南京理工大学学报(自然科学版)Issue(1):12-21,10.
基于博弈模型的网络安全最优攻防决策方法
Network security optimal attack and defense decision-making method based on game model
摘要
Abstract
To effectively implement the network security risk management and reduce the security risk loss,based on the game theory,this paper designs a network security optimal attack and defense decision-making method through the analysis of interactions between the attacker and the defender. According to the network's topology information,reachable relationship of nodes and vulnerability in-formation,the proposed method generates the network state attack-defense graph( SADG) ,calculates the successful probability and hazard index of each atomic attack in the SADG and gets the successful probability and hazard index of all possible attack paths. The method calculates the utility matrix of different strategies taken by the attacker and the defender at the different network security states. According to the SADG and based on the non-cooperative non-zero-sum game model, this paper proposes an optimal attack and defense decision-making algorithm, and generates optimal attack and defense strategies with the prevention and control measures of vulnerability. This paper analyzes the application of the proposed method in the network security risk management through a typical network example. The experimental results show that this method can effectively generate the optimal offensive and defensive decision.关键词
网络安全/风险管理/状态攻防图/博弈理论/最优决策Key words
network security/risk management/state attack-defense graph/game theory/optimal decision-making分类
信息技术与安全科学引用本文复制引用
刘刚,张宏,李千目..基于博弈模型的网络安全最优攻防决策方法[J].南京理工大学学报(自然科学版),2014,(1):12-21,10.基金项目
国家自然科学基金(60903027) (60903027)
江苏省自然科学重大研究项目( BK2011023) ( BK2011023)
江苏省自然科学基金(BK2011370) (BK2011370)
航天创新基金(CALT201102) (CALT201102)
连云港工业攻关科技项目(CG1124) (CG1124)
中国博士后基金(2012M521089) (2012M521089)
