基于信号博弈的移动目标防御最优策略选取方法
|
摘要
针对移动目标防御最优策略选取问题,从攻击面转换(ASS)和探测面扩展(ESE)的角度形式化来定义防御策略,阐释了防御原理;采用动态对抗和有限信息的视角对网络攻防行为进行研究,在分析攻防博弈类型和攻防过程的基础上,构建了基于信号博弈的移动目标防御模型;改进了攻防策略量化计算方法,提出了精炼贝叶斯均衡求解算法,并通过对博弈均衡的分析设计了最优防御策略选取算法。仿真实验验证了所提模型和方法的有效性。
To solve the problem of the optimal strategy selection for moving target defense, the defense strategy was defined formally, the defense principle from the perspective of attack surface shifting and exploration surface enlarging was taken into account. Then, network attack-defense behaviors were analyzed from the sight of dynamic confrontation and bounded information. According to the analysis of attack-defense game types and confrontation process, the moving target defense model based on signaling game was constructed. Meanwhile, the method to quantify strategies was improved and the solution of perfect Bayesian equilibrium was proposed. Furthermore, the optimal defense strategy selection algorithm was designed by the equilibrium analysis. Finally, the simulation demonstrates the effectiveness and feasibility of the proposed optimal strategy and selection method.
To solve the problem of the optimal strategy selection for moving target defense, the defense strategy was defined formally, the defense principle from the perspective of attack surface shifting and exploration surface enlarging was taken into account. Then, network attack-defense behaviors were analyzed from the sight of dynamic confrontation and bounded information. According to the analysis of attack-defense game types and confrontation process, the moving target defense model based on signaling game was constructed. Meanwhile, the method to quantify strategies was improved and the solution of perfect Bayesian equilibrium was proposed. Furthermore, the optimal defense strategy selection algorithm was designed by the equilibrium analysis. Finally, the simulation demonstrates the effectiveness and feasibility of the proposed optimal strategy and selection method.
引文
[1]方滨兴.从层次角度看网络空间安全技术的覆盖领域[J].网络与信息安全学报,2015,1(1):1-6.FANG B X.A hierarchy model on the research fields of cyberspace security technology[J].Chinese Journal of Network and Information Security,2015,1(1):1-6.
[2]JAJODIA S,GHOSH A K,SWARUP V,et al.Moving target defense:creating asymmetric uncertainty for cyber threats[M].Berlin:Springer Science Business Media,2011.
[3]蔡桂林,王宝生,王天佐,等.移动目标防御技术研究进展[J].计算机研究与发展,2016,53(5):968-987.CAI G L,WANG B S,WANG T Z,et al.Research on development of moving target defense technology[J].Journal of Computer Research and Development,2016,53(5):968-987.
[4]刘效武,王慧强,吕宏武,等.网络安全态势认知融合感控模型[J].软件学报,2016,27(8):2099-2114.LIU X W,WANG H Q,LV H W,et al.Fusion-based cognitive awareness-control model for network security situation[J].Journal of Software,2016,27(8):2099-2114.
[5]朱建明,王秦.基于博弈论的网络空间安全若干问题分析[J].网络与信息安全学报,2015,1(1):43-49.ZHU J M,WANG Q.Analysis of cyberspace security based on game theory[J].Chinese Journal of Network and Information Security,2015,1(1):43-49.
[6]MANADHATA P K.Game theoretic approaches to attack surface shifting[J].ACM Transactions on Information and System Security,2017,23(2):145-153.
[7]CARTER K M,RIORDAN J F,OKHRAVI H.A game theoretic approach to strategy determination for dynamic platform defenses[C]//ACM Workshop on Moving Target Defense.ACM,2017:21-30.
[8]VADLAMUDI S G,SENGUPTA S,KAMBHAMPATI S,et al.Moving target defense for Web applications using Bayesian Stackelberg games[J].Adaptive Agents and Multi-Agents Systems,2016:1377-1378.
[9]FILLER T,JUDAS J,FRIDRICH J.Signaling game model:DDoSdefense analysis[J].Journal of Security Engineering,2016,39(3):414-417.
[10]张恒巍,余定坤,韩继红,等.信号博弈网络安全威胁评估方法[J].西安电子科技大学学报,2016,43(3):137-143.ZHANG H W,YU D K,HAN J H,et al.Network security threat assessment based on the signaling game[J].Journal of Xidian University,2016,43(3):137-143.
[11]张恒巍,余定坤,韩继红,等.基于攻防信号博弈模型的防御策略选取方法[J].通信学报,2016,37(5):51-61.ZHANG H W,YU D K,HAN J H,et al.Defense policies selection method based on attack-defense signaling game model[J].Journal on Communications,2016,37(5):51-61.
[12]OKHRAVI H,COMELLA A,ROBINSON E,et al.Creating a cyber moving target for critical infrastructure applications using platform diversity[J].International Journal of Critical Infrastructure Protection,2014,5(1):30-39.
[13]BENZEL T.A strategic plan for cyber security research and development[J].IEEE Security&Privacy,2015,13(4):3-5.
[14]FENG X,ZHENG Z,CANSEVER D.A signaling game model for moving target defense[C]//2017 IEEE Conference on Computer Communications.IEEE,2017:1-9.
[15]LEI C,ZHANG H Q,WAN L M,et al.Incomplete information Markov game theoretic approach to strategy generation for moving target defense[J].Computer Communications,2018,116:184-199.
[16]HUANG S R,ZHANG H W,WANG J,et al.Markov differential game for network defense decision-making method[J].IEEE Access,2018:39621-39634.
[17]刘江,张红旗,刘艺.基于不完全信息动态博弈的动态目标防御最优策略选取研究[J].电子学报,2018,46(1):82-89.LIU J,ZHANG H Q,LIU Y.Research on optimal selection of moving target defense policy based on dynamic game with incomplete information[J].Acta Electronica Sinica,2018,46(1):82-89.
[18]GORDON L,LOEB M,LUCYSHYN W,et al.Computer crime and security survey[C]//2014 Computer Security Institute.2014:11-34.
[19]MANADHATA P K,WING J M.An attack surface metric[J].IEEETransactions on Software Engineering,2011,37(3):371-386.
[20]LIN J Q,LIU P,JING J W.Using signaling games to model the multi-step attack-defense scenarios on confidentiality[J].Security Lecture Notes in Computer Science,2017,39(6):118-137.
[21]MALEKI H,VALIZADEH S,KOCH W,et al.Markov modeling of moving target defense games[C]//ACM Workshop on Moving Target Defense.ACM,2018:104-110.
[22]ZHUANG R,BARDAS A G,DELOACH S A,et al.A theory of cyber attacks:a step towards analyzing MTD systems[C]//ACM Workshop on Moving Target Defense.ACM,2017:211-220.
[23]GAO X,ZHU Y F.Defense mechanism analysis based on signaling game model[C]//International Conference on Intelligent Human-Machine Systems and Cybernetics.IEEE,2016:414-417.
[24]FUDENBERG D,TIROLE J.Game theory[M].Boston:Massachusetts Institute of Technology Press,2012.
[25]ZHU Q,BA?AR T.Game-theoretic approach to feedback-driven multi-stage moving target defense[C]//Decision and Game Theory for Security.Springer International Publishing,2013:246-263.
[2]JAJODIA S,GHOSH A K,SWARUP V,et al.Moving target defense:creating asymmetric uncertainty for cyber threats[M].Berlin:Springer Science Business Media,2011.
[3]蔡桂林,王宝生,王天佐,等.移动目标防御技术研究进展[J].计算机研究与发展,2016,53(5):968-987.CAI G L,WANG B S,WANG T Z,et al.Research on development of moving target defense technology[J].Journal of Computer Research and Development,2016,53(5):968-987.
[4]刘效武,王慧强,吕宏武,等.网络安全态势认知融合感控模型[J].软件学报,2016,27(8):2099-2114.LIU X W,WANG H Q,LV H W,et al.Fusion-based cognitive awareness-control model for network security situation[J].Journal of Software,2016,27(8):2099-2114.
[5]朱建明,王秦.基于博弈论的网络空间安全若干问题分析[J].网络与信息安全学报,2015,1(1):43-49.ZHU J M,WANG Q.Analysis of cyberspace security based on game theory[J].Chinese Journal of Network and Information Security,2015,1(1):43-49.
[6]MANADHATA P K.Game theoretic approaches to attack surface shifting[J].ACM Transactions on Information and System Security,2017,23(2):145-153.
[7]CARTER K M,RIORDAN J F,OKHRAVI H.A game theoretic approach to strategy determination for dynamic platform defenses[C]//ACM Workshop on Moving Target Defense.ACM,2017:21-30.
[8]VADLAMUDI S G,SENGUPTA S,KAMBHAMPATI S,et al.Moving target defense for Web applications using Bayesian Stackelberg games[J].Adaptive Agents and Multi-Agents Systems,2016:1377-1378.
[9]FILLER T,JUDAS J,FRIDRICH J.Signaling game model:DDoSdefense analysis[J].Journal of Security Engineering,2016,39(3):414-417.
[10]张恒巍,余定坤,韩继红,等.信号博弈网络安全威胁评估方法[J].西安电子科技大学学报,2016,43(3):137-143.ZHANG H W,YU D K,HAN J H,et al.Network security threat assessment based on the signaling game[J].Journal of Xidian University,2016,43(3):137-143.
[11]张恒巍,余定坤,韩继红,等.基于攻防信号博弈模型的防御策略选取方法[J].通信学报,2016,37(5):51-61.ZHANG H W,YU D K,HAN J H,et al.Defense policies selection method based on attack-defense signaling game model[J].Journal on Communications,2016,37(5):51-61.
[12]OKHRAVI H,COMELLA A,ROBINSON E,et al.Creating a cyber moving target for critical infrastructure applications using platform diversity[J].International Journal of Critical Infrastructure Protection,2014,5(1):30-39.
[13]BENZEL T.A strategic plan for cyber security research and development[J].IEEE Security&Privacy,2015,13(4):3-5.
[14]FENG X,ZHENG Z,CANSEVER D.A signaling game model for moving target defense[C]//2017 IEEE Conference on Computer Communications.IEEE,2017:1-9.
[15]LEI C,ZHANG H Q,WAN L M,et al.Incomplete information Markov game theoretic approach to strategy generation for moving target defense[J].Computer Communications,2018,116:184-199.
[16]HUANG S R,ZHANG H W,WANG J,et al.Markov differential game for network defense decision-making method[J].IEEE Access,2018:39621-39634.
[17]刘江,张红旗,刘艺.基于不完全信息动态博弈的动态目标防御最优策略选取研究[J].电子学报,2018,46(1):82-89.LIU J,ZHANG H Q,LIU Y.Research on optimal selection of moving target defense policy based on dynamic game with incomplete information[J].Acta Electronica Sinica,2018,46(1):82-89.
[18]GORDON L,LOEB M,LUCYSHYN W,et al.Computer crime and security survey[C]//2014 Computer Security Institute.2014:11-34.
[19]MANADHATA P K,WING J M.An attack surface metric[J].IEEETransactions on Software Engineering,2011,37(3):371-386.
[20]LIN J Q,LIU P,JING J W.Using signaling games to model the multi-step attack-defense scenarios on confidentiality[J].Security Lecture Notes in Computer Science,2017,39(6):118-137.
[21]MALEKI H,VALIZADEH S,KOCH W,et al.Markov modeling of moving target defense games[C]//ACM Workshop on Moving Target Defense.ACM,2018:104-110.
[22]ZHUANG R,BARDAS A G,DELOACH S A,et al.A theory of cyber attacks:a step towards analyzing MTD systems[C]//ACM Workshop on Moving Target Defense.ACM,2017:211-220.
[23]GAO X,ZHU Y F.Defense mechanism analysis based on signaling game model[C]//International Conference on Intelligent Human-Machine Systems and Cybernetics.IEEE,2016:414-417.
[24]FUDENBERG D,TIROLE J.Game theory[M].Boston:Massachusetts Institute of Technology Press,2012.
[25]ZHU Q,BA?AR T.Game-theoretic approach to feedback-driven multi-stage moving target defense[C]//Decision and Game Theory for Security.Springer International Publishing,2013:246-263.