博弈论与密码协议研究进展
|
摘要
博弈论与密码协议研究的都是互不信任参与方之间的交互问题.博弈论深化了密码协议的假设条件,由对诚实或恶意参与方的研究延展到对理性参与方的研究,对于解决秘密共享、安全多方计算等密码协议问题能够提供重要帮助.博弈论目前已经成为密码协议研究领域的重要理论和工具之一.本文对博弈论在密码协议研究中的应用进行了阐释,在介绍博弈论基本概念的基础上,主要依据不同的博弈方法对现有文献进行了分类总结,分别介绍了完全信息静态博弈、完全信息动态博弈、不完全信息静态博弈、不完全信息动态博弈、随机博弈、演化博弈在信息安全研究中的应用,对密码协议等信息安全问题中的攻防对抗、防御策略选取、定量安全投资、防御者相互依赖、社会最优达成等问题的博弈论建模方法做了简要介绍,展示了行动次序、不完全信息、系统状态、有限理性等因素在博弈分析中的影响.本文表明了博弈论的引入对于密码协议研究的重要价值,也指出了博弈方法本身的局限性以及其他现有研究存在的不足,并对未来可能的研究方向提供了建议.
Game theory and cryptographic protocols are both concerned with the interaction among distrustful participants. Game theory deepens the hypothetical conditions of cryptographic protocols,extending from the study of honest or malicious participants to the study of rational participants,which can provide significant help for solving cryptographic protocols such as secret sharing and secure multi-party computation. Game theory has become one of the important theories and tools in the field of cryptographic protocols. This paper explains the application of game theory in cryptographic protocol research. On the basis of introducing the basic concepts of game theory, the existing literatures are classified and summarized mainly according to different game methods. This paper respectively introduces the application of complete information static game, complete information dynamic game, incomplete information static game, incomplete information dynamic game, stochastic game, and evolutionary game in the study of information security, briefly introduces the game theoretic modeling methods of problems in information security such as cryptographic protocols including the conflicts between attacks and defenses, defense strategy selection, quantitative security investment,interdependence among defenders, and social optimization achievement, and shows the effects of action sequences, incomplete information, system states, limited rationality, and other factors in game theoretic analyses. This paper demonstrates the significant value of the introduction of game theory to cryptographic protocol research, points out the limitations of game theory itself and other existing research deficiencies, and provides suggestions for possible future research directions.
Game theory and cryptographic protocols are both concerned with the interaction among distrustful participants. Game theory deepens the hypothetical conditions of cryptographic protocols,extending from the study of honest or malicious participants to the study of rational participants,which can provide significant help for solving cryptographic protocols such as secret sharing and secure multi-party computation. Game theory has become one of the important theories and tools in the field of cryptographic protocols. This paper explains the application of game theory in cryptographic protocol research. On the basis of introducing the basic concepts of game theory, the existing literatures are classified and summarized mainly according to different game methods. This paper respectively introduces the application of complete information static game, complete information dynamic game, incomplete information static game, incomplete information dynamic game, stochastic game, and evolutionary game in the study of information security, briefly introduces the game theoretic modeling methods of problems in information security such as cryptographic protocols including the conflicts between attacks and defenses, defense strategy selection, quantitative security investment,interdependence among defenders, and social optimization achievement, and shows the effects of action sequences, incomplete information, system states, limited rationality, and other factors in game theoretic analyses. This paper demonstrates the significant value of the introduction of game theory to cryptographic protocol research, points out the limitations of game theory itself and other existing research deficiencies, and provides suggestions for possible future research directions.
引文
[1]JIANG W,FANG B X,TIAN Z H,et al.Evaluating network security and optimal active defense based on attack-defense game model[J].Chinese Journal of Computers,2009,32(04):817-827.[DOI:10.3724/SP.J.1016.2009.00817]姜伟,方滨兴,田志宏,等.基于攻防博弈模型的网络安全测评和最优主动防御[J].计算机学报,2009,32(04):817-827.[DOI:10.3724/SP.J.1016.2009.00817]
[2]ZHU J M,WANG Q.Analysis of cyberspace security based on game theory[J].Chinese Journal of Network and Information Security,2015,1(1):43-49.[DOI:10.11959/j.issn.2096-109x.2015.00006]朱建明,王秦.基于博弈论的网络空间安全若干问题分析[J].网络与信息安全学报,2015,1(1):43-49.[DOI:10.11959/j.issn.2096-109x.2015.00006]
[3]ZHU J M,TIAN Y L.Game Theory and Information Security[M].Beijing:Beijing University of Posts and Telecommunications Press,2015:Chapter 1.朱建明,田有亮.博弈论与信息安全[M].北京:北京邮电大学出版社,2015:第一章.
[4]ZHANG W Y.Game Theory and Information Economics[M].Shanghai:Truth&Wisdom Press,2012:Chapter1.张维迎.博弈论与信息经济学[M].上海:格致出版社,2012:第一章.
[5]KUNREUTHER H,HEAL G.Interdependent security[J].Journal of Risk&Uncertainty,2003,26(2-3):231-249.[DOI:10.1023/A:1024119208153]
[6]CAVUSOGLU H,MISHRA B,RAGHUNATHAN S.The value of intrusion detection systems in information technology security architecture[J].Information Systems Research,2005,16(1):28-46.[DOI:10.1287/isre.1050.0041]
[7]LIU Y,COMANICIU C,MAN H.A Bayesian game approach for intrusion detection in wireless ad hoc networks[C].In:Proceedings from the 2006 Workshop on Game Theory for Communications and Networks.ACM,2006:275-283.[DOI:10.1145/1190195.1190198]
[8]ALPCAN T,BA?AR T.A game theoretic approach to decision and analysis in network intrusion detection[C].In:Proceedings of 42nd IEEE International Conference on Decision and Control,Vol.3.IEEE,2003:2595-2600.[DOI:10.1109/CDC.2003.1273013]
[9]ALPCAN T,BA?AR T.A game theoretic analysis of intrusion detection in access control systems[C].In:Proceedings of 43rd IEEE Conference on Decision and Control(CDC),Vol.2.IEEE,2004:1568-1573.[DOI:10.1109/CDC.2004.1430267]
[10]BLOEM M,ALPCAN T,BA?AR T.Intrusion response as a resource allocation problem[C].In:Proceedings of the 45th IEEE Conference on Decision and Control.IEEE,2006:6283-6288.[DOI:10.1109/CDC.2006.376981]
[11]ALPCAN T,BA?AR T.An intrusion detection game with limited observations[C].In:Proceedings of 12th International Symposium on Dynamic Games and Applications.Sophia Antipolis,France,2006:222-232.
[12]NGUYEN K C,ALPCAN T,BA?AR T.Stochastic games for security in networks with interdependent nodes[C].In:Proceedings of 2009 International Conference on Game Theory for Networks(GameNets’09).IEEE,2009:697-703.[DOI:10.1109/GAMENETS.2009.5137463]
[13]SHEN D,CHEN G,BLASCH E,et al.Adaptive Markov game theoretic data fusion approach for cyber network defense[C].In:Proceedings of IEEE Military Communications Conference(MILCOM 2007).IEEE,2007:1-7.[DOI:10.1109/MILCOM.2007.4454758]
[14]SCHMIDT S,ALPCAN T,ALBAYRAK?,et al.A malware detector placement game for intrusion detection[C].In:Critical Information Infrastructures Security-CRITIS 2007.Springer Berlin Heidelberg,2007:311-326.[DOI:10.1007/978-3-540-89173-4_26]
[15]XIA Z C,YIN Y,CHEN X H.An evolutionary game analysis on the response policy of the intrusion detection system[J].Microcomputer Information,2009,2009(33):60-61.夏子超,银鹰,陈晓桦.入侵检测系统响应策略的进化博弈论分析[J].微计算机信息,2009,2009(33):60-61.
[16]JORMAKKA J,M?LS?J V E.Modelling information warfare as a game[J].Journal of Information Warfare,2005,4(2):12-25.
[17]ZHOU H,ZHOU H J,MA J F.Security analysis model of intrusion tolerant systems based on game theory[J].Journal of Electronics&Information Technology,2013,35(8):1933-1939.[DOI:10.3724/SP.J.1146.2012.01081]周华,周海军,马建锋.基于博弈论的入侵容忍系统安全性分析模型[J].电子与信息学报,2013,35(8):1933-1939.[DOI:10.3724/SP.J.1146.2012.01081]
[18]WANG Y,YU M,LI J,et al.Stochastic game net and applications in security analysis for enterprise network[J].International Journal of Information Security,2012,11(1):41-52.[DOI:10.1007/s10207-011-0148-z]
[19]MA C Y T,YAU D K Y,RAO N S V.Scalable solutions of Markov games for smart-grid infrastructure protection[J].IEEE Transactions on Smart Grid,2013,4(1):47-55.[DOI:10.1109/TSG.2012.2223243]
[20]EMAMI-TABA M,AMOUI M,TAHVILDARI L.Strategy-aware mitigation using Markov games for dynamic application-layer attacks[C].In:Proceedings of 2015 IEEE 16th International Symposium on High Assurance Systems Engineering.IEEE,2015:134-141.[DOI:10.1109/HASE.2015.28]
[21]KOMATHY K,NARAYANASAMY P.Secure data forwarding against denial of service attack using trust based evolutionary game[C].In:Proceedings of Vehicular Technology Conference(VTC Spring 2008).IEEE,2008:31-35.[DOI:10.1109/VETECS.2008.19]
[22]LIU J H,YUE G X,SHEN S G,et al.A game-theoretic response strategy for coordinator attack in wireless sensor networks[J].The Scientific World Journal,2014,2014:950618.[DOI:10.1155/2014/950618]
[23]JIANG G,SHEN S,HU K,et al.Evolutionary game-based secrecy rate adaptation in wireless sensor networks[J].International Journal of Distributed Sensor Networks,2015,2015:1-13.[DOI:10.1155/2015/975454]
[24]CARIN L,CYBENKO G,HUGHES J.Quantitative evaluation of risk for investment efficient strategies in cybersecurity:The QuERIES methodology[R].AFRL/WS-07-2145,September 2007.
[25]NEYYAN R,PAUL A,DESHWAL M,et al.Game theory based defense mechanism against flooding attack using puzzle[C].In:IJCA Proceedings on Emerging Trends in Computer Science&Information Technology(ETCSIT2012).2012:etcsit1001 ETCSIT 5:6-10.
[26]YANG R,FANG F,JIANG A X,et al.Modeling human bounded rationality to improve defender strategies in network security games[C].In:Workshop on Human-Agent Interaction Design and Models at AAMAS.Valencia,Spain,June 2012.
[27]LIU P,ZANG W,YU M.Incentive-based modeling and inference of attacker intent,objectives,and strategies[J].ACM Transactions on Information and System Security(TISSEC),2005,8(1):78-118.[DOI:10.1145/948109.948135]
[28]CARROLL T E,GROSU D.A game theoretic investigation of deception in network security[J].Security and Communication Networks,2011,4(10):1162-1172.[DOI:10.1109/ICCCN.2009.5235344]
[29]NGUYEN K C,ALPCAN T,BA?AR T.Security games with incomplete information[C].In:Proceedings of 2009IEEE International Conference on Communications.IEEE,2009:1-6.[DOI:10.1109/ICC.2009.5199443]
[30]LYE K,WING J M.Game strategies in network security[J].International Journal of Information Security,2005,4(1-2):71-86.[DOI:10.1007/s10207-004-0060-x]
[31]SHIVA S,ROY S,DASGUPTA D.Game theory for cyber security[C].In:Proceedings of the Workshop on Cyber Security&Information Intelligence Research.ACM,2010:1-4.[DOI:10.1145/1852666.1852704]
[32]ZHENG J,CASTANóN D A.Decomposition techniques for Markov zero-sum games with nested information[C].In:Proceedings of 52nd IEEE Conference on Decision and Control.IEEE,2013:574-581.[DOI:10.1109/CD-C.2013.6759943]
[33]SUN W,KONG X W,HE D Q,et al.Research on attack and defense in information security based on evolutionary game[J].Information Science,2008,26(9):1408-1412.孙薇,孔祥维,何德全,等.基于演化博弈论的信息安全攻防问题研究[J].情报科学,2008,26(9):1408-1412.
[34]VARIAN H.System reliability and free riding[M].In:CAMP L J,LEWIS S,(eds).Economics of Information Security.Advances in Information Security,Vol.12.Springer Boston,2004:1-15.[DOI:10.1007/1-4020-8090-5_1]
[35]GROSSKLAGS J,CHRISTIN N,CHUANG J.Secure or insure?A game-theoretic analysis of information security games[C].In:Proceedings of the 17th International World Wide Web Conference.ACM,2008:209-218.[DOI:10.1145/1367497.1367526]
[36]GROSSKLAGS J,RADOSAVAC S,RDENAS A A,et al.Nudge:Intermediaries’role in interdependent network security[C].In:Proceedings of the 2010 ACM Symposium on Applied Computing.ACM,2010:1879-1880.[DOI:10.1145/1774088.1774486]
[37]LYU J J,KOU W H,WANG Y Z.An analysis of games of information security investment based on interdependent security[J].Chinese Journal of Management Science,2006,14(03):7-12.[DOI:10.3321/j.issn:1003-207X.2006.03.002]吕俊杰,邱菀华,王元卓.基于相互依赖性的信息安全投资博弈[J].中国管理科学,2006,14(03):7-12.[DOI:10.3321/j.issn:1003-207X.2006.03.002]
[38]WU Y,FENG G,WANG N,et al.Game of information security investment:Impact of attack types and network vulnerability[J].Expert Systems with Applications,2015,42(15-16):6132-6146.[DOI:10.1016/j.eswa.2015.03.033]
[39]B?HME R.Security audits revisited[C].In:Financial Cryptography and Data Security-FC 2012.Springer Berlin Heidelberg,2012:129-147.[DOI:10.1007/978-3-642-32946-3_11]
[40]JIANG L,ANANTHARAM V,WALRAND J.How bad are selfish investments in network security?[J].IEEE/ACMTransactions on Networking,2011,19(2):549-560.[DOI:10.1109/tnet.2010.2071397]
[41]PAL R,HUI P.Modeling Internet security investments:Tackling topological information uncertainty[C].In:Decision and Game Theory for Security-GameSec 2011.Springer Berlin Heidelberg,2011:239-257.[DOI:10.1007/978-3-642-25280-8_18]
[42]GROSSKLAGS J,JOHNSON B,CHRISTIN N.The price of uncertainty in security games[M].In:MOORE T,PYM D,IOANNIDIS C(eds).Economics of Information Security and Privacy.Springer Boston,2010:9-32.[DOI:10.1007/978-1-4419-6967-5_2]
[43]JOHNSON B,GROSSKLAGS J,CHRISTIN N,et al.Uncertainty in interdependent security games[C].In:Decision and Game Theory for Security-GameSec 2010.Springer Berlin Heidelberg,2010:234-244.[DOI:10.1007/978-3-642-17197-0_16]
[44]ZHANG G R,YIN J.Multi-party secure sum computation based on game theory[J].Application Research of Computers,2009,26(4):1497-1499.[DOI:10.3969/j.issn.1001-3695.2009.04.086]张国荣,印鉴.基于博弈论的安全多方求和方法[J].计算机应用研究,2009,26(4):1497-1499.[DOI:10.3969/j.issn.1001-3695.2009.04.086]
[45]HALPERN J,TEAGUE V.Rational secret sharing and multiparty computation[C].In:Proceedings of Thirtysixth ACM Symposium on Theory of Computing.ACM,2004:623-632.[DOI:10.1145/1007352.1007447]
[46]KOL G,NAOR M.Cryptography and game theory:Designing protocols for exchanging information[C].In:Theory of Cryptography-TCC 2008.Springer Berlin Heidelberg,2008:320-339.[DOI:10.1007/978-3-540-78524-8_18]
[47]LUO X Z,QIAN P D,ZHU Y Q,et al.Secure computation against convert adversaries based on game theory[J].Journal of Nanjing University of Aeronautics&Astronautics,2012,44(1):70-74.[DOI:10.3969/j.issn.1005-2615.2012.01.013]罗喜召,钱陪德,朱艳琴,等.防范秘密攻击的安全计算的博弈论实现[J].南京航空航天大学学报,2012,44(1):70-74.[DOI:10.3969/j.issn.1005-2615.2012.01.013]
[48]TIAN Y L,MA J F,PENG C G,et al.Game-theoretic analysis for the secure sharing scheme[J].Acta Electronica Sinica,2011,39(12):2790-2795.田有亮,马建峰,彭长根,等.秘密共享体制的博弈论分析[J].电子学报,2011,39(12):2790-2795.
[49]TIAN Y L,PENG C G,MA J F,et al.Game-theoretic mechanism for cryptographic protocol[J].Journal of Computer Research and Development,2014,51(2):344-352.[DOI:10.7544/issn1000-1239.2014.20111375]田有亮,彭长根,马建峰,等.安全协议的博弈论机制[J].计算机研究与发展,2014,51(2):344-352.[DOI:10.7544/issn1000-1239.2014.20111375]
[50]AGAH A,DAS S K,BASU K,et al.Intrusion detection in sensor networks:A non-cooperative game approach[C].In:Proceedings of IEEE International Symposium on Network Computing&Applications.IEEE,2004:343-346.[DOI:10.1109/NCA.2004.1347798]
[51]ANUVARSHA G,KUMAR R.Intrusion detection and response using game strategy and RRE engine in network security[J].International Journal of Engineering and Computer Science,2015,4(3):10977-10983.
[52]PATCHA A,PARK J M.A game theoretic approach to modeling intrusion detection in mobile ad hoc networks[C].In:Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop,2004.IEEE,2004:280-284.[DOI:10.1109/IAW.2004.1437828]
[53]CUI X,TAN X,ZHANG Y,et al.A Markov game theory-based risk assessment model for network information system[C].In:Proceedings of 2008 International Conference on Computer Science and Software Engineering,Vol.3.IEEE,2008:1057-1061.[DOI:10.1109/CSSE.2008.949]
[2]ZHU J M,WANG Q.Analysis of cyberspace security based on game theory[J].Chinese Journal of Network and Information Security,2015,1(1):43-49.[DOI:10.11959/j.issn.2096-109x.2015.00006]朱建明,王秦.基于博弈论的网络空间安全若干问题分析[J].网络与信息安全学报,2015,1(1):43-49.[DOI:10.11959/j.issn.2096-109x.2015.00006]
[3]ZHU J M,TIAN Y L.Game Theory and Information Security[M].Beijing:Beijing University of Posts and Telecommunications Press,2015:Chapter 1.朱建明,田有亮.博弈论与信息安全[M].北京:北京邮电大学出版社,2015:第一章.
[4]ZHANG W Y.Game Theory and Information Economics[M].Shanghai:Truth&Wisdom Press,2012:Chapter1.张维迎.博弈论与信息经济学[M].上海:格致出版社,2012:第一章.
[5]KUNREUTHER H,HEAL G.Interdependent security[J].Journal of Risk&Uncertainty,2003,26(2-3):231-249.[DOI:10.1023/A:1024119208153]
[6]CAVUSOGLU H,MISHRA B,RAGHUNATHAN S.The value of intrusion detection systems in information technology security architecture[J].Information Systems Research,2005,16(1):28-46.[DOI:10.1287/isre.1050.0041]
[7]LIU Y,COMANICIU C,MAN H.A Bayesian game approach for intrusion detection in wireless ad hoc networks[C].In:Proceedings from the 2006 Workshop on Game Theory for Communications and Networks.ACM,2006:275-283.[DOI:10.1145/1190195.1190198]
[8]ALPCAN T,BA?AR T.A game theoretic approach to decision and analysis in network intrusion detection[C].In:Proceedings of 42nd IEEE International Conference on Decision and Control,Vol.3.IEEE,2003:2595-2600.[DOI:10.1109/CDC.2003.1273013]
[9]ALPCAN T,BA?AR T.A game theoretic analysis of intrusion detection in access control systems[C].In:Proceedings of 43rd IEEE Conference on Decision and Control(CDC),Vol.2.IEEE,2004:1568-1573.[DOI:10.1109/CDC.2004.1430267]
[10]BLOEM M,ALPCAN T,BA?AR T.Intrusion response as a resource allocation problem[C].In:Proceedings of the 45th IEEE Conference on Decision and Control.IEEE,2006:6283-6288.[DOI:10.1109/CDC.2006.376981]
[11]ALPCAN T,BA?AR T.An intrusion detection game with limited observations[C].In:Proceedings of 12th International Symposium on Dynamic Games and Applications.Sophia Antipolis,France,2006:222-232.
[12]NGUYEN K C,ALPCAN T,BA?AR T.Stochastic games for security in networks with interdependent nodes[C].In:Proceedings of 2009 International Conference on Game Theory for Networks(GameNets’09).IEEE,2009:697-703.[DOI:10.1109/GAMENETS.2009.5137463]
[13]SHEN D,CHEN G,BLASCH E,et al.Adaptive Markov game theoretic data fusion approach for cyber network defense[C].In:Proceedings of IEEE Military Communications Conference(MILCOM 2007).IEEE,2007:1-7.[DOI:10.1109/MILCOM.2007.4454758]
[14]SCHMIDT S,ALPCAN T,ALBAYRAK?,et al.A malware detector placement game for intrusion detection[C].In:Critical Information Infrastructures Security-CRITIS 2007.Springer Berlin Heidelberg,2007:311-326.[DOI:10.1007/978-3-540-89173-4_26]
[15]XIA Z C,YIN Y,CHEN X H.An evolutionary game analysis on the response policy of the intrusion detection system[J].Microcomputer Information,2009,2009(33):60-61.夏子超,银鹰,陈晓桦.入侵检测系统响应策略的进化博弈论分析[J].微计算机信息,2009,2009(33):60-61.
[16]JORMAKKA J,M?LS?J V E.Modelling information warfare as a game[J].Journal of Information Warfare,2005,4(2):12-25.
[17]ZHOU H,ZHOU H J,MA J F.Security analysis model of intrusion tolerant systems based on game theory[J].Journal of Electronics&Information Technology,2013,35(8):1933-1939.[DOI:10.3724/SP.J.1146.2012.01081]周华,周海军,马建锋.基于博弈论的入侵容忍系统安全性分析模型[J].电子与信息学报,2013,35(8):1933-1939.[DOI:10.3724/SP.J.1146.2012.01081]
[18]WANG Y,YU M,LI J,et al.Stochastic game net and applications in security analysis for enterprise network[J].International Journal of Information Security,2012,11(1):41-52.[DOI:10.1007/s10207-011-0148-z]
[19]MA C Y T,YAU D K Y,RAO N S V.Scalable solutions of Markov games for smart-grid infrastructure protection[J].IEEE Transactions on Smart Grid,2013,4(1):47-55.[DOI:10.1109/TSG.2012.2223243]
[20]EMAMI-TABA M,AMOUI M,TAHVILDARI L.Strategy-aware mitigation using Markov games for dynamic application-layer attacks[C].In:Proceedings of 2015 IEEE 16th International Symposium on High Assurance Systems Engineering.IEEE,2015:134-141.[DOI:10.1109/HASE.2015.28]
[21]KOMATHY K,NARAYANASAMY P.Secure data forwarding against denial of service attack using trust based evolutionary game[C].In:Proceedings of Vehicular Technology Conference(VTC Spring 2008).IEEE,2008:31-35.[DOI:10.1109/VETECS.2008.19]
[22]LIU J H,YUE G X,SHEN S G,et al.A game-theoretic response strategy for coordinator attack in wireless sensor networks[J].The Scientific World Journal,2014,2014:950618.[DOI:10.1155/2014/950618]
[23]JIANG G,SHEN S,HU K,et al.Evolutionary game-based secrecy rate adaptation in wireless sensor networks[J].International Journal of Distributed Sensor Networks,2015,2015:1-13.[DOI:10.1155/2015/975454]
[24]CARIN L,CYBENKO G,HUGHES J.Quantitative evaluation of risk for investment efficient strategies in cybersecurity:The QuERIES methodology[R].AFRL/WS-07-2145,September 2007.
[25]NEYYAN R,PAUL A,DESHWAL M,et al.Game theory based defense mechanism against flooding attack using puzzle[C].In:IJCA Proceedings on Emerging Trends in Computer Science&Information Technology(ETCSIT2012).2012:etcsit1001 ETCSIT 5:6-10.
[26]YANG R,FANG F,JIANG A X,et al.Modeling human bounded rationality to improve defender strategies in network security games[C].In:Workshop on Human-Agent Interaction Design and Models at AAMAS.Valencia,Spain,June 2012.
[27]LIU P,ZANG W,YU M.Incentive-based modeling and inference of attacker intent,objectives,and strategies[J].ACM Transactions on Information and System Security(TISSEC),2005,8(1):78-118.[DOI:10.1145/948109.948135]
[28]CARROLL T E,GROSU D.A game theoretic investigation of deception in network security[J].Security and Communication Networks,2011,4(10):1162-1172.[DOI:10.1109/ICCCN.2009.5235344]
[29]NGUYEN K C,ALPCAN T,BA?AR T.Security games with incomplete information[C].In:Proceedings of 2009IEEE International Conference on Communications.IEEE,2009:1-6.[DOI:10.1109/ICC.2009.5199443]
[30]LYE K,WING J M.Game strategies in network security[J].International Journal of Information Security,2005,4(1-2):71-86.[DOI:10.1007/s10207-004-0060-x]
[31]SHIVA S,ROY S,DASGUPTA D.Game theory for cyber security[C].In:Proceedings of the Workshop on Cyber Security&Information Intelligence Research.ACM,2010:1-4.[DOI:10.1145/1852666.1852704]
[32]ZHENG J,CASTANóN D A.Decomposition techniques for Markov zero-sum games with nested information[C].In:Proceedings of 52nd IEEE Conference on Decision and Control.IEEE,2013:574-581.[DOI:10.1109/CD-C.2013.6759943]
[33]SUN W,KONG X W,HE D Q,et al.Research on attack and defense in information security based on evolutionary game[J].Information Science,2008,26(9):1408-1412.孙薇,孔祥维,何德全,等.基于演化博弈论的信息安全攻防问题研究[J].情报科学,2008,26(9):1408-1412.
[34]VARIAN H.System reliability and free riding[M].In:CAMP L J,LEWIS S,(eds).Economics of Information Security.Advances in Information Security,Vol.12.Springer Boston,2004:1-15.[DOI:10.1007/1-4020-8090-5_1]
[35]GROSSKLAGS J,CHRISTIN N,CHUANG J.Secure or insure?A game-theoretic analysis of information security games[C].In:Proceedings of the 17th International World Wide Web Conference.ACM,2008:209-218.[DOI:10.1145/1367497.1367526]
[36]GROSSKLAGS J,RADOSAVAC S,RDENAS A A,et al.Nudge:Intermediaries’role in interdependent network security[C].In:Proceedings of the 2010 ACM Symposium on Applied Computing.ACM,2010:1879-1880.[DOI:10.1145/1774088.1774486]
[37]LYU J J,KOU W H,WANG Y Z.An analysis of games of information security investment based on interdependent security[J].Chinese Journal of Management Science,2006,14(03):7-12.[DOI:10.3321/j.issn:1003-207X.2006.03.002]吕俊杰,邱菀华,王元卓.基于相互依赖性的信息安全投资博弈[J].中国管理科学,2006,14(03):7-12.[DOI:10.3321/j.issn:1003-207X.2006.03.002]
[38]WU Y,FENG G,WANG N,et al.Game of information security investment:Impact of attack types and network vulnerability[J].Expert Systems with Applications,2015,42(15-16):6132-6146.[DOI:10.1016/j.eswa.2015.03.033]
[39]B?HME R.Security audits revisited[C].In:Financial Cryptography and Data Security-FC 2012.Springer Berlin Heidelberg,2012:129-147.[DOI:10.1007/978-3-642-32946-3_11]
[40]JIANG L,ANANTHARAM V,WALRAND J.How bad are selfish investments in network security?[J].IEEE/ACMTransactions on Networking,2011,19(2):549-560.[DOI:10.1109/tnet.2010.2071397]
[41]PAL R,HUI P.Modeling Internet security investments:Tackling topological information uncertainty[C].In:Decision and Game Theory for Security-GameSec 2011.Springer Berlin Heidelberg,2011:239-257.[DOI:10.1007/978-3-642-25280-8_18]
[42]GROSSKLAGS J,JOHNSON B,CHRISTIN N.The price of uncertainty in security games[M].In:MOORE T,PYM D,IOANNIDIS C(eds).Economics of Information Security and Privacy.Springer Boston,2010:9-32.[DOI:10.1007/978-1-4419-6967-5_2]
[43]JOHNSON B,GROSSKLAGS J,CHRISTIN N,et al.Uncertainty in interdependent security games[C].In:Decision and Game Theory for Security-GameSec 2010.Springer Berlin Heidelberg,2010:234-244.[DOI:10.1007/978-3-642-17197-0_16]
[44]ZHANG G R,YIN J.Multi-party secure sum computation based on game theory[J].Application Research of Computers,2009,26(4):1497-1499.[DOI:10.3969/j.issn.1001-3695.2009.04.086]张国荣,印鉴.基于博弈论的安全多方求和方法[J].计算机应用研究,2009,26(4):1497-1499.[DOI:10.3969/j.issn.1001-3695.2009.04.086]
[45]HALPERN J,TEAGUE V.Rational secret sharing and multiparty computation[C].In:Proceedings of Thirtysixth ACM Symposium on Theory of Computing.ACM,2004:623-632.[DOI:10.1145/1007352.1007447]
[46]KOL G,NAOR M.Cryptography and game theory:Designing protocols for exchanging information[C].In:Theory of Cryptography-TCC 2008.Springer Berlin Heidelberg,2008:320-339.[DOI:10.1007/978-3-540-78524-8_18]
[47]LUO X Z,QIAN P D,ZHU Y Q,et al.Secure computation against convert adversaries based on game theory[J].Journal of Nanjing University of Aeronautics&Astronautics,2012,44(1):70-74.[DOI:10.3969/j.issn.1005-2615.2012.01.013]罗喜召,钱陪德,朱艳琴,等.防范秘密攻击的安全计算的博弈论实现[J].南京航空航天大学学报,2012,44(1):70-74.[DOI:10.3969/j.issn.1005-2615.2012.01.013]
[48]TIAN Y L,MA J F,PENG C G,et al.Game-theoretic analysis for the secure sharing scheme[J].Acta Electronica Sinica,2011,39(12):2790-2795.田有亮,马建峰,彭长根,等.秘密共享体制的博弈论分析[J].电子学报,2011,39(12):2790-2795.
[49]TIAN Y L,PENG C G,MA J F,et al.Game-theoretic mechanism for cryptographic protocol[J].Journal of Computer Research and Development,2014,51(2):344-352.[DOI:10.7544/issn1000-1239.2014.20111375]田有亮,彭长根,马建峰,等.安全协议的博弈论机制[J].计算机研究与发展,2014,51(2):344-352.[DOI:10.7544/issn1000-1239.2014.20111375]
[50]AGAH A,DAS S K,BASU K,et al.Intrusion detection in sensor networks:A non-cooperative game approach[C].In:Proceedings of IEEE International Symposium on Network Computing&Applications.IEEE,2004:343-346.[DOI:10.1109/NCA.2004.1347798]
[51]ANUVARSHA G,KUMAR R.Intrusion detection and response using game strategy and RRE engine in network security[J].International Journal of Engineering and Computer Science,2015,4(3):10977-10983.
[52]PATCHA A,PARK J M.A game theoretic approach to modeling intrusion detection in mobile ad hoc networks[C].In:Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop,2004.IEEE,2004:280-284.[DOI:10.1109/IAW.2004.1437828]
[53]CUI X,TAN X,ZHANG Y,et al.A Markov game theory-based risk assessment model for network information system[C].In:Proceedings of 2008 International Conference on Computer Science and Software Engineering,Vol.3.IEEE,2008:1057-1061.[DOI:10.1109/CSSE.2008.949]
© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号 地址:北京市海淀区学院路29号 邮编:100083 电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700 |