作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2021, Vol. 47 ›› Issue (1): 154-164. doi: 10.19678/j.issn.1000-3428.0056742

• 网络空间安全 • 上一篇    下一篇

基于单点多步博弈的网络防御策略选取方法

杨林, 王永杰   

  1. 国防科技大学 电子对抗学院, 合肥 230037
  • 收稿日期:2019-11-28 修回日期:2020-01-07 发布日期:2020-01-16
  • 作者简介:杨林(1995-),男,硕士研究生,主研方向为网络空间安全、群体智能;王永杰(通信作者),副教授、博士。
  • 基金资助:
    国家部委基金。

Network Defense Strategy Selection Method Based on Single-Point Multi-Step Game

YANG Lin, WANG Yongjie   

  1. College of Electromagnetic Countermeasure, National University of Defense Technology, Hefei 230037, China
  • Received:2019-11-28 Revised:2020-01-07 Published:2020-01-16

摘要: 当前复杂环境下网络安全问题频发,而现有攻防博弈网络防御模型未考虑网络攻击单点多步的特性,无法有效进行网络防御。针对网络攻防实际需求,通过模拟攻防环境和过程,提出一种基于单点多步网络攻防博弈模型的防御策略选取方法。建立单点多步攻防博弈模型,将全局博弈缩小为漏洞上的局部博弈以适应各种防御体系的攻防分析,采用漏洞评分系统量化攻防博弈效用降低评估主观性,基于攻击图理论构建漏洞连通图和漏洞邻接矩阵模型,并以其为工具对攻防决策攻击图进行分析,在此基础上设计最优防御策略选取方法,结合典型攻防场景验证其可行性。实验结果表明,该方法采取的单点博弈混合策略纳什均衡具有概率独立性,适用于大规模网络攻防博弈分析。

关键词: 网络安全, 攻防博弈模型, 单点多步博弈, 博弈回溯, 策略优化

Abstract: Network security problems occur frequently in the current complex environment,but the existing network defense model based on attack-defense game does not consider the single-point and multi-step characteristics of network attacks,so it can not effectively carry out network defense.According to the actual needs of network attack and defense,this paper proposes a defense strategy selection method based on Single-Point Multi-Step Network Attack-Defense Game(SMNADG) model by simulating the attack-defense environment and process.A single-point multi-step attack-defense game model is established,which reduces the global game to the local game on vulnerability to adapt to a variety of defense systems attack-defense game analysis.The vulnerability scoring system is used to quantify the effectiveness of attack-defense game,and reduce the evaluation subjectivity.Based on attack graph theory,the vulnerability connectivity graph and vulnerability adjacency matrix model are constructed to analyze attack-defense decision-making attack graph.On this basis,the optimal defense strategy selection method is designed,and verified by typical attack-defense scenarios. Experimental results show that the mixed strategy Nash equilibrium of single-point game adopted by the proposed method has probability independence,which is suitable for large-scale network attack-defense game analysis.

Key words: network security, attack-defense game model, single-point multi-step game, game traceback, strategy optimization

中图分类号: