高级检索

    基于非合作动态博弈的网络安全主动防御技术研究

    Research on Active Defense Technology in Network Security Based on Non-Cooperative Dynamic Game Theory

    • 摘要: 目前基于博弈的网络安全主动防御技术大多采用静态博弈方式.针对这种静态方式无法应对攻击者攻击意图和攻击策略动态变化的不足,基于非合作、非零和动态博弈理论提出了完全信息动态博弈主动防御模型.通过“虚拟节点”将网络攻防图转化为攻防博弈树,并给出了分别适应于完全信息和非完全信息两种场景的攻防博弈算法.理论分析和实验表明相关算法在复杂度不高于同类算法的前提下:1)不仅适应于完全信息博弈场景,而且在非完全信息的特殊场景下仍能够得到合理的解;2)与采用静态博弈给出的以概率形式描述的混合策略Nash均衡解相比,给出的从子博弈精炼Nash均衡中抽出的解具有更好的可理解性和可操作性.

       

      Abstract: Game theory, an important part of artificial intelligent technique, has been applied on network defense very well. Static model has been used widely in most of the previous studies. However, some work shows such model cannot follow the evolving of the strategies of attackers. In this paper, an active defense model based on dynamic game theory of non-cooperative and complete information has been given, that is, the attack-defense game tree has been generated by adding some virtual nodes on the original attack-defense graph. Based on the attack-defense game tree, the best defense strategies are achieved under current network environment through resolving the Nash equilibrium in different situations. Besides, for the scenarios with complete information and incomplete information, two algorithms have been proposed respectively. The analysis and experimental results show that the complexity of the algorithms can be guaranteed not worse than other similar works. Moreover, not only for scenario with complete information, but also in incomplete cases, the sensible results can be found. With the comparison of mixed strategy Nash equilibrium generated by static game and described in a probabilistic form, results given by the sub-game perfect Nash equilibrium are more easily to be understood and operated. Network research based on game theory should have a good application in the future network security product.

       

    /

    返回文章
    返回