计算机工程与应用Issue(11):76-82,7.DOI:10.3778/j.issn.1002-8331.1306-0328
静态贝叶斯博弈在信息系统风险分析中的应用
Application of static Bayesian game in information system risk analysis
摘要
Abstract
Information System(IS)security risk is influenced by attackers and defenders, so it is necessary to consider the behaviors of both sides. To evaluate the risk level, an Attacks Prediction Model based on Static Bayesian Game (APM-SBG)is proposed. In this model, an improved payoff calculation method is presented, which takes the counterat-tack as well as cost parameters and benefit parameters of both sides’strategies into account, and therefore the payoff could be calculated more accurately. Considering the uncertainty of strategy choice, Nash equilibrium of the game based on mixed strategy is analyzed to predict the behaviors of the attacker, and the result is credible. A new risk analysis method is proposed based on the attack behavior prediction and defense strategy. The example analysis proves the effectiveness of the model and algorithm.关键词
贝叶斯博弈/混合策略/风险分析/纳什均衡/收益函数Key words
Bayesian game/mixed strategy/risk analysis/Nash equilibrium/payoff function分类
信息技术与安全科学引用本文复制引用
张健,王晋东,张恒巍..静态贝叶斯博弈在信息系统风险分析中的应用[J].计算机工程与应用,2015,(11):76-82,7.基金项目
国家部委预研基金。 ()
