基于博弈模型的网络安全最优攻防决策方法  被引量：36

作　　者：刘刚[1] 张宏[1] 李千目[1] 

机构地区：[1]南京理工大学计算机科学与工程学院,江苏南京210094

出　　处：《南京理工大学学报》2014年第1期12-21,共10页Journal of Nanjing University of Science and Technology

基　　金：国家自然科学基金(60903027);江苏省自然科学重大研究项目(BK2011023);江苏省自然科学基金(BK2011370);航天创新基金(CALT201102);连云港工业攻关科技项目(CG1124);中国博士后基金(2012M521089)

摘　　要：为了有效地实施网络安全风险管理,降低安全风险损失,该文基于博弈理论,通过分析攻击者和防御者的攻防交互,设计了一种网络安全最优攻防决策方法。该方法首先根据网络的拓扑信息、节点的可达关系和脆弱性信息,生成网络的状态攻防图,计算攻防图中各原子攻击成功的概率和危害指数,从而得出所有可能攻击路径的成功概率和危害指数,进一步计算不同网络安全状态下攻防双方采取不同攻防策略的效用矩阵。根据状态攻防图,基于非合作非零和博弈模型,提出了一种最优攻防决策算法,结合脆弱点的防控措施,生成了最优攻防策略。通过一个典型的网络实例分析了该方法在网络安全风险管理中的应用。实验结果表明:该方法能够有效地生成最优的攻防决策方案。To effectively implement the network security risk management and reduce the security risk loss,based on the game theory,this paper designs a network security optimal attack and defense decision-making method through the analysis of interactions between the attacker and the defender. According to the network＆#39;s topology information,reachable relationship of nodes and vulnerability in-formation,the proposed method generates the network state attack-defense graph（ SADG） ,calculates＆amp;nbsp;the successful probability and hazard index of each atomic attack in the SADG and gets the successful probability and hazard index of all possible attack paths. The method calculates the utility matrix of different strategies taken by the attacker and the defender at the different network security states. According to the SADG and based on the non-cooperative non-zero-sum game model, this paper proposes an optimal attack and defense decision-making algorithm, and generates optimal attack and defense strategies with the prevention and control measures of vulnerability. This paper analyzes the application of the proposed method in the network security risk management through a typical network example. The experimental results show that this method can effectively generate the optimal offensive and defensive decision.

关 键 词：网络安全 风险管理 状态攻防图 博弈理论 最优决策 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]