ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2021, Vol. 58 ›› Issue (8): 1789-1800.doi: 10.7544/issn1000-1239.2021.20200524

• 信息安全 • 上一篇    下一篇



  1. (空军工程大学信息与导航学院 西安 710077) (
  • 出版日期: 2021-08-01
  • 基金资助: 

Optimal Strategy of Moving Target Defense Based on Differential Game

Sun Yan, Ji Weifeng, Weng Jiang, Zhao Beiying   

  1. (Information and Navigation College, Air Force Engineering University, Xi’an 710077)
  • Online: 2021-08-01
  • Supported by: 
    This work was supported by the National Natural Science Foundation of China for Young Scientists (61902426).

摘要: 目前,针对移动目标防御最优策略研究大多采用经典单/多阶段博弈和Markov博弈模型,无法在连续实时网络攻防对抗中进行灵活决策.为实现实时选取最优移动目标防御策略,在研究节点级传染病模型与微分博弈理论的基础上,提出了一种移动目标防御微分博弈模型,对网络空间重要节点构造安全状态演化方程与攻防收益目标函数,并设计开环纳什均衡求解算法以得出最优防御策略.仿真结果表明,该方法可有效对网络攻击进行实时防御,并且可针对网络关键节点制定相应移动目标防御策略.

关键词: 网络空间安全, 移动目标防御, 微分博弈, 开环纳什均衡, 最优策略

Abstract: Easy to attack and difficult to defend is one of the core issues on network security. Moving target defense is a key technology to enhance network defense capabilities and ensure cyberspace security. At present, most studies on the optimal defense strategy for moving targets defense adopt the classic single/multi-stage game model and Markov game model, which cannot make flexible decisions in continuous real-time network attack and defense confrontation. In order to achieve the real-time selection of the optimal moving target defense strategy, this paper considers that the interdependence between the microscopic individual behavior and the macroscopic communication phenomenon in the network will have impact on the network’s offensive and defense decisions. Based on the research on node-level infectious disease model and differential game theory, a differential game model for moving target defense is proposed. The security state evolution equation and the objective function of offensive and defensive gains are constructed for important nodes in cyberspace. And the open-loop Nash equilibrium solution algorithm is designed to obtain the optimal defense strategy. The simulation results show that this method can effectively defend against network attacks in real-time and can make moving target defense decisions for key network nodes. Finally, based on the experimental results, key recommendations are put forward for the defense of important nodes in the network system.

Key words: cyberspace security, moving target defense, differential game, open-loop Nash equilibrium, optimal strategy