拟态防御马尔可夫博弈模型及防御策略选择  被引量:10

Markov game modeling of mimic defense and defense strategy determination

在线阅读下载全文

作  者:张兴明[1] 顾泽宇[1] 魏帅[1] 沈剑良[1] ZHANG Xingming;GU Zeyu;WEI Shuai;SHEN Jianliang(National Digital Switching System Engineering&Technological R&D Center,Zhengzhou 450002,China)

机构地区:[1]国家数字交换系统工程技术研究中心,河南郑州450002

出  处:《通信学报》2018年第10期143-154,共12页Journal on Communications

基  金:国家自然科学基金资助项目(No.61572520;No.61521003);国家科技重大专项基金资助项目(No.2016ZX01012101)~~

摘  要:网络拟态防御通过冗余执行体动态性、多样性以及裁决反馈机制增强了主动防御顽健性,而对于其安全性评估尚缺少有效的分析模型,基于经典博弈模型无法满足于其多状态、动态性特点,不具有通用性等问题,提出拟态防御Markov博弈模型分析攻防状态间的转移关系以及安全可靠性度量方法,通过非线性规划算法计算攻防博弈均衡,以确定考虑防御代价的最佳防御策略。实验与多目标隐藏技术对比,结果表明拟态防御具有更高的防御效果,结合具体案例给出了针对利用系统漏洞攻击的具体攻防路径,验证了防御策略算法有效性。Network mimic defense technology enhances the robustness of active defense through the redundancy,dynamic and diversity as well as the decision feedback mechanism.However,little work has been done for its security assessment and existing classic game models are not suitable for its dynamic characteristics and lack of universality.A Markov game model was proposed to analyze the transfer relationship between offensive and defensive status and the measurement method of safety and reliability of mimic defense,and calculated the offensive and defensive game equilibrium through non-linear programming algorithm to determine the best defensive strategy considering performance.Experiments give a comparison with the multi-target hiding technique and shows that the mimic defense has a higher defensive effect.Combining with the specific network case,the specific attack and defense path for the exploit of the system vulnerability is given and the effectiveness of the defense strategy algorithm is verified.

关 键 词:网络拟态防御 Markov博弈 冗余执行体 防御顽健性 主动防御策略 

分 类 号:TP393[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象