基于非零和博弈的多路径组合攻击防御决策方法

Defense descision-making method for multi-path combined attack based on non-zero-sum game

针对网络攻防中多路径组合攻击的防御策略问题,根据网络中多攻击路径对抗的非合作及双方收益的特点,提出了一种基于非零和博弈的防御策略选取方法。首先,根据网络攻防的实际资源受限定义了攻击成本、惩罚因子、防御代价等参数,并对攻防双方的收益计算方法进行了优化;其次,基于多路径组合攻击过程,构建了非零和动态博弈模型,并计算出相应的攻防效益矩阵;最后,利用纳什均衡原理得出攻击者的最佳攻击效用,以及防御者的最优策略。该策略在多条攻击路径并存的威胁下,能够选择出防御效果最优的策略进行安全加固及防护。仿真实验验证了本文所提出方法的有效性,并分析了实际资源受限下攻击成本、惩罚因子、防御代价等参数设置对防御策略选取的影响。

A defense strategy selection method based on non-zero-sum game is proposed according to the network′s characteristics of non-cooperation and mutual benefit of multi-path confrontation,aiming at the defense strategy of multi-path combination attack in network′s attack and defense.Firstly,the parameters such as attack cost,penalty factor and defense cost are defined on the basis of the actual resource constraints of network attack and defense,and the income calculation methods of both sides′profits are optimized.Secondly,based on the multi-path combination attack process,the non-zero and dynamic game models are constructed and the corresponding attack and defense benefit matrix is calculated.Finally,the best attack utility and the optimal strategy of the defender are obtained by Nash equilibrium principle.Under the threat of coexistence of multiple attack paths,the strategy with the optimal defense effect can be selected for security reinforcement and protection.The simulation results,with the actual resource constrained,verify the effectiveness of the proposed method,and analyze the impact of attack cost,penalty factor,defense cost and other parameters on the selection of defense strategy.