACM Sigsac Conference on Computer ＆ Communications Security . ACM , 2014 : 942 - 953 .

CONROY N J , RUBIN V L , CHEN Y . Automatic deception detection:methods for finding fake news [C ] // ASIST . Wiley Online Library , 2015 : 1 - 4 .

LEE K , CAVERLEE J , WEBB S . The social honeypot project:protecting online communities from spammers [C ] // The 19th International Conference on World Wide Web . ACM , 2010 : 1139 - 1140 .

LAZAROV M , ONAOLAPO J , STRINGHINI G . Honey sheets:what happens to leaked google spreadsheets? [C ] // 9th USENIX Workshop on Cyber Security Experimentation and Test . USENIX Association , 2016 : 1 - 8 .

YOON J W , KIM H , JO H J , et al . Visual honey encryption:application to steganography [C ] // 3rd ACM Workshop on Information Hiding and Multimedia Security . ACM , 2015 : 65 - 74 .

OMOLARA A E , JANTAN A , ABIODUN O S , et al . A deception model robust to eavesdropping over communication for social network systems [J ] . IEEE Access , 2019 , 7 ( 8 ): 100881 - 10898 .

CLARK A , SUN K , POOVENDRAN R . Effectiveness of IP address randomization in decoy-based moving target defense [C ] // 52nd IEEE Conference on Decision and Control . IEEE , 2013 : 678 - 685 .

SUN J , SUN K . DESIR:decoy-enhanced seamless IP randomization [C ] // IEEE International Conference on Computer Communications(INFOCOM) . IEEE , 2016 : 1 - 9 .

SUN J , SUN K , LI Q . CyberMoat:camouflaging critical server infrastructures with large scale decoy farms [C ] // IEEE Conference on Communincations and Network Security (CNS) . IEEE , 2017 : 1 - 9 .

VENKATESAN S , ALBANESE M , SHAH A , et al . Detecting stealthy botnets in a resource-constrained environment using reinforcement learning [C ] // 4th ACM Workshop on Moving Target Defense(MTD) . ACM , 2017 : 75 - 85 .

石乐义 , 李婕 , 刘昕 , 等 . 基于动态阵列蜜罐的协同网络防御策略研究 [J ] . 通信学报 , 2012 , 33 ( 11 ): 159 - 164 .

SHI L Y , LI J , LIU X , et al . Research on dynamic array honeypot for collaborative network defense strategy [J ] . Journal on Comunications , 2012 , 33 ( 11 ): 159 - 164 .

CHEN X Y , LIU X T , ZHANG L , et al . Optimal defense strategy selection for spear-phishing attack based on a multistate signaling game [J ] . IEEE Access , 2019 , 7 ( 2 ): 19907 - 19921 .

CARROLL T E , GROSU D . A game theoretic investigation of deception in network security [J ] . Security ＆ Communication Networks , 2011 , 4 ( 10 ): 1162 - 1172 .

FENG X T , ZHENG Z Z , CANSEVER D , et al . A signaling game model for moving target defense [C ] // IEEE International Conference on Computer Communications(INFOCOM) . IEEE , 2017 : 1 - 9 .

蒋侣 , 张恒巍 , 王晋东 . 基于信号博弈的移动目标防御最优策略选取方法 [J ] . 通信学报 , 2019 , 40 ( 6 ): 128 - 137 .

JIANG L , ZHANG H W , WANG J D . Optimal strategy selection method for moving target defense based on signaling game [J ] . Journal on Communications , 2019 , 40 ( 6 ): 128 - 137 .

JAJODIA S , PARK N,SERRA , et al . SHARE:a stackelberg honey-based adversarial reasoning engine [J ] . ACM Transactions on Internet Technology , 2018 , 18 ( 3 ): 1 - 41 .

王硕 , 王建华 , 汤光明 , 等 . 一种智能高效的最优渗透路径生成方法 [J ] . 计算机研究与发展 , 2019 , 56 ( 5 ): 929 - 941 .

WANG S , WANG J H , TANG G M , et al . Intelligent and efficient method for optimal penetration path generation [J ] . Journal of Computer Research and Development , 2019 , 56 ( 5 ): 929 - 941 .

NASH J F . Equilibrium points in n-person games [J ] . National Academy of Sciences , 1950 , 36 ( 1 ): 48 - 49 .

浏览量

779

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

暂无数据