[1]黄万伟,袁博,王苏南,等.基于非零和信号博弈的主动防御模型[J].郑州大学学报(工学版),2022,43(01):90-96.[doi:10.13705/j.issn.1671-6833.2021.05.010]
 HUANG Wanwei,YUAN Bo,WANG Sunan,et al.Proactive Defense Model Based on Non-Zero-Sum Signal Game[J].Journal of Zhengzhou University (Engineering Science),2022,43(01):90-96.[doi:10.13705/j.issn.1671-6833.2021.05.010]
点击复制

基于非零和信号博弈的主动防御模型()
分享到:

《郑州大学学报(工学版)》[ISSN:1671-6833/CN:41-1339/T]

卷:
43
期数:
2022年01期
页码:
90-96
栏目:
出版日期:
2022-01-09

文章信息/Info

Title:
Proactive Defense Model Based on Non-Zero-Sum Signal Game
作者:
黄万伟1袁博1王苏南2张校辉3
郑州轻工业大学 软件学院,河南 郑州 450001;深圳职业技术学院,电子与通信工程学院,广东 深圳518005;河南信安通信技术股份有限公司,河南 郑州 450001

Author(s):
HUANG Wanwei1 YUAN Bo1 WANG Sunan2 ZHANG Xiaohui3
1.College of Software Engineering, Zhengzhou University of Light Industry, Zhengzhou 450001, China;
2.School of Electronic and Communication Engineering, Shen Zhen Polytechnic, Shenzhen 518005, China; 3.Henan Xin′an Communication Technology Co., Ltd., Zhengzhou 450001, China
关键词:
Keywords:
non-zero-sum signal game discount factor optimal defense strategy
分类号:
TP309
DOI:
10.13705/j.issn.1671-6833.2021.05.010
文献标志码:
A
摘要:
近几年以APT为代表的网络攻击越来越频繁,危害也日趋严重,而当前网络攻防中存在防御滞后以及在对抗过程中双方收益不完全相等的问题。部分研究者们针对APT攻防过程中的特点采用了信号博弈理论进行研究,但在研究的过程中对于收益的量化采用的是零和方法以及单阶段的表示形式,忽略了攻防过程中双方收益不对等的现象以及多阶段的对抗过程。针对上述问题,本文采用非零和方法,提出了非零和信号博弈模型NSG (non-zero-sum signal game),并引入贴现因子对攻防过程中各阶段的收益对以后阶段的影响进行描述,量化表示攻防策略,在分析不同策略收益的基础上提出当前最优防御策略算法。最后,通过仿真实验对该模型和方法进行验证,实验结果表明了本文中所提出的模型和方法的可行性和有效性,能够更全面地表示出APT多阶段博弈过程。
Abstract:
In recent years, the damages of network attacks such as launched by APT has become more and more serious. Although existing studies based on signal game theory could simulate the APT attack and defense process to a certain extent, they ignored the phenomenon of unequal benefits between the two sides in the process of attack and defense and the multi-stage confrontation process, resulting in the lack of universality of the model and method. In this paper, a proactive defense model based on non-zero-sum signal game was proposed. First of all, the attack and defense game tree was built based on the signal game theory and the analysis of network attack and defense multi-stage confrontation process. Secondly, the non-zero-sum method and discount factor were used to build the multi-stage income of model in the process of offensive and defensive based on the situation of unequal income. On this basis, a quantitative method was proposed for network attack and defense characteristics, and the current optimal defense strategy algorithm was obtained based on the Nash equilibrium and refined Bayesian equilibrium existing in the analysis model. Finally, the model and method were verified by simulation experiments. The results showed the feasibility and effectiveness of the proposed model and method.

参考文献/References:

[1] 付钰,李洪成,吴晓平,等.基于大数据分析的 APT 攻击 检 测 研 究 综 述 [J]. 通 信 学 报,2015,36 ( 11) : 1-14.

 [2] IQBAL Z,ANWAR Z. SCERM: A novel framework for automated management of cyber threat response activities[J]. Future generation computer systems, 2020,108: 687-708. 
[3] 王耀光,陈伟权,吴镇邦,等.基于混合差分演化的 网络入侵检测算法[J].郑州大学学报( 工学版) , 2017,38( 6) : 29-32,49. 
[4] XU D J,LI Y D,XIAO L,et al.Prospect theoretic study of cloud storage defense against advanced persistent threats [C]/ /2016 IEEE Global Communications Conference. Piscataway: IEEE,2016: 1-6. 
[5] 陈福才,扈红超,刘文彦.网络空间主动防御技术 [M].北京: 科学出版社,2018: 308-310. 
[6] DIJK M,JUELS A,OPREA A,et al.FlipIt: the game of “stealthy takeover”[J].Journal of cryptology,2013,26 ( 4) : 655-713. 
[7] 糜旗,朱杰,徐超,等.基于 APT 网络攻击的技术研 究[J].计算机与现代化,2014( 10) : 92-94,122. 
[8] 孙文君,苏旸,曹镇.非对称信息条件下 APT 攻防博 弈模型[J].计算机应用,2017,37( 9) : 2557-2562.
 [9] FANG X P,ZHAI L D,JIA Z P,et al.A game model for predicting the attack path of APT[C]/ /2014 IEEE 12th International Conference on Dependable, Autonomic and Secure Computing. Piscataway: IEEE, 2014: 491-495. 
[10] 姜伟,方滨兴,田志宏,等.基于攻防博弈模型的网 络安全 测 评 和 最 优 主 动防 御[J]. 计 算 机 学 报, 2009,32( 4) : 817-827. 
[11] 姜伟,方滨兴,田志宏,等.基于攻防随机博弈模型 的防御 策 略 选 取 研 究[J]. 计算机研究与发展, 2010,47( 10) : 1714-1723. 
[12] 杨义先,钮心忻.安全通论: 刷新网络空间安全观 [M].北京: 电子工业出版社,2018. 
[13] 孙骞,高岭,刘涛,等.基于非零和博弈的多路径组 合攻击防御决策方法[J].西北大学学报( 自然科学 版) ,2019,49( 3) : 343-350. 
[14] 李静轩,朱俊虎,邱菡,等.基于非零和随机博弈的 APT 攻击主动防御策略选取[J].计算机应用研究, 2020,37( 10) : 3071-3076,3111.
 [15] YANG H P. Method for behavior-prediction of APT attack based on dynamic Bayesian game[C]/ /2016 IEEE International Conference on Cloud Computing and Big Data Analysis ( ICCCBDA ) . Piscataway: IEEE,2016: 177-182. 
[16] 张恒巍,余定坤,韩继红,等.基于攻防信号博弈模 型的防御策略选取方法[J]. 通 信 学 报,2016,37 ( 5) : 51-61. 
[17] 张恒巍,李涛.基于多阶段攻防信号博弈的最优主 动防御[J].电子学报,2017,45( 2) : 431-439.
 [18] 张为,苏旸,陈文武.基于信号博弈的主动防御模型 [J].计算机工程与应用,2018,54( 17) : 77-82.
 [19] 陈永强,付钰,吴晓平.基于非零和攻防博弈模型的 主动防御策略选取方法[J].计算机应用,2013,33 ( 5) : 1347-1349,1352. 
[20] ZHANG H W,WANG J D,YU D K,et al. Active defense strategy selection based on static Bayesian game[C]/ /Third International Conference on Cyberspace Technology ( CCT 2015 ) . London: IET, 2015: 1-7.

更新日期/Last Update: 2022-01-09