摘要
随着计算机技术与互联网络的发展,任务关键网络系统作为一类特殊的网络信息系统在影响人民生活和社会发展的诸多领域得到了广泛应用。然而,不断恶化的网络环境使得该类系统面临的安全问题日益突出,在依靠传统网络安全技术无法满足人们对其安全需求的背景下,网络安全态势感知研究便应运而生。
目前,网络安全态势感知研究正处于起步阶段,尚缺乏面向复杂网络系统的安全态势感知研究方案,进而无法指导态势预测、态势可视化等后续研究的进一步开展。本文针对任务关键网络系统的全局安全问题,提出面向服务的任务关键网络系统安全态势感知研究,重点突破系统安全态势的形式化建模与量化感知方法,解决网络安全态势的定性描述和定量分析问题。本文主要研究内容组织如下:
首先,采用面向服务的思想对任务关键网络系统进行架构设计,建立一种面向服务架构的任务关键网络系统理论模型(SOA-MCNS),采用状态π演算对基于服务操作的任务关键网络系统进行状态/行为混合建模,并提出一种SMM模型以测算该系统架构的成熟程度。模型验证结果表明,该系统模型可正确反映系统服务的关键性质和行为特性。SOA方式为进行任务关键网络系统安全态势形式化建模及量化分析提供了重要的指导作用。
其次,依据任务关键网络系统中可能存在的服务与服务、服务与配置、配置与配置之间的资源依存关系,从网络服务、网络主机和网络链路三个不同层面对系统安全态势量化指标进行综合分析,提出层次化安全态势衡量指标,对其进行形式化描述并抽象出基于S-H-L的安全态势指标体系模型。实例应用结果表明,该研究成果可用于不同场景下网络服务级安全态势评价,为进行系统级安全态势分析提供了合理依据。
再次,研究基于隐马尔可夫模型的任务关键网络系统安全态势形式化建模方法。剖析系统安全态势构成要素,将网络攻击行为及服务运行状况抽象为HMM双重随机过程的建模对象,从攻击行为和安全影响两个角度分别构建系统安全态势的形式化模型并采用经典Baum-Welch算法进行模型参数估计。仿真实验结果表明,该模型可准确反映系统安全态势要素之间的逻辑对应关系和动态变化情况,是进行态势量化分析的重要基础。
最后,研究基于博弈论的任务关键网络系统安全态势量化分析方法。结合本文面向服务的研究思想,选取服务可用性与性能参数作为影响分析的重要指标。引入混合策略博弈刻画网络攻防双方的安全交互,建立网络攻防博弈模型,并对模型中的策略空间、转移概率、支付函数等参数给出了明确定义。该方法将均衡时刻博弈双方的收益作为安全态势的综合体现,以
数对的形式具体、直观地刻画了系统的安全状况,从而完成了安全态势的量化分析与自动生成,为安全管理员正确决策提供支持。
With the progress of computer technology and Internet, mission-critical network system (MCNS), as a special kind of network information system, has been widely applied in many fields that affect people's lives and social development. However, network environment worsening makes security problems facing by the system become more and more obvious. Under the circumstances that traditional network security technologies can not satisfy people's security requirements any longer, research on network security situational awareness (NSSA) emerges as the times require.
At present, research on network security situational awareness is just underway, and research schema of NSSA is still lacked, which results in less guidance in further progress of the following studies on situational forecast, situation visualization and so on. Aiming at the global security of mission critical network system, research on service-oriented mission critical network system security situational awareness is proposed, in which formal modeling and quantitative awareness of security situational awareness are emphasized in order to solve the problems of qualitative description and quantitative analysis. The main contents are organized as follows:
Firstly, service-oriented idea is adopted in MCNS architecture design. A kind of service-oriented architecture mission-critical network system model(SOA-MCNS) is established, stateπcalculus is used in state/behavior hybrid modeling for MCNS based on service operations, and a SMM model is presented to measure the maturity degree of the architecture. Model verification experimental results indicate that the system model can accurately reflect system's key features and behavioral features. Service-oriented architecture provides an important guiding role in formal modeling and quantitative analysis for security situation of MCNS.
Secondly, according to the potential resource dependencies among services, service and configuration, configurations in MCNS, system security situation metrics is analyzed from three levels of network services, network hosts and network links, and then hierarchical security situation indexes are proposed and formalized, at last a security situation index system model based on S-H-L is abstracted. Application in specific cases indicates that the research achievements can be used in network service security situation analysis at different scenes and provides a reasonable basis for system security situation analysis.
Thirdly, MCNS security situation formal modeling method based on Hidden Markov Model (HMM) is explored. System security situation factors are studied, and network attack behaviors and service operational states are abstracted into modeling objects for the dual stochastic processes in HMM. Formal models of system security situation are separately constructed from the two perspectives of attack behaviors and security influences and classic Baum-Welch algorithm is used in model parameter estimation. Simulation experimental result proves that the model can reflect the logic relations and dynamic transformations among and of security situation factors exactly, and which turns into the foundation for quantitative analysis of situation.
Finally, quantitative analysis method for MCNS security situation based on game theory is studied. Combined with the service-oriented idea, network service availability and performance parameters are chosen as the important indexes in impact analysis. Mixed strategy game is introduced to depict the security interaction between attackers and defenders in cyberspace, network offensive-defensive game model is constructed and parameters, like strategy space, transfer probability, payoff function, are clearly defined. The method takes payoffs of game players as synthetical embodiment of security situation, and depicts system' s security status in the form of number pair, then quantitative analysis and automatic generation of security situation is completed, which helps security administrator decide correctly.
引文
[1]中国信息安全产品测评认证中心编著.信息安全理论与技术.北京:人民邮电出版社,2003:1-30页
[2]中国互联网网络安全报告(2008年上半年).国家计算机网络应急技术处理协调中心.http://www. cert. org. cn/articles/docs/common/ 2008112124134. shtml,2008,11
[3]Tim Bass. Intrusion Detection System and Multi-sensor Data Fusion. Communications of the ACM.2000,43(4):99-105P
[4]Federal Plan for Advanced Networking Research and Development. National Science and Technology Council. http://www. nitrd. gov/ pubs/index.html,2008,9
[5]Tim Bass. Cyberspace Situational Awareness and Cyber Rules of Engagement.http://silkroad.com/papers/talking/roe/nodel. html, 2006,10
[6]Mica R. Endsley. Design and Evaluation for Situation Awareness Enhancement. Proceedings of Human Factors Society 32nd Annual Meeting, Santa Monica, CA.1988:97-101P
[7]Kass S J, Herschler D A, Companion M A. Training Situational Awareness through Pattern Recognition in a Battlefield Environment. Military Psychology.1991,3(2):105-112P
[8]Theureau J.. Use of Nuclear-Reactor Control Room Simulators in Research & Development. Proceedings of 7th IFAC/IFIP/IFORS/IEA Symposium on Analysis, Design and Evaluation of MAN-MACHINE SYSTEMS, Kyoto.1998,425-430P
[9]Mogford R H. Mental Models and Situation Awareness in Air Traffic Control. The International Journal of Aviation Psychology.1997, 7(4):331-341P
[10]Blandford, Ann,& Wong, B.L. William. Situation Awareness in Emergency Medical Dispatch. International Journal of Human-Computer Studies.2004,61(4):421-452P
[11]Mica R. Endsley. Theoretical Underpinnings of Situation Awareness:A Critical Review. In Situation Awareness Analysis and Measurement. NJ:Lawrence Erlbaum Associates,2000:3-32P
[12]武成刚,邓望年.美军战场感知能力建设及其启示.军事经济学院学报.2006,13(4):87-88页
[13]Eliot Feibush, Nikhil Gagvani, Daniel Williams. Visualization for Situational Awareness. IEEE Computer Graphics and Applications.2000,20(5):38-45P
[14]Young J. Kim, Christoph M. Hoffmann. Enhanced Battlefield Visualization for Situation Awareness. Computers and Graphics. 2003,27(6):873-885P
[15]Mirmoeini, F., Krishnamurthy V. An Adaptive Situation Assessment Based Decision Making System. Proceeding of 9th International Conference on System Information Fusion, 2006,7:1-8P
[16]LTC Stephen R. Riese. Quantifying Information Availability for Situational Awareness. Mors Workshop on Decision Aids/Support to Joint Operations Planning. http://www.mors.org/meetings/ decision_aids/da_pres/Riese. pdf,2007
[17]Matheus C. J., Kokar M. M., Baclawski K. A Core Ontology for Situation Awareness. Proceedings of the Sixth International Conference of Information Fusion,2003,1:545-552P
[18]Tim Bass. Multisensor Data Fusion for Next Generation Distributed Intrusion Detection Systems.1999 IRIS National Symposium Draft,1999,4
[19]Tim Bass. Intrusion Detection System and Multisensor Data Fusion. Communications of the ACM.2000,43 (4):99-105P
[20]Lambert D A. Situations for Situation Awareness. Proceedings of the Fourth International Conference on Information Fusion, Montreal:Canada,2001:327-334P
[21]Mieczyslaw M. Kokar. Situation Awareness:Issues and Challenges. Proceedings of the Seventh International Conference on Information Fusion,2004:533-534P
[22]Breton, R., Roussear, R. Decision Making in C2:From a Person-Task Perspective. Defense Research Establishment Valcartier,2001,11:49P
[23]Sarter N. B., Woods D. D. Situation awareness:A critical but ill-defined phenomenon. The International Journal of Aviation Psychology.1991,1 (1):45-57P
[24]Endsley M R. Toward a theory of situation awareness in dynamic systems. Human Factors.1995,37(1):85-104P
[25]Greg Cole, Natasha Bulashova, William Yurcik. Geographical NetFlow Visualization for Network Situational Awareness: NaukaNet Administrative Data Analysis System (NADAS). Proceedings of 12th International Conference on Telecom-munication Systems-Modeling and Analysis, U. S. A,2004,7
[26]Kiran Lakkaraju, Yifan Li, Xiaoxin Yin et al. NVision IP and VisFlwoConnect:Two interactive tools for visualizing network flow for security. Security Lab Seminar, http://seclab. cs. ucdavis. edu/seminars/Lakkaraju-slides. ppt,2004
[27]National Science and Technology Council. Federal Plan for Cyber Security and Information Assurance Research and Development. Report by the Interagency Working Group on Cyber Security and Information Assurance.2006,4
[28]Simon Banbury, Sebastien Tremblay. A Cognitive Approach to Situation Awareness:Theory and Application. Ashgate:Aldershot UK.2004,10
[29]V. Yegneswaran, P. Barford, V. Paxson. Using Honeynets for Internet Situational Awareness. Proceedings of the 4th Workshop on Hot Topics in Networks. ACM Press,2005,11
[30]Sanguk Noh. Autonomous Situation Awareness Through Threat Data Integration. IEEE International Conference on Information Reuse and Integration.2007,8:550-555P
[31]Hu Wei, Li Jianhua, Jiang Xinghao, et al. A Hierarchical Algorithm for Cyberspace Situational Awareness Based on Analytic Hierarchy Process. High Technology Letters.2007, 13(3):291-296P
[32]McInerney J., Stubberud S, Anwar S, et al. Friars:a feedback control system for information assurance using a markov decision process. Proceedings of Internation Carnahan Conference on Security Technology,2001:223-228P
[33]Lye K., Wing J. Game Strategies in Network Security. International Journal of Information Security.2005,4(1-2): 71-86P
[34]Kong-wei Lye, Jeannette Wing. Game Strategies in Network Security. Proceedings of the 10th ACM conference on Computer and Communication Security Washington D. C.,2003:179-189P
[35]Anis Alazzawe, Asad Nawaz, Murad Mehmet Bayraktar. Game Theory and Intrusion Detection Systems. Proceedings of ISA 767-Secure E-Commerce.2006
[36]Karin S., Bjame E., Helvik, et al. Towards a stochastic model for integrated security and dependability evaluation. Proceedings of the First International Conference on Availability, Reliability and Security. Vienna, Austria, IEEE Press,2006:156-165P
[37]Karin S, Bjame E., Helvik, et al. A Game-theoretic Approach to Stochastic Security and Dependability. Proceedings of Autonomic and Secure Computing. Indianapolis, US:IEEE Press,2006:61-68P
[38]Sallhammar K., Knapskog S. J., Helvik B. E. Using stochastic game theory to compute the expected behavior of attackers. Proceedings of the 2005 Symposium on Applications and the Internet Workshops. Trento, Italy:IEEE Press,2005:102-105P
[39]谭凌鸿,何选森.基于博弈模型的网络安全失效分析方法研究.计算机工程与应用.2008,44(31):139-141页
[40]林闯,汪洋,李泉林.网络安全的随机模型方法与评价技术.计算机学报.2005,28(12):1943-1956P
[41]Andrew P. Moore, Robert J. Ellison, Richard C. Linger. Attack Modeling for Information Security and Survivability. Carnegie Mellon University:Technical Note CMU/SEI-2001-TH-001.2001,3
[42]Jonsson E., Olovsson T.. A quantitative model of the security intrusion process based on attacker behavior. IEEE Transactions on Software Engineering.1997,23(4):235-245P
[43]Xia Zhengyou, Zhang Shiyong. A kind of network security behavior model based on game theory. In:Proceedings of the 4th International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT, Chengdu, China,2003, 950-954P
[44]Porras P, Fong M, Valdes A. A mission-impact-based approach to INFOSEC alarm correlation. Proceedings of the 15th International Symposium on Recent Advances in Intrusion Detection. Berlin:Springer-Verlag Publisher,2002:95-114P
[45]Salim Hariri, Guangzhi Qu, Tushneem Dharmagadda, et al. Impact Analysis of Attacks and Faults in Large Scale Network. IEEE Security & Privacy.2003,49-54P
[46]陈秀真,郑庆华,管晓宏,林晨光.网络化系统安全态势评估的研究.西安交通大学学报.2004,38(4):404-408页
[47]Hanemann A, Schmitz D, Sailer M. A framework for failure impact
analysis and recovery with respect to service level agreements [C]//Proc. of 2005 IEEE Int'l Conference on Services Computing. Piscataway:IEEE Publisher,2005:49-58P
[48]Krugel C, Toth T, Kirda E. Service specific anomaly detection for network intrusion detection[C]//Proc. of the ACM Symp. on Applied Computing. New York:ACM Publisher,2002:201-208P
[49]Robert Ball, Glenn A. Fink. Home-centric visualization of network traffic for security administration. Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security. Washington DC,2004,10:55-64P
[50]Xiaoxin Yin, William Yurcik, Adam Slagell. VisFlowConnect-IP: An Animated Link Analysis Tool for Visualizing Netflows. FLOCON-Network Flow Analysis Workshop (Network Flow Analysis for Security Situational Awareness),2005,9
[51]Soon Tee Teoh, Kwan-Liu Ma, S.Felix Wu, et al. Case Study: Interactive Visualization for Internet Security. Proceedings of 2002 IEEE Visualization, Boson, MA, USA.2002,10:505-508P
[52]Gregory Conti, Kulsoom Abdullah. Passive Visual Fingerprinting of Network Attack Tools. Proceedings of the 2004 ACM workshop on VizSEC/DMSEC. Fairfax,2004,10:45-54P
[53]Stephen G. Batsell, Nageswara S. Rao, Mallikarjun Shankar. Distributed Intrusion Detection and Attack Containment for Organizational Cyber Security. http://www.ioc.ornl.gov/ projects/documents/containment.pdf,2006,12
[54]Jason Shifflet. A Technique Independent Fusion Model for Network Intrusion Detection. Proceedings of the Midstates Conference on Undergraduate Research in Computer Science and Mathematics. Granville, October 2005,3(1):13-19P
[55]Phillip A. Porras, Richard A. Kemmerer. Penetration State Transition Analysis A Rule-Based Intrusion Detection Approach. Proceedings of the 8th Annual Computer Security Applications Conference. San Antonio, November 1992,220-229P
[56]Kiran Lakkaraju, William Yurcik, Adam J. Lee. NVisionIP:NetFlow Visualizations of System State for Security Situational Awareness. Proceedings of VizSEC/DMSEC. Washington DC,2004,10
[57]Stephen Lau. The spinning cube of potential doom. Communications of the ACM,2004,47(6):25-26P
[58]CERT Network Situational Awareness (NetSA). http://www.cert. org/netsa,2006.3
[59]NCASSR, Security Incident Fusion Tools (SIFT). http://www. ncassr. org/project/index. php?id=11
[60]William Yurcik. Visualizing NetFlows for Security at Line Speed: The SIFT Tool Suite.19th Usenix Large Installation System Administration Conference (LISA), San Diego, CA USA,2005,12
[61]Ratna Bearavolu, Kiran Lakkaraju, William Yurcik. NVisionIP:An Animated State Analysis Tool for Visualizing NetFlows. FLOCON Network Flow Analysis Workshop (Network Flow Analysis for Security Situational Awareness),2005,9
[62]Xiaoxin Yin, William Yurcik, Adam Slagell. The Design of VisFlowConnect-IP:a Link Analysis System for IP Security Situational Awareness. Third IEEE International Workshop on Information Assurance (IWIA),2005
[63]Zhenmin Li, Jed Taylor, et al. UCLog:A Unified, Correlated Logging Architecture for Intrusion Detection.12th International Conference on Telecommunication Systems Modeling and Analysis (ICTSM),2004
[64]Office Of The Secretary Of Defense (OSD) Deputy Director Of Defense Research & Engineering Deputy Under Secretary Of Defense (Science & Technology). Small Business Innovation Research (SBIR) FY 2005.3 Program Description, USA.2005
[65]Advanced Research and Development Activity (ARDA). Exploratory Program Call for Proposals 2006
[66]北京理工大学信息安全与对抗技术研究中心.网络安全态势评估系统技术白皮书.http://www. think-or. com/product/download/网络安全态势评估系统技术白皮书2.doc,2005,12
[67]陈秀真,郑庆华,管晓宏,林晨光.层次化网络安全威胁态势量化评估方法.软件学报,2006,17(4):885-897页
[68]M. S. Blumenthal, D. D. Clark. Rethinking the design of the Internet:The end to end arguments vs. the brave new world. ACM Transaction on Internet Technology.2001,1 (1):70-109P
[69]沈苏彬,顾冠群.网络体系结构与网络难题解决方案.东南大学学报.1999,29(5):1-10页
[70]杨鹏,吴家皋.网络服务体系结构及其形式化模型的研究.计算机研究与发展.2005,42(7):1115-1112页
[71]DoD Multidisciplinary University Research Initiative Program. Adaptable Secure Situation-Aware Service-Based (AS3) Systems. http://dpse. eas. asu. edu/AS3/index. shtml
[72]S. S. Yau, H. Davulcu, S. Mukhopadhyay, H. Gong, D. Huang, P. Singh and F. Gelgi, Automated Situation-aware Service Composition in Service-Oriented Computing, International J. on Web Services Research (IJWSR),2007,4(4):59-82P
[73]S. S. Yau, H. Gong, D. Huang, et al. Automated Agent Synthesis for Situation Awareness in Service-based Systems. Proceedings of the 30th Annual International Computer Software and Applications Conference (COMPSAC'06).2006
[74]Hurley Edward. Attacks evolving toward exploiting network services. http://searchsecurity. techtarget.com/news/article/ 0,289142, sidl4_gci939419,00. html
[75]Milner R, Parrow J, Walker D. A calculus of mobile processes. Information and Computation.1992,100(1):1-40P
[76]Sangiorgi D, Walker D. The Pi-calculus:a theory of mobile processes. Cambridge:Cambridge University Press,2001,1-310P
[77]许可,王跃宣,吴澄.网络服务链模型的验证分析技术及应用.中国科学E辑:信息科学.2007,37(4):467-485页
[78]许可.网格服务流的状态π演算形式化验证技术研究与应用.北京:清华大学博士学位论文.2007,4:22-45页
[79]Abadi M, Lamport L. Composing specifications. ACM Transactions on Programming Languages and Systems.1993,15(1):73-132P
[80]Bolognesi T. A conceptual framework for state-based and event-based formal behavioral specification languages. Proceedings of 9th International Conference on Engineering of Complex Computer Systems. Florence:IEEE Computer Society,2004: 107-116P
[81]侯丽珊,金芝,吴步丹.需求驱动的Web服务建模及其验证:一个基于本体的方法.中国科学E辑信息科学.2006,36(10):1189-1219页
[82]Ferrari G. L., Gnesi S., Montanari U., et al. A Model-checking Verification Environment for Mobile Process. ACM Transactions on Software Engineering and Methodology.2003,12(4):440-473P
[83]Bouali A., Gnesi S., Larosa S. JACK:Just another concurrency kit:The integration project. Bulletin of the European Association for Theorecical Computer Science.1994,54:207-224P
[84]Cimatti A., Clarke E., Giunchiglia E., et al. NuSMV2:an open source tool for symbolic model checking. Computer Aided Verification, LNCS.2002,2404:359-364P
[85]麻志毅,陈泓婕.一种面向服务的体系结构参考模型.计算机学报.2006,29(7):1011-1019页
[86]Eric Roch. The Services Oriented Architecture (SOA) Maturity Model. http://it. toolbox,com/blogs/the-soa-blog/soa-maturity-model-17087,2007
[87]Jean Jacques Dubray. Fundamentals of Service Orientation.
http://www. attachmate. com/WhitePapers/Fundamentals+of+Servic e+Orientation. html,2006
[88]Zhang Xiang, Yao Shuping, Tang Chenghua. Assessing the Risk Situation of Network Security for Active Defense. Wuhan University Journal of Natural Sciences.2006,11(6):1718-1722P
[89]王娟,张风荔,傅翀等.网络态势感知中的指标体系研究.计算机应用.2007,27(8):1907-1912P
[90]Erik. P. Blasch, Mike Pribilski, Brian Daughtery et al. Fusion Metrics for Dynamic Situation Analysis. Proceedings of Signal Processing, Sensor Fusion and Target Recoginition.2004,5429: 428-438P
[91]George Tadda, John J. Salerno, Douglas Boulware. Realizing Situation Awareness in a Cyber Environment. Proceedings of SPIE. 2006,6242(4):1-8P
[92]程学东.电信网网络安全评估指标体系研究.现代电信科技.2005,8(8):10-13页
[93]李永.改进的模糊层次分析法[J].西北大学学报(自然科学版).2005,2(1):11-12页
[94]李庆扬.数值分析.北京:清华大学出版社,2001:50-65页
[95]张涛,胡铭曾,云晓春,张永铮.计算机网络安全性分析建模研究.通信学报.2005,26(12):100-109页
[96]李德毅.复杂网络与网络安全.军队指挥自动化.2005,(6):15-20页
[97]谭小彬,王卫平,奚宏生等.计算机系统入侵检测的隐马尔可夫模型.计算机研究与发展.2003,40(2):245-255页
[98]L. E. Baum, T.Petrie. Statistical inference for probabilistic runction of rinite state Markov chains. Ann. Math. Stat.1966,37: 1554-1563P
[99]李娜.基于隐马尔可夫链的协议异常检测研究.湖南:湖南大学博士学位论文.2005:12-14页
[100]Mark Stamp. A Revealing Introduction to Hidden Markov Models
January,18,2004
[101]张惠娟.基于博弈论的可生存网络资源管理研究.西安:西安电子科技大学博士学位论文.2006,8:13-16页
[102]Joel Brynielsson, Stefan Arnborg. Bayesian Games for Threat Prediction and Situation Analysis. In proceedings of FUSION, 2004. http://citeseer.ist.psu.edu/brynielsson04bayesian. html
[103]Dan Shen, Genshe Chen, Leonard S. Haynes, et al. A Markov game approach to cyber security. Proceedings of SPIE 2007
[104]Dan Shen, Genshe Chen, Jose B. Cruz.. A Markov Game Theoretic Data Fusion Approach for Cyber Situational Awareness. Proceedings of SPIE.2007,6571:1-12P
[105]Genshe Chen, Dan Shen, Chiman Kwan. Game Theoretic Approach to Threat Prediction and Situation Awareness. Proceedings of the 9th International Conference on Information Fusion.2006,1-8P
[106]姚淑萍.攻防对抗环境下的网络安全态势评估技术研究.科技导报.2007,25(7):9-12页
[107]Xia Zhengyou,Zhang Shiyong. A Kind of Network Security Behavior Model Based on Game Theory. Parallel and Distributed Compuing. Applications and Technologies.2003,20(4):950-954P
[108]D. Fudenberg, J. Tirole. Game Theory. MIT Press.1991
[109]Roger B. Myerson. Game Theory:Analysis of Conflict. Harvard University Press.1991
[110]张培刚.微观经济学的产生和发展.湖南人民出版社.1997,373-421页
[111]John von Neumann, Oskar Morgenstern. Theory of Games and Economic Behavior. John Wiley & Sons.1964
[112]J. F. Nash. The Bargaining Problem. Econometrica.1950,18: 155-162P
[113]J. F. Nash. Noncooperative Games. Annals of Mathematics.1951, 54:189-295P
E114]张维迎.博弈论与信息经济学.上海:上海人民出版社.1996
[115]何路.基于博弈理论的入侵响应决策研究.西安:西北大学硕士论文.2006,6:25-34页
[116]闫怀志,胡昌振,谭惠民.基于模糊矩阵博弈的网络安全威胁、评估.计算机工程与应用.2002,38(13):4-10页