[1] GORDON L,LOEB M P,LUCYSHYN W,et al.2016 CSI/FBI computer crime and security survey[EB/OL].[2019-10-13].https://www.researchgate.net/publication/243784811_CSIFBI_Computer_Crime_and_Security_Survey. [2] MAESTRE M I,HOZ E D L,GUZMAN J M G,et al.Design and evaluation of a learning environment to effectively provide network security skills[J].Computers and Education,2013,69(11):225-236. [3] NI Zhen,LI Qianmu,LIU Gang.Game-model-based network security risk control[J].Computer,2018,51(4):28-38. [4] DURKOTA K,LISY V,KIEKINTVELD C,et al.Case studies of network defense with attack graph games[J].IEEE Intelligent Systems,2016,31(5):24-30. [5] XIAO A.An application of game theory in distributed collaborative decision making[J].Frontiers of Mechanical Engineering,2019,14(1):85-101. [6] HAMILTON S N,MILLER W L,OTT A,et al.The role of game theory in infomation warfare[EB/OL].[2019-10-13].https://www.researchgate.net/publication/243774824_The_Role_of_Game_Theory_in_Information_Warfare. [7] HU He,HU Changzhen,YAO Shuping.Decision model of optimal active response for network security using partial observable Markov game[J].Journal of Xi'an Jiaotong University,2011,45(4):18-24.(in Chinese)胡鹤,胡昌振,姚淑萍.应用部分马尔科夫博弈的网络安全主动响应决策模型[J].西安交通大学学报,2011,45(4):18-24. [8] ZHANG Hengwei,ZHANG Jian,HAN Jihong,et al.Vulnerability risk analysis method based on game model and risk matrix[J].Computer Engineering and Design,2016,37(6):1421-1427.(in Chinese)张恒巍,张健,韩继红,等.基于博弈模型和风险矩阵的漏洞风险分析方法[J].计算机工程与设计,2016,37(6):1421-1427. [9] WANG Chunzi,HUANG Guangqiu.Network attack-defense situation awareness based on dynamic game with incomplete information[J].Computer Engineering,2010,36(20):125-127.(in Chinese)王纯子,黄光球.基于不完全信息动态博弈的网络攻防态势感知[J].计算机工程,2010,36(20):125-127. [10] LIU Jingwei,LIU Jingju,LU Yuliang,et al.Optimal defense strategy selection method based on network attack-defense game model[J].Computer Science,2018,45(6):117-123.(in Chinese)刘景玮,刘京菊,陆余良,等.基于网络攻防博弈模型的最优防御策略选取方法[J].计算机科学,2018,45(6):117-123. [11] HUANG Jianming,ZHANG Hengwei,WANG Jindong.Markov evolutionary games for network defense strategy selection[J].IEEE Access,2017,5(9):19505-19516. [12] JIANG Wei,FANG Binxing,TIAN Zhihong,et al.Evaluating network security and optimal active defense based on attack-defense game model[J].Chinese Journal of Computers,2009,32(4):817-827.(in Chinese)姜伟,方滨兴,田志宏,等.基于攻防博弈模型的网络安全测评和最优主动防御[J].计算机学报,2009,32(4):817-827. [13] SMITH J M.Evolution and the theory of games[EB/OL].[2019-10-13].https://link.springer.com/chapter/10.1007/978-1-4684-7862-4_22. [14] Common vulnerability scoring system version 3.1 calculator[EB/OL].[2019-10-13].https://www.first.org/cvss/calculator/3.1. [15] RUOHONEN J.A look at the time delays in CVSS vulnerability scoring[J].Applied Computing and Informatics,2019,15(2):129-135. [16] ZHANG Biyan,WANG Meng.Research on quantization method of network attack and defense based on CVSS vulnerability score[J].Journal of Ordnance and Equipment Engineering,2018,39(4):147-150.(in Chinese)张必彦,王孟.基于CVSS漏洞评分标准的网络攻防量化方法研究[J].兵器装备工程学报,2018,39(4):147-150. [17] CHEN Feng.Research on layered network security risk assessment method based on multi-target attack graph[D].Changsha:National University of Defense Science and Technology,2009.(in Chinese)陈锋.基于多目标攻击图的层次化网络安全风险评估方法研究[D].长沙:国防科技大学,2009. [18] Jasmine.The average length of time of bug repair was 38 days[EB/OL].[2019-10-13].https://www.aqniu.com/industry/38038.html. [19] MACKER J P.An improved local bridging centrality model for distributed network analytics[C]//Proceedings of 2016 IEEE Military Communications Conference.Washington D.C.,USA:IEEE Press,2016:21-27. [20] KAYNAR K,SIVRIKAYA F.Distributed attack graph generation[J].IEEE Transactions on Dependable and Secure Computing,2016,13(5):519-532. [21] YE Ziwei,GUO Yuanbo,WANG Chendong,et al.Survey on application of attack graph technology[J].Journal of Communications,2017,38(11):121-132.(in Chinese)叶子维,郭渊博,王宸东,等.攻击图技术应用研究综述[J].通信学报,2017,38(11):121-132. [22] DACIER M,DESWARTE Y.Privilege graph:an extension to the typed access matrix model[C]//Proceedings of European Symposium on Research in Computer Security.Berlin,Germany:Springer,1994:319-334. [23] AMMANN P,WIJESEKERA D,KAUSHIK S.Scalable,graph-based network vulnerability analysis[C]//Proceedings of the 9th ACM Conference on Computer and Communications.New York,USA:ACM Press 2002:217-224. [24] ZHANG Jian,WANG Jindong,ZHANG Hengwei,et al.Network risk analysis method based on node-game vulnerability attack graph[J].Computer Science,2014,41(9):169-173.(in Chinese)张健,王晋东,张恒巍,等.基于节点博弈漏洞攻击图的网络风险分析方法[J].计算机科学,2014,41(9):169-173. [25] ZHAO Fangfang,CHEN Xiuzhen,LI Jianhua.Generation method of network attack graphs based on privilege escalation[J].Computer Engineering,2008,34(23):158-160.(in Chinese)赵芳芳,陈秀真,李建华.基于权限提升的网络攻击图生成方法[J].计算机工程,2008,34(23):158-160. [26] WANG Hang,GAO Qiang,MO Yuchang.Network vulnerability evaluation based on attack graph and security metric[J].Computer Engineering,2010,36(3):128-130.(in Chinese)王航,高强,莫毓昌.基于攻击图和安全度量的网络脆弱性评价[J].计算机工程,2010,36(3):128-130. [27] WANG Lidong.A quantitative risk assessment method for computer system and network security[D].Harbin:Harbin Institute of Technology,2002.(in Chinese)汪立东.一种量化的计算机系统和网络安全风险评估方法[D].哈尔滨:哈尔滨工业大学,2002. [28] China Information Security Evaluation Center.CNNVD vulnerability classification guide[EB/OL].[2019-10-13].http://www.cnnvd.org.cn/web/wz/bzxqById.tag?Id=3&mkid=3.(in Chinese)中国信息安全测评中心.CNNVD漏洞分类指南[EB/OL].[2019-10-13].http://www.cnnvd.org.cn/web/wz/bzxqById.tag?id=3&mkid=3. |