摘要
目前基于博弈的网络安全主动防御技术大多采用静态博弈方式.针对这种静态方式无法应对攻击者攻击意图和攻击策略动态变化的不足,基于非合作、非零和动态博弈理论提出了完全信息动态博弈主动防御模型.通过"虚拟节点"将网络攻防图转化为攻防博弈树,并给出了分别适应于完全信息和非完全信息两种场景的攻防博弈算法.理论分析和实验表明相关算法在复杂度不高于同类算法的前提下:1)不仅适应于完全信息博弈场景,而且在非完全信息的特殊场景下仍能够得到合理的解;2)与采用静态博弈给出的以概率形式描述的混合策略Nash均衡解相比,给出的从子博弈精炼Nash均衡中抽出的解具有更好的可理解性和可操作性.
Game theory,an important part of artificial intelligent technique,has been applied on network defense very well.Static model has been used widely in most of the previous studies.However,some work shows such model cannot follow the evolving of the strategies of attackers.In this paper,an active defense model based on dynamic game theory of non-cooperative and complete information has been given,that is,the attack-defense game tree has been generated by adding some virtual nodes on the original attack-defense graph.Based on the attack-defense game tree,the best defense strategies are achieved under current network environment through resolving the Nash equilibrium in different situations.Besides,for the scenarios with complete information and incomplete information,two algorithms have been proposed respectively.The analysis and experimental results show that the complexity of the algorithms can be guaranteed not worse than other similar works.Moreover,not only for scenario with complete information,but also in incomplete cases,the sensible results can be found.With the comparison of mixed strategy Nash equilibrium generated by static game and described in a probabilistic form,results given by the sub-game perfect Nash equilibrium are more easily to be understood and operated.Network research based on game theory should have a good application in the future network security product.
出处
《计算机研究与发展》
EI
CSCD
北大核心
2011年第2期306-316,共11页
Journal of Computer Research and Development
基金
国家"八六三"高技术研究发展计划基金项目(2007AA01Z474
2006AA01Z451
2007AA010502)
关键词
网络安全
主动防御
动态博弈
攻防博弈树
纳什均衡
network security
active defense
dynamic game theory
attack-defense game tree
Nash equilibrium
