非对称信息条件下APT攻防博弈模型
|
摘要
针对目前缺少对高级持续威胁(APT)攻击理论建模分析的问题,提出了一种基于Flip It模型的非对称信息条件下的攻防博弈模型。首先,将网络系统中的目标主机等资产抽象为目标资源节点,将攻防场景描述为攻防双方对目标资源的交替控制;然后,考虑到攻防双方在博弈中观察到的反馈信息的不对称性以及防御效果的不彻底性,给出了在防御者采取更新策略时攻防双方的收益模型及最优策略的条件,同时给出并分别证明了达到同步博弈与序贯博弈均衡条件的定理;最后通过数例分析了影响达到均衡时的策略及防御收益的因素,并比较了同步博弈均衡与序贯博弈均衡。结果表明周期策略是防御者的最优策略,并且与同步博弈均衡相比,防御者通过公布其策略达到序贯博弈均衡时的收益更大。实验结果表明所提模型能够在理论上指导应对隐蔽性APT攻击的防御策略。
To solve the problem of the lack of modeling and analysis of Advanced Persistent Threat( APT) attacks, an attack-defense game model based on Flip It with asymmetric information was proposed. Firstly, the assets such as targeted hosts in the network system were abstracted as the target resource nodes and the attack-defense scenarios were described as the alternating control of the target nodes. Then, considering the asymmetry of the feedback information observed by the two sides and the incomplete defensive effect, the conditions of the payoff model and the optimal strategy of the attacker and defender were proposed in the case of renewal defense strategy. Besides, theorems of simultaneous and sequential equilibrium were proposed and demonstrated. Finally, numerical illustrations were given to analyze the factors of equilibrium strategy as well as defense payoff and to compare simultaneous and sequential equilibrium. The experimental results show that period strategy is defender's best strategy and the defender can achieve sequential equilibrium meanwhile obtaining more payoffs compared with simultaneous equilibrium by announcing her defense strategy in advance. Conclusions show that the proposed model can theoretically guide defense strategy towards stealthy APT attacks.
To solve the problem of the lack of modeling and analysis of Advanced Persistent Threat( APT) attacks, an attack-defense game model based on Flip It with asymmetric information was proposed. Firstly, the assets such as targeted hosts in the network system were abstracted as the target resource nodes and the attack-defense scenarios were described as the alternating control of the target nodes. Then, considering the asymmetry of the feedback information observed by the two sides and the incomplete defensive effect, the conditions of the payoff model and the optimal strategy of the attacker and defender were proposed in the case of renewal defense strategy. Besides, theorems of simultaneous and sequential equilibrium were proposed and demonstrated. Finally, numerical illustrations were given to analyze the factors of equilibrium strategy as well as defense payoff and to compare simultaneous and sequential equilibrium. The experimental results show that period strategy is defender's best strategy and the defender can achieve sequential equilibrium meanwhile obtaining more payoffs compared with simultaneous equilibrium by announcing her defense strategy in advance. Conclusions show that the proposed model can theoretically guide defense strategy towards stealthy APT attacks.
引文
[1]TANKARD C.Advanced persistent threats and how to monitor and deter them[J].Network Security,2011,2011(8):16-19.
[2]付钰,李洪成,吴晓平,等.基于大数据分析的APT攻击检测研究综述[J].通信学报,2015,36(11):1-14.(FU Y,LI H C,WUX P,et al.Detecting APT attacks:a survey from the perspective of big data analysis[J].Journal on Communications,2015,36(11):1-14.)
[3]RASS S,K?NIG S,SCHAUER S.Defending against advanced persistent threats using game-theory[J].Plos One,2017,12(1):e0168675.
[4]MANSHAEI M H,ZHU Q,ALPCAN T,et al.Game theory meets network security and privacy[J].ACM Computing Surveys,2013,45(3):Article No.25.
[5]姜伟,方滨兴,田志宏,等.基于攻防博弈模型的网络安全测评和最优主动防御[J].计算机学报,2009,32(4):817-827.(JIANGW,FANG B X,TIAN Z H,et al.Evaluating network security and optimal active defense based on attack-defense game model[J].Chinese Journal of Computers,2009,32(4):817-827.)
[6]林旺群,王慧,刘家红,等.基于非合作动态博弈的网络安全主动防御技术研究[J].计算机研究与发展,2011,48(2):306-316.(LIN W Q,WANG H,LIU J H,et al.Research on active defense technology in network security based on non-cooperative dynamic game theory[J].Journal of Computer Research and Development,2011,48(2):306-316.)
[7]陈永强,付钰,吴晓平.基于非零和攻防博弈模型的主动防御策略选取方法[J].计算机应用,2013,33(5):1347-1352.(CHENY Q,FU Y,WU X P.Active defense strategy selection based on non-zero-sum attack-defense game model[J].Journal of Computer Applications,2013,33(5):1347-1352.)
[8]张恒巍,余定坤,韩继红,等.基于攻防信号博弈模型的防御策略选取方法[J].通信学报,2016,37(5):51-61.(ZHANG H W,YU D K,HAN J H,et al.Defense policies selection method based on attack-defense signaling game model[J].Journal on Communications,2016,37(5):51-61.)
[9]VAN DIJK M,JUELS A,OPREA A,et al.Flip It:the game of“stealthy takeover”[J].Journal of Cryptology,2013,26(4):655-713.
[10]BOWERS K D,VAN DIJK M,GRIFFIN R,et al.Defending against the unknown enemy:applying flip It to system security[C]//International Conference on Decision and Game Theory for Security,LNCS 7638.Berlin:Springer,2012:248-263.
[11]PHAM V,CID C.Are we compromised?Modelling security assessment games[C]//International Conference on Decision and Game Theory for Security,LNCS 7638.Berlin:Springer,2012:234-247.
[12]LASZKA A,HORVATH G,FELEGYHAZI M,et al.Flip Them:modeling targeted attacks with flip It for multiple resources[C]//International Conference on Decision and Game Theory for Security,LNCS 8840.Berlin:Springer,2014:175-194.
[13]ZHANG M,ZHENG Z Z,SHROFF N B.Stealthy attacks and observable defenses:a game theoretic model under strict resource constraints[C]//Proceedings of the 2014 IEEE Global Conference on Signal and Information Processing.Piscataway,NJ:IEEE,2014:813-817.
[14]FENG X,ZHENG Z,HU P,et al.Stealthy attacks meets insider threats:a three-player game model[C]//Proceedings of the 2015IEEE Military Communications Conference.Piscataway,NJ:IEEE,2015:25-30.
[15]FENG X,ZHENG Z,CANSEVER D,et al.Stealthy attacks with insider information:a game theoretic model with asymmetric feedback[EB/OL].[2016-11-22].http://spirit.cs.ucdavis.edu/pubs/conf/xiaotao-milcom16.pdf.
[16]FARHANG S,GROSSKLAGS J.Flip Leakage:a game-theoretic approach to protect against stealthy attackers in the presence of information leakage[C]//International Conference on Decision and Game Theory for Security,LNCS 9996.Berlin:Springer,2016:195-214.
[17]黄康宇,徐伟光.移动目标防御时间博弈相关研究介绍[J].军事通信技术,2016,37(4):98-102.(HUANG K Y,XU W G.Games of timing in moving target defense[J].Journal of Military Communications Technology,2016,37(4):98-102.)
[2]付钰,李洪成,吴晓平,等.基于大数据分析的APT攻击检测研究综述[J].通信学报,2015,36(11):1-14.(FU Y,LI H C,WUX P,et al.Detecting APT attacks:a survey from the perspective of big data analysis[J].Journal on Communications,2015,36(11):1-14.)
[3]RASS S,K?NIG S,SCHAUER S.Defending against advanced persistent threats using game-theory[J].Plos One,2017,12(1):e0168675.
[4]MANSHAEI M H,ZHU Q,ALPCAN T,et al.Game theory meets network security and privacy[J].ACM Computing Surveys,2013,45(3):Article No.25.
[5]姜伟,方滨兴,田志宏,等.基于攻防博弈模型的网络安全测评和最优主动防御[J].计算机学报,2009,32(4):817-827.(JIANGW,FANG B X,TIAN Z H,et al.Evaluating network security and optimal active defense based on attack-defense game model[J].Chinese Journal of Computers,2009,32(4):817-827.)
[6]林旺群,王慧,刘家红,等.基于非合作动态博弈的网络安全主动防御技术研究[J].计算机研究与发展,2011,48(2):306-316.(LIN W Q,WANG H,LIU J H,et al.Research on active defense technology in network security based on non-cooperative dynamic game theory[J].Journal of Computer Research and Development,2011,48(2):306-316.)
[7]陈永强,付钰,吴晓平.基于非零和攻防博弈模型的主动防御策略选取方法[J].计算机应用,2013,33(5):1347-1352.(CHENY Q,FU Y,WU X P.Active defense strategy selection based on non-zero-sum attack-defense game model[J].Journal of Computer Applications,2013,33(5):1347-1352.)
[8]张恒巍,余定坤,韩继红,等.基于攻防信号博弈模型的防御策略选取方法[J].通信学报,2016,37(5):51-61.(ZHANG H W,YU D K,HAN J H,et al.Defense policies selection method based on attack-defense signaling game model[J].Journal on Communications,2016,37(5):51-61.)
[9]VAN DIJK M,JUELS A,OPREA A,et al.Flip It:the game of“stealthy takeover”[J].Journal of Cryptology,2013,26(4):655-713.
[10]BOWERS K D,VAN DIJK M,GRIFFIN R,et al.Defending against the unknown enemy:applying flip It to system security[C]//International Conference on Decision and Game Theory for Security,LNCS 7638.Berlin:Springer,2012:248-263.
[11]PHAM V,CID C.Are we compromised?Modelling security assessment games[C]//International Conference on Decision and Game Theory for Security,LNCS 7638.Berlin:Springer,2012:234-247.
[12]LASZKA A,HORVATH G,FELEGYHAZI M,et al.Flip Them:modeling targeted attacks with flip It for multiple resources[C]//International Conference on Decision and Game Theory for Security,LNCS 8840.Berlin:Springer,2014:175-194.
[13]ZHANG M,ZHENG Z Z,SHROFF N B.Stealthy attacks and observable defenses:a game theoretic model under strict resource constraints[C]//Proceedings of the 2014 IEEE Global Conference on Signal and Information Processing.Piscataway,NJ:IEEE,2014:813-817.
[14]FENG X,ZHENG Z,HU P,et al.Stealthy attacks meets insider threats:a three-player game model[C]//Proceedings of the 2015IEEE Military Communications Conference.Piscataway,NJ:IEEE,2015:25-30.
[15]FENG X,ZHENG Z,CANSEVER D,et al.Stealthy attacks with insider information:a game theoretic model with asymmetric feedback[EB/OL].[2016-11-22].http://spirit.cs.ucdavis.edu/pubs/conf/xiaotao-milcom16.pdf.
[16]FARHANG S,GROSSKLAGS J.Flip Leakage:a game-theoretic approach to protect against stealthy attackers in the presence of information leakage[C]//International Conference on Decision and Game Theory for Security,LNCS 9996.Berlin:Springer,2016:195-214.
[17]黄康宇,徐伟光.移动目标防御时间博弈相关研究介绍[J].军事通信技术,2016,37(4):98-102.(HUANG K Y,XU W G.Games of timing in moving target defense[J].Journal of Military Communications Technology,2016,37(4):98-102.)