作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程

• 安全技术 • 上一篇    下一篇

基于博弈论的企业信息安全攻防策略研究

韩文英,闫明星,柴艳妹,王秀利   

  1. (中央财经大学信息学院,北京 100081)
  • 收稿日期:2012-09-13 出版日期:2013-09-15 发布日期:2013-09-13
  • 作者简介:韩文英(1969-),女,副教授、博士,主研方向:信息安全,计算机审计;闫明星,硕士研究生;柴艳妹、王秀利,副教授、博士
  • 基金资助:
    教育部人文社会科学研究青年基金资助项目(12YJC630106);北京市哲学社科规划基金资助项目“首都社会稳定视角下的互联网治理对策研究”(12JGA014);中央财经大学科研创新团队支持计划基金资助项目

Research on Enterprise Information Security Attack-defense Strategic Based on Game Theory

HAN Wen-ying, YAN Ming-xing, CHAI Yan-mei, WANG Xiu-li   

  1. (School of Information, Central University of Finance and Economics, Beijing 100081, China)
  • Received:2012-09-13 Online:2013-09-15 Published:2013-09-13

摘要: 利用3种博弈模型研究信息安全中的攻防策略。讨论不完全信息动态攻防博弈模型下的攻防均衡关系,得到均衡时的策略选择及参数限制条件。考虑攻防的长期和重复性,建立不完全信息下的重复攻防博弈模型,得到长期均衡关系。针对信息安全中攻防双方不能在完全理性情况下进行策略选择的问题,引进有限理性假设条件,运用复制动态求解进化稳定策略,在验证前两个 模型结论有效的基础上,进一步得到解决信息安全问题的有效策略。

关键词: 信息安全, 攻防关系, 不完全信息博弈模型, 均衡, 重复博弈模型, 演化博弈

Abstract: The attack-defense relationship in information security is studied through three game models. The attack and defense equilibrium relationship is discussed with incomplete information dynamic game model, to reach the strategy selection and parameter constraints when the attack and defense relationship getting equilibrium. Taking into account of the long-term and repeatability of the attack and defense relationship, a repeated attack and defense game model under incomplete information is established and long-run equilibrium relationship is reached. Because of the incomplete rationality of decision maker, the limited rationality assumptions is introduced, to verify the validity of the above two models’ conclusion, and getting the effective strategies to solve information security problems with the use of replication dynamic solving evolutionarily stable strategy.

Key words: information security, attack-defense relationship, incomplete information game model, equilibrium, repeated game model, evolution game

中图分类号: