作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程

• 安全技术 • 上一篇    下一篇

基于动态博弈的粗糙网络安全分析模型

张 晶,李 艳   

  1. (西安建筑科技大学管理学院,西安710055)
  • 收稿日期:2014-05-04 出版日期:2015-04-15 发布日期:2015-04-15
  • 作者简介:张 晶(1981 - ),女,讲师、博士,主研方向:信息安全,管理科学与工程,决策分析;李 艳,博士、CCF 会员。
  • 基金资助:
    陕西省教育厅科研计划基金资助项目(2013JK0185);陕西省重点学科专项基金资助项目(E08001);陕西省高校哲学社会科学重点研究基地建设专项基金资助项目(DA08046);陕西省高校哲学社会科学特色学科建设专项基金资助项目(E08003,E08005);西安建筑科技大学人才科技基金资助项目(RC1324)。

Rough Network Security Analysis Model Based on Dynamic Game

ZHANG Jing,LI Yan   

  1. (School of Management,Xi’an University of Architecture & Technology,Xi’an 710055,China)
  • Received:2014-05-04 Online:2015-04-15 Published:2015-04-15

摘要: 基于攻击图的主动网络安全测评是网络安全的战略研究方向,但目前多数网络攻击模型都是从攻击一方的角度进行分析,忽略了整个攻防过程中连接关系及知识体系的粗糙性。为此,结合攻击粗糙图和动态博弈理论提出粗糙网络安全分析模型RNSAM。以粗糙部件访问关联图为基础,刻画某一时刻网络拓扑结构状态下网络部件主体之间的粗糙访问关系,通过对攻击策略集和防御策略集在知识域空间上的粗糙刻画来反映攻防过程中的动态决策机制,同时给出攻击策略选取算法,指出在当前网络连接状态和攻防双方知识水平下的最优防御策略。实例分析结果表明,RNSAM 能够完整模拟网络攻击过程,使网络管理员以最小的代价采取相关防御措施。

关键词: 网络风险分析, 网络攻击模型, 攻击图, 粗糙博弈分析, 粗糙网络, 粗糙图

Abstract: Now the network security evaluation method based on attack graph becomes the main research point,but most of the network attack models are analyzed from the standpoint of the attack side,and ignore the whole process of the connection relationship between offensive and defensive and the roughness of the knowledge system. This paper uses the rough access components association graph to describe the rough access relationship among the network components at some time and some special network topology state,through the rough characterization of the attack and defense policy set in the knowledge domain space to reflect the dynamic decision-making mechanism in the process of offensive and defensive. It gives the optimal attack policy-selection algorithm simultaneously,points out the most possible defensive policy in the current state of the network connection and the knowledge level of both sides of offensive and defensive. Examples show that the results of the analysis can help the defense side of the network administrator take related defensive measures better.

Key words: network risk analysis, network attack model, attack graph, rough game analysis, rough network, rough graph

中图分类号: