安全数据采集代理顽健部署策略研究  被引量：3

作　　者：陈黎丽 王震 郭云川[2] 华佳烽 姚宇超 李凤华[1,2,4] CHEN Lili;WANG Zhen;GUO Yunchuan;HUA Jiafeng;YAO Yuchao;LI Fenghua(State Key Laboratory of Integrated Services Networks,Xidian University,Xi’an 710071,China;Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100093,China;School of Cyberspace,Hangzhou Dianzi University,Hangzhou 310018,China;School of Cyber Security,University of Chinese Academy of Sciences,Beijing 100049,China)

机构地区：[1]西安电子科技大学综合业务网络国家重点实验室,陕西西安710071 [2]中国科学院信息工程研究所第五研究室,北京100093 [3]杭州电子科技大学网络空间安全学院,浙江杭州310018 [4]中国科学院大学网络空间安全学院,北京100049

出　　处：《通信学报》2019年第6期51-65,共15页Journal on Communications

基　　金：国家重点研发计划基金资助项目(No.2016YFB0800700,No.2016YFB0800702);国家自然科学基金资助项目(No.61672515);中国科学院大学生创新实践训练计划基金资助项目~~

摘　　要：随着“网络黑产”事件频繁发生,攻击者以“趋利”的思想来策略地发动针对性的攻击。现有网络监测系统缺少针对“策略式攻击”精准有效的监测策略。因此,在敌对环境中,如何优化部署采集代理获取更好的监测效果成为一个极为重要的课题。针对该问题,提出了一种顽健采集代理部署策略。首先,引入攻防博弈思想,对采集代理和威胁事件及其之间的关系进行度量,构建度量攻防博弈模型MADG模型;然后,考虑传统精确求解算法无法求解该问题,利用目标函数的次模和非增的性质设计了顽健采集代理部署算法RCD算法进行近似求解;最后,对RCD算法进行了验证。实验结果表明,所提模型和方法是可行有效的,且具有可扩展性。With the frequent occurrence of“network black production”incidents,attackers strategically launch target attacks with the idea of“profit-seeking”.Existing network monitoring systems lack accurate and effective monitoring strategies for“strategic attacks”.Therefore,in an adversarial environment,how to optimize the deployment of collection agents for better monitoring results becomes an extremely important issue.Based on this,a robust deployment strategy of collection agents was proposed for the above mentioned problem.Firstly,the idea of attack-defense game was introduced to measure the collection agents,threat events and their relations,then the MADG model was built.Secondly,considering that the traditional accurate solution algorithm cannot solve the problem,the robust acquisition agent deployment algorithm called RCD algorithm was designed to approximate the problem by using the sub-module and non-growths of the objective function.Finally,the RCD algorithm was verified.The experimental results show that the above model and method is feasible,effective and expandable.

关 键 词：采集代理 安全数据 攻防博弈 顽健性 优化部署 

分 类 号：TP302[自动化与计算机技术—计算机系统结构]