Optimal strategy selection approach of moving target defense based on Markov time game

Jinglei TAN; Hengwei ZHANG; Hongqi ZHANG; Hui JIN; Cheng LEI

doi:10.11959/j.issn.1000-436x.2020003

您当前的位置：

首页 >

文章列表页 >

Optimal strategy selection approach of moving target defense based on Markov time game

Papers | 更新时间：2024-06-05

- Optimal strategy selection approach of moving target defense based on Markov time game
- Journal on Communications Vol. 41, Issue 1, Pages: 42-52(2020)
- 作者机构：
  
  1. 信息工程大学三院，河南郑州 450001
  2. 河南省信息安全重点实验室，河南郑州 450001
- 作者简介：
- 基金信息：
  
  The National Key Research and Development Program of China(2016YFF0204002);The National Key Research and Development Program of China(2016YFF0204003);The National Natural Science Foundation of China(61902427)
- DOI：10.11959/j.issn.1000-436x.2020003
  CLC： TN918.1
- Online First：2020-01，
  
  Published：25 January 2020
- 稿件说明：
移动端阅览
Jinglei TAN, Hengwei ZHANG, Hongqi ZHANG, et al. Optimal strategy selection approach of moving target defense based on Markov time game[J]. Journal on Communications, 2020, 41(1): 42-52.
DOI：

Jinglei TAN, Hengwei ZHANG, Hongqi ZHANG, et al. Optimal strategy selection approach of moving target defense based on Markov time game[J]. Journal on Communications, 2020, 41(1): 42-52. DOI： 10.11959/j.issn.1000-436x.2020003.

摘要

针对现有博弈模型难以有效建模网络攻防对抗动态连续特性的问题，提出了一种基于 Markov 时间博弈的移动目标防御最优策略选取方法。在分析移动目标攻防对抗过程的基础上，构建了移动目标攻防策略集合，利用时间博弈刻画了单阶段移动目标防御过程的动态性，利用 Markov 决策过程描述了多阶段移动目标防御状态转化的随机性。同时，将攻防双方对资源脆弱性抽象为对攻击面控制权的交替，从而有效保证了博弈模型的通用性。在此基础上，分析并证明了均衡的存在性，设计了最优策略选取算法。最后，通过应用实例验证了所提模型的实用性和算法的有效性。

Abstract

For the problem that the existed game model was challenging to model the dynamic continuous characteristics of network attack and defense confrontation effectively

a method based on Markov time game was proposed to select the optimal strategy for moving target defense.Based on the analysis of the attack and defense confrontation process of moving targets

the set of moving target attack and defense strategies was constructed.The dynamics of the single-stage moving target defense process was described by time game.The randomness of multi-stage moving target defense state transformation was described by Markov decision process.At the same time

by abstracting the use of resource vulnerability by attack-defense participants as the alternation of the control of the attack surface

the versatility of the game model was effectively guaranteed.On this basis

the existence of equilibrium was analyzed and proved

and the optimal strategy selection algorithm was designed.Finally

the practicality of the constructed model and the effectiveness of the algorithm are verified by an application example.

关键词

Keywords

references

MITROPOULOS D , LOURIDAS P , POLYCHRONAKIS M , et al . Defending against web application attacks:approaches,challenges and implications [J ] . IEEE Transactions on Dependable and Secure Computing , 2017 :1.

ZHENG J , NAMIN A S . A survey on the moving target defense strategies:an architectural perspective [J ] . Journal of Computer Science and Technology , 2019 , 34 ( 1 ): 207 - 233 .

CAI G L , WANG B S , XING Q Q . Game theoretic analysis for the mechanism of moving target defense [J ] . Frontiers of Information Technology ＆ Electronic Engineering , 2017 , 18 ( 12 ): 2017 - 2034 .

姜伟 , 方滨兴 , 田志宏 . 基于攻防博弈模型的网络安全测评和最优主动防御 [J ] . 计算机学报 , 2013 , 32 ( 4 ): 818 - 827 .

JIANG W , FANG B X , TIAN Z H . Defense strategies selection based on attack-defense game model [J ] . Chinese Journal of Computers , 2013 , 47 ( 12 ): 818 - 827 .

林旺群 , 王慧 , 刘家红 . 基于非合作动态博弈的网络安全主动防御技术研究 [J ] . 计算机研究与发展 , 2013 , 48 ( 2 ): 306 - 316 .

LIN W Q , WANG H , LIU J H . Research on active defense technology in network security based on non-cooperative dynamic game theory [J ] . Journal of Computer Research and Development , 2013 , 48 ( 2 ): 306 - 316 .

MANADHATA P K . Game theoretic approaches to attack surface shifting [M ] . New York : SpringerPress , 2013 : 1 - 13 .

VADLAMUDI S G , SENGUPTA S , TAGUINOD M , et al . Moving target defense for web applications using Bayesian Stackelberg games [C ] // The 2016 International Conference on Autonomous Agents＆ Multiagent Systems . International Foundation for Autonomous Agents and Multiagent Systems , 2016 : 1377 - 1378 .

LEI C , ZHANG H Q , WAN L M , et al . Incomplete information Markov game theoretic approach to strategy generation for moving target defense [J ] . Computer Communications , 2018 , 116 : 184 - 199 .

MALEKI H , VALIZADEH M H , KOCH W , et al . Markov modeling of moving target defense games [J ] . Journal of Cryptology , 2016 : 47 - 83 .

JAJODIA S , GHOSH A K , SWARUP V , et al . Moving target defense:creating asymmetric uncertainty for cyber threats [J ] . Springer Ebooks , 2011 ，54.

LEI C , ZHANG H Q , WANG L M , et al . Incomplete information Markov game theoretic approach to strategy generation for moving target defense [J ] . 2018 , 116 : 184 - 199 .

ZHENG J J , NAMIN A S . A survey on the moving target defense strategies:an architectural perspective [J ] . Journal of Computer Science and Technology , 2019 , 34 ( 1 ): 207 - 233 .

谭晶磊 , 张红旗 , 雷程 , 等 . 面向SDN的移动目标防御技术研究进展 [J ] . 网络与信息安全学报 , 2018 , 4 ( 7 ): 1 - 12 .

TAN J L , ZHANG H Q , LEI C , et al . Research progress on moving target defense for SDN [J ] . Chinese Journal of Network and Information Security , 2018 , 4 ( 7 ): 1 - 12 .

DIJK M V , ARI JUELS , ALINA OPREA , et al . FlipIt:the game of“stealthy takeover” [J ] . Journal of Cryptology , 2013 , 26 ( 4 ): 655 - 713 .

ZHENG J , SIAMI NAMIN A . A Markov decision process to determine optimal policies in moving target [C ] // The 2018 ACM SIGSAC Conference on Computer and Communications Security . ACM , 2018 : 2321 - 2323 .

刘江 , 张红旗 , 刘艺 . 基于不完全信息动态博弈的动态目标防御最优策略选取研究 [J ] . 电子学报 , 2018 , 46 ( 1 ): 82 - 89 .

LIU J , ZHANG H Q , LIU Y . Research on optimal selection of moving target defense policy based on dynamic game with incomplete information [J ] . Acta Electronica Sinica , 2018 , 46 ( 1 ): 82 - 89 .

LEI C , MA D H , ZHANG H Q . Optimal strategy selection for moving target defense based on Markov game [J ] . IEEE Access , 2017 ,PP( 99 ):1.

BORKOVSKY R N , DORASZELSKI U , KRYUKOV Y . A user’ s guide to solving dynamic stochastic games using the homotopy method [J ] . Operation Research , 2015 , 58 ( 4 ): 1116 - 1132 .

CHEN M , SAAD W , YIN C . Virtual reality over wireless networks:quality-of-service model and learning-based resource management [J ] . IEEE Transactions on Communications , 2018 , 66 ( 11 ): 5621 - 5635 .

NILIM A , GHAOUI L E . Robust control of Markov decision processes with uncertain transition matrices [J ] . Operations Research , 2016 , 53 ( 5 ): 780 - 798 .

SULEIMAN R . On gamesmen and fair men:explaining fairness in non-cooperative bargaining games [J ] . Royal Society Open Science , 2018 , 5 ( 2 ):171709.

MANADHATA P K . Game theoretic approaches to attack surface shifting [M ] . New York : SpringerPress , 2013 : 1 - 13 .

CLARK A , SUN K , BUSHNELL L , et al . A game-theoretic approach to IP address randomization in decoy-based cyber defense [C ] // International Conference on Decision and Game Theory for Security . Springer , 2015 : 3 - 21 .

Views

1025

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

Markov games and multi-agent reinforcement learning based decision-making method for cloud-native moving target defense

Random routing defense method based on deep deterministic policy gradient

Design of key technologies for intranet dynamic gateway based on DPDK

Optimal strategy selection method for moving target defense based on signaling game

Moving target defense against network eavesdropping attack using POF

Related Author

QI Gaoxin

TAN Jinglei

ZHANG Hengwei

GENG Zhiyuan

Yuling LIU

Hongqi ZHANG

Hao HU

Xiaoyu XU

Related Institution

School of Cryptography Engineering, Information Engineering University

Cryptography Engineering Institute, Information Engineering University

Institute of Information Engineering, Chinese Academy of Sciences

National Digital Switching System Engineering and Technological R＆D Center

The Third Institute,Strategic Support Force Information Engineering University

AI问答

⁰