ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2020, Vol. 57 ›› Issue (4): 767-777.doi: 10.7544/issn1000-1239.2020.20190870

所属专题: 2020数据驱动网络专题

• 网络技术 • 上一篇    下一篇

基于随机博弈与禁忌搜索的网络防御策略选取

孙骞1,2,薛雷琦2,高岭2,3, 王海2,王宇翔1   

  1. 1(西北大学现代教育技术中心 西安 710127);2(西北大学信息科学与技术学院新型网络智能信息服务国家地方联合工程研究中心 西安 710127);3(西安工程大学计算机科学学院新型网络智能信息服务国家地方联合工程研究中心 西安 710600) (sq@nwu.edu.cn)
  • 出版日期: 2020-04-01
  • 基金资助: 
    国家自然科学基金项目(61572401);赛尔网络下一代互联网技术创新项目(NGII20150403)

Selection of Network Defense Strategies Based on Stochastic Game and Tabu Search

Sun Qian1,2, Xue Leiqi2, Gao Ling2,3, Wang Hai2, Wang Yuxiang1   

  1. 1(Contemporary Educational Technology Center, Northwest University, Xi’an 710127);2(State-Province Joint Engineering and Research Center of Advanced Networking and Intelligent Information Services, School of Information Science and Technology, Northwest University, Xi’an 710127);3(State-Province Joint Engineering and Research Center of Advanced Networking and Intelligent Information Services, College of Computer Science, Xi’an Polytechnic University, Xi’an 710600)
  • Online: 2020-04-01
  • Supported by: 
    This work was supported by the National Natural Science Foundation of China (61572401) and the Next Generation Internet Technology Innovation Project of Celtic Network(NGII20150403).

摘要: 网络防御策略是决定网络安全防护效果的关键因素,现有的网络防御决策研究的是完全理性前提条件以及攻防效益函数参数选择等方面,对实际网络攻防中信息不对称、法律惩戒等因素存在模型偏差,降低了策略的实用性与可靠性.结合实际问题,在有限理性的前置条件基础上构建禁忌随机博弈模型,引入了禁忌搜索方法对随机博弈进行有限理性的分析,并设计具有记忆功能的搜索方法,通过禁忌表数据结构实现记忆功能,并利用数据驱动的记忆结合博弈模型得出最优防御策略.实验结果表明:该方法在攻防收益量化方面提高了精准度,防御效益相对于现有典型的方法提高了准确度,方法空间复杂度优于强化学习等典型方法.

关键词: 随机博弈, 禁忌搜索, 网络攻防, 防御策略, 有限理性

Abstract: The network defence strategy is the key factor to determine the effect of network security protection. In terms of the rational precondition of the existing network defence decision-making research and the parameter selection of the attack and defence benefit function, there are model deviations for the factors such as information asymmetry and legal punishment in the actual network attack and defence, which reduces the practicability and reliability of the strategy. In this paper, the Tabu random game model is constructed on the basis of the preconditions of bounded rationality, the Tabu search algorithm is introduced to analyze the bounded rationality of random game, and a search algorithm with memory function is designed. The data structure of the Tabu table is used to realize the memory function, and the data-driven memory combined with the game model is used to get the optimal defence strategy. The experimental results show that this method improves the accuracy in the quantification of attack and defence benefits, improves the accuracy of defence benefits compared with the existing typical methods, and the algorithm space complexity is better than the reinforcement learning and other typical algorithms.

Key words: stochastic game, Tabu search, network attack and defense, defense strategy, bounded rationality

中图分类号: