摘要
针对平台动态防御中节点选择迁移的复杂性,设计了基于系统先验信息的单阶段静态博弈策略。从平台动态防御原理分析入手,结合攻防双方博弈关系和完全信息条件下的防御需求,构建了单阶段静态博弈模型,提出了攻防效用关键参数和完全信息博弈流程,通过示例给出了策略的具体实施过程。仿真结果表明,经过1000次攻防博弈实验后,防御方实际收益为4.403×10^4,攻击方实际收益为-1.625×10^5,所提策略能有效阻截网络攻击,防御方期望收益为4.324×10^4,实际收益偏差约1.8%,新策略的收益远高于无差别迁移策略,可解决传统平台动态防御中成本高、防御收支不平衡和节点迁移有效性等问题。
In view of the complexity of node selection and migration at platform dynamic defense,a single stage static game strategy is designed based on system prior information.Through analyzing from dynamic platform defense,a single stage static game model is constructed by combining the needs of the defense under conditions of game relationship between the two parties and complete information condition,and a process of the key parameters of the attack and defense utility and the complete information game is proposed.The demo and simulation results show that after 1000 times of attack defense game experiments,the actual revenue of the defense is 4.403×10^4,and the actual revenue of the attacker is-1.625×10^5,showing that the proposed strategy can effectively intercept cyber attacks.The expected revenue of the defense is 4.324×10^4,the deviation between the actual revenue and the expected revenue is about 1.8%.The revenue of the new strategy is much higher than that of the undifferentiated migration strategy.The single stage static game strategy based on the system prior information can solve the problems of high cost,unbalanced defense budget and effective node migration in the traditional platform dynamic defense.
作者
陈彤睿
马润年
王刚
冯云
王志屹
CHEN Tongrui;MA Runnian;WANG Gang;FENG Yun;WANG Zhiyi(Information and Navigation College,Air Force Engineering University,Xi’an 710077,China)
出处
《空军工程大学学报(自然科学版)》
CSCD
北大核心
2019年第6期84-90,共7页
Journal of Air Force Engineering University(Natural Science Edition)
基金
国家自然科学基金(61573017)
关键词
平台动态防御
完全信息博弈
攻击图
安全漏洞
platform dynamic defense
complete information game
attack graph
security vulnerability
