期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

蜜罐诱骗防御机理的博弈理论分析 被引量:18

A Game Theoretic Analysis for the Honeypot Deceptive Mechanism
下载PDF
导出
摘要 论文运用博弈理论形式化描述了蜜罐诱骗中各博弈局中人的策略与收益,通过求解博弈均衡策略及均衡条件,分析推理了传统蜜罐在网络攻防博弈中的有效性和局限性,证明了蜜罐是一种"被动式主动"防御手段。讨论了符合防御者预期的理想诱骗博弈均衡策略,剖析了影响诱骗博弈有效性和主动性的要素条件,并受生物拟态现象启发,给出了提高诱骗主动性和有效性的策略建议,为构建主动有效的蜜罐诱骗防御手段提供了理论支持。 A game-theoretic analysis is performed to acquire the equilibrium strategies and their precondition by formalizing the strategies and payoffs of players in the honeypot game.The effectiveness and the deficiency of honeypot are inferred for network confrontation game,which demonstrate that honeypot is a passive-proactive defense mechanism.The ideal equilibrium combined strategy for defender and the factor affecting the effectiveness and activeness are discussed in detail.Inspired by the mimicry phenomena in biological competition,the propositional methods are given to enhance the deception performance for honeypot.The work is a theoretical support for the effective and proactive tactics of honeypot.
作者 石乐义 姜蓝蓝 贾春福 王晓蕊
机构地区 中国石油大学计算机与通信工程学院 南开大学信息技术科学学院
出处 《电子与信息学报》 EI CSCD 北大核心 2012年第6期1420-1424,共5页 Journal of Electronics & Information Technology
基金 国家自然科学基金(60973141) 山东省中青年科学家科研奖励基金(2009BSA05001) 中央高校基本科研业务费专项(27R0907018A 11CX04052A)资助课题
关键词 博弈论 纳什均衡 蜜罐 主动性 有效性 Game theory Nash equilibrium Honeypot Activeness Effectiveness
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献16

  • 1Spitzner L. Honeypots: definitions and value of honeypots. http://www.tracking-hackers.com/, 2003.
  • 2Krawetz N. Anti-honeypot technology. IEEE Security & Privacy, 2004, 2(1): 76-79.
  • 3Spitzner L. Dynamic honeypots, http://www.securityfocus. com/infocus/1731, 2003.
  • 4Shi L, Li J, Han X, et al.. Design and implementation of distributed self-election dynamic array honeypot system. China Communications, 2011, 8(4): 109-115.
  • 5Rowe N, Custy E, and Duong B. Defending cyberspace with fake honeypots. Journal of Computers, 2007, 2(2): 25-36.
  • 6Lye K and Wing J. Game strategies in network security. International Journal of Information Security, 2005, 5(4): 71 -86.
  • 7Shiva S, Roy S, and Dasgupta D. Game theory for cyber security. Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research, New York, 2010: 1-4.
  • 8Bedi H, Roy S, and Shiva S. Game theory-based defense mechanisms against DDoS attacks on TCP/TCP-friendly flows. 2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS), Paris, 2011: 129-136.
  • 9石乐义,贾春福,吕述望.服务跳变抗DoS机制的博弈理论分析[J].电子与信息学报,2009,31(1):228-232. 被引量:7
  • 10Cai J, Yegneswaran V, and Alfeld C. Honey games: a game theoretic approach to defending network monitors. Journal of Combinatorial Optimization, 2011, 22(8): 305-324.

二级参考文献12

  • 1贾春福,钟安鸣,张炜,马勇.网络安全不完全信息动态博弈模型[J].计算机研究与发展,2006,43(z2):530-533. 被引量:11
  • 2Savage S, Wetherall D, and Karlin A, et al.. Practical network support for ip traceback. Proc. ACM SIGCOMM 2000. New York, 2000: 295-306.
  • 3Bellovin S. The ICMP traceback message, http://www. research.att.com, 2000.
  • 4Ferguson P and Senie D. Network ingress filtering: Defeating denial of service attacks which employs ip source address spoofing, http://www.ietf.org/rfc/rfc2267.txt, 1998.
  • 5SANS Institute. Egress filtering, http://www.sans.org/y2k /egress.htm, 2000.
  • 6Wang J and Lu L. Tolerating denial of service attacks using overlay networks: Impact of overlay network topology. Proc. 1st ACM Workshop on Survivable and Serf-Regenerative Systems, Fairfax VA, 2003: 43-52.
  • 7Lee H C J and Thing V L L. Port hopping for resilient networks. Proc. 60th IEEE Vehicular Technology Conference, Washington, 2004: 3291-3295.
  • 8Atighetchi M, Pal P, and Webber F, et al.. Adaptive use of network-centric mechanisms in cyber-defense. Proc. 6th IEEE Int'l Syrup. Object-Oriented Real-Time Distributed Computing, Hokkaido, 2003: 183-192.
  • 9Shi L, Jia C, and Lu S, et al. Port and address hopping for active cyber-defense. Pacific Asia Workshop on Intelligence and Security Informatics, Chengdu, 2007, LNCS 4430: 295-300.
  • 10Shi L, Jia C, and Lu S, et al.. DoS evading mechanism upon service hopping. IFIP International Conference on Network and Parallel Computing, Dalian, 2007: 119-122.

共引文献6

同被引文献111

引证文献18

二级引证文献162

电子与信息学报
2012年 第6期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部