基于多阶段网络欺骗博弈的主动防御研究

胡永进; 马骏; 郭渊博; 张晗

doi:10.11959/j.issn.1000-436x.2020112

您当前的位置：

首页 >

文章列表页 >

基于多阶段网络欺骗博弈的主动防御研究

学术论文 | 更新时间：2024-06-05

- 基于多阶段网络欺骗博弈的主动防御研究
- Research on active defense based on multi-stage cyber deception game
- 通信学报 2020年41卷第8期页码：32-42
- 作者机构：
  
  1. 信息工程大学密码工程学院，河南郑州 450001
  2. 郑州大学软件学院，河南郑州 450001
- 作者简介：
  
  [ "胡永进（1981– ），男，山东潍坊人，信息工程大学讲师、博士生，主要研究方向为主动防御和态势感知" ]
  [ "马骏（1981– ），男，山西阳泉人，博士，信息工程大学副教授，主要研究方向为态势感知与威胁发现" ]
  [ "郭渊博（1975– ），男，陕西周至人，博士，信息工程大学教授、博士生导师，主要研究方向为大数据安全和态势感知" ]
  [ "张晗（1985– ），女，河南项城人，信息工程大学博士生，主要研究方向为自然语言处理和信息安全" ]
- 基金信息：
  
  信息保障技术重点实验室开放基金资助项目(KJ-15-108)
- DOI：10.11959/j.issn.1000-436x.2020112
  中图分类号： TP393
- 网络出版日期：2020-08，
  
  纸质出版日期：2020-08-25
- 稿件说明：
移动端阅览
胡永进, 马骏, 郭渊博, 等. 基于多阶段网络欺骗博弈的主动防御研究[J]. 通信学报, 2020,41(8):32-42.

Yongjin HU, Jun MA, Yuanbo GUO, et al. Research on active defense based on multi-stage cyber deception game[J]. Journal on communications, 2020, 41(8): 32-42.
胡永进, 马骏, 郭渊博, 等. 基于多阶段网络欺骗博弈的主动防御研究[J]. 通信学报, 2020,41(8):32-42. DOI： 10.11959/j.issn.1000-436x.2020112.

Yongjin HU, Jun MA, Yuanbo GUO, et al. Research on active defense based on multi-stage cyber deception game[J]. Journal on communications, 2020, 41(8): 32-42. DOI： 10.11959/j.issn.1000-436x.2020112.

摘要

针对网络攻击者需要依赖探测到的信息决定下一步动作这一特点，将非合作信号博弈理论应用于网络攻防分析。通过构建多阶段网络欺骗博弈模型，对网络攻防过程中存在的信号欺骗机制进行深入研究，充分考虑网络欺骗信号衰减作用，实现多阶段网络攻防对抗的动态分析推演。基于攻防分析改进了多阶段网络欺骗博弈均衡求解方法，并设计出最优网络欺骗防御策略选取算法。仿真实验验证了所提模型和方法的有效性，根据实验结果对多阶段网络欺骗博弈存在的规律进行了分析总结，能够为网络安全主动防御研究提供有效指导。

Abstract

In view of the characteristic that attacker depended on the detected information to decide the next actions

the non-cooperative signal game theory was applied to analyze cyber attack and defense.The signal deception mechanism in the process of cyber attack and defense was considered deeply by constructing a multi-stage cyber deception game model

and the dynamic analysis and deduction of the multi-stage cyber attack and defense was realized by considering the attenuation of cyber deception signals.A solution for multi-stage cyber deception game equilibrium was improved based on analysis of cyber attack and defense

and an optimal algorithm for selecting cyber deception defense strategies was designed.The effectiveness of the model is verified by simulations.The rules of multi-stage cyber deception games are summarized based on the results

which can provide effective guidance for the research on cyber active defense.

关键词

Keywords

references

方滨兴 . 从层次角度看网络空间安全技术的覆盖领域 [J ] . 网络与信息安全学报 , 2015 , 1 ( 1 ): 1 - 6 .

FANG B X . A hierarchy model on the research fields of cyberspace security technology [J ] . Chinese Journal of Network and Information Security , 2015 , 1 ( 1 ): 1 - 6 .

GORDON L , LOEB M . Budgeting process for information security expenditures [J ] . Communications of the ACM , 2018 , 49 ( 9 ): 121 - 125 .

ANDERSON R , . Why information security is hard:an economic perspective [C ] // Proceedings of 17th Annual Computer Security Application Conference . Piscataway:IEEE Press , 2019 : 39 - 40 .

ESTEE W , JAN E . Identity deception detection:requirements and a model [J ] . Information ＆ Computer Security , 2019 , 27 ( 4 ): 562 - 574 .

BASUS S , WONG J . A taxonomy of intrusion response systems [J ] . International Journal of Information and Computer Security , 2019 , 1 ( 1/2 ): 169 - 184 .

王增光 , 卢昱 , 李玺 . 基于攻防博弈的军事信息网络安全风险评估 [J ] . 军事运筹与系统工程 , 2019 , 33 ( 2 ): 35 - 40 .

WANG Z G , LU Y , LI X . Risk evaluation of military information network security based on offensive and defensive games [J ] . Military Operations Research and Systems Engineering , 2019 , 33 ( 2 ): 35 - 40 .

朱建明 , 王秦 . 基于博弈论的网络空间安全若干问题分析 [J ] . 网络与信息安全学报 , 2015 , 1 ( 1 ): 43 - 49 .

ZHU J M , WANG Q . Analysis of cyberspace security based on game theory [J ] . Chinese Journal of Network and Information Security , 2015 , 1 ( 1 ): 43 - 49 .

JAJODIA S , SUBRAHMANLAN V S , SWARUP V , et al . Cyber deception [M ] . Berlin : SpringerPress , 2016 .

PANG Z H , LIU G P , ZHOU D H , et al . Secure Networked control under deception attacks [M ] . Berlin : SpringerPress , 2019 : 147 - 163 .

张恒巍 , 余定坤 , 韩继红 , 等 . 基于攻防信号博弈模型的防御策略选取方法 [J ] . 通信学报 , 2016 , 37 ( 5 ): 51 - 61 .

ZHANG H W , YU D K , HAN J H , et al . Defense policies selection method based on attack-defense signaling game model [J ] . Journal on Communications , 2016 , 37 ( 5 ): 51 - 61 .

吴昊 , 范九伦 , 赖成喆 , 等 . 基于攻防博弈和蒙特卡洛模拟的网站防御策略选取方法 [J ] . 通信学报 , 2018 , 39 ( 8 ): 48 - 55 .

WU H , FAN J L , LAI C Z , et al . Website defense strategy selection method based on attack-defense game and Monte Carlo simulation [J ] . Journal on Communications , 2018 , 39 ( 8 ): 48 - 55 .

蒋侣 , 张恒巍 , 王晋东 . 基于信号博弈的移动目标防御最优策略选取方法 [J ] . 通信学报 , 2019 , 40 ( 6 ): 128 - 137 .

JIANG L , ZHANG H W , WANG J D . Optimal strategy selection method for moving target defense based on signaling game [J ] . Journal on Communications , 2019 , 40 ( 6 ): 128 - 137 .

FORTI N , BATTISTELLI G , CHISCI L , et al . Worst-case analysis of joint attack detection and resilient state estimation [C ] // IEEE 56th Annual Conference on Decision and Control . Piscataway:IEEE Press , 2018 : 182 - 188 .

RRUSHI J L , . Phantom projector:entrapping malware on machines in production [C ] // International Conference on Malicious ＆ Unwanted Software . Piscataway:IEEE Press , 2018 : 57 - 66 .

林旺群 , 王慧 , 刘家红 . 基于非合作动态博弈的网络安全主动防御技术研究 [J ] . 计算机研究与发展 , 2017 , 48 ( 2 ): 306 - 316 .

LIN W Q , WANG H , LIU J H . Research on active defense technology in network security based on non-cooperative dynamic game theory [J ] . Journal of Computer Research and Development , 2017 , 48 ( 2 ): 306 - 316 .

王长春 , 程晓航 , 朱永文 , 等 . 计算机网络对抗行动策略的 Markov博弈模型 [J ] . 系统工程理论与实践 , 2017 , 34 ( 9 ): 2402 - 2410 .

WANG C C , CHENG X H , ZHU Y W , et al . A Markov game model of computer network operation [J ] . Systems Engineering -Theory ＆ Practice , 2017 , 34 ( 9 ): 2402 - 2410 .

贾召鹏 , 方滨兴 , 刘潮歌 , 等 . 网络欺骗技术综述 [J ] . 通信学报 , 2017 , 38 ( 12 ): 128 - 143 .

JIA S P , FANG B X , LIU C G , et al . Survey on cyber deception [J ] . Journal on Communications , 2017 , 38 ( 12 ): 128 - 143 .

LYE K W , JEANNETTE W . Markov game strategies in network security [J ] . International Journal of Information Security , 2018 , 4 ( 1 ): 71 - 86 .

HERBERT G . Game theory evolving [M ] . Boston : Princeton University PressPress , 2015 :10.

BORKOVSKY R N , DORASZELSKI U , KRYUKOV Y . A user’sguide to solving dynamic stochastic games using the homotopy method [J ] . Operation Research , 2019 , 58 ( 4 ): 1116 - 1132 .

王元卓 , 于建业 , 邱雯 . 网络群体行为的演化博弈模型与分析方法 [J ] . 计算机学报 , 2018 , 38 ( 2 ): 282 - 300 .

WANG Y Z , YU J Y , QIU W . Evolutionary game model and analysis methods for network group behavior [J ] . Chinese Journal of Computers , 2018 , 38 ( 2 ): 282 - 300 .

姜伟 , 方滨兴 , 田志宏 . 基于攻防随机博弈模型的防御策略选取研究 [J ] . 计算机研究与发展 , 2017 , 47 ( 10 ): 1714 - 1723 .

JIANG W , FANG B X , TIAN Z H . Research on defense strategies selection based on attack-defense stochastic game model [J ] . Journal of Computer Research and Development , 2017 , 47 ( 10 ): 1714 - 1723 .

中国信息安全测评中心 . 国家信息安全漏洞库 [R ] .(2019-10-18)[2020-05-26 ] .

CNITSEC . China national vulnerability database of information security [R ] .(2019-10-18)[2020-05-26 ] .

DORASZELSKI U , ESCOBAR J F . A theory of regular Markov perfect equilibria in dynamic stochastic games genericity,stability and purification [J ] . Theoretical Economics , 2019 , 5 ( 2 ): 369 - 402 .

杨峻楠 , 张红旗 , 张传富 . 基于不完全信息随机博弈的防御决策方法 [J ] . 网络与信息安全学报 , 2018 , 4 ( 8 ): 12 - 20 .

YANG J N , ZHANG H Q , ZHANG C F . Defense decision-making method based on incomplete information stochastic game [J ] . Chinese Journal of Network and Information Security , 2018 , 4 ( 8 ): 12 - 20 .

NILIM A , GHAOUI L E . Robust control of Markov decision processes with uncertain transition matrices [J ] . Operations Research , 2019 , 53 ( 5 ): 780 - 798 .

张红旗 , 杨峻楠 , 张传富 . 基于不完全信息随机博弈与 Q-learning的防御决策方法 [J ] . 通信学报 , 2018 , 39 ( 8 ): 56 - 68 .

ZHANG H Q , YANG J N , ZHANG C F . Defense decision-making method based on incomplete information stochastic game and Q-learning [J ] . Journal on Communications , 2018 , 39 ( 8 ): 56 - 68 .

浏览量

937

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于深度学习的拟态裁决方法研究

对抗智能干扰的主动防御技术

自适应的时空多样性联合调度策略设计

拟态多执行体调度算法研究进展

基于对抗样本的网络欺骗流量生成方法