摘要
动态目标防御技术作为"改变游戏规则"的防御技术,在对抗高级持续威胁中提供了一种主动变换的防御方法。虽然已有部分动态防御技术成功应用,但针对其变化策略的研究和优化还停留在单层次、单参数上,阻碍了多层次融合的动态防御技术应用于实际部署。针对该问题,从系统角度分析了动态目标防御技术中不同参数对系统的影响,建立了系统正常服务与重配置过程模型,在此基础上,提出了基于马尔可夫决策过程的动态目标防御策略优化方法,引入Q-learning算法生成了优化策略集合,解决了多层次多变化参数集合的动态防御技术的策略优化问题。仿真实验表明,利用本文提出的优化模型和算法,计算出了优化后的动态目标防御重配置策略,该优化策略能够较好地平衡系统的可用性和安全性,指导今后动态目标防御技术实际部署问题。
Moving target defense(MTD) is a game-changing technique providing a proactive method against advanced persistent threats(APT) in cybersecurity. Although partial MTD techniques have been employed in several systems, the research of optimization for strategies is still stalled in single layer and single parameter, which hinders the world-wide application multilayer MTD technology. Focused on the MTD strategy optimization, the basic model of MTD and the influence of diverse parameters is analyzed from system view, while the model for the process of service-reconfiguration is established in this paper.Based on the Markov decision process(MDP), the MTD strategy optimization model is presented, and the Q-learning algorithm is introduced, which solves the strategy selection and state explosion of MTD. Finally, with the assessment model, a case study is given to illustrate the method by calculating the optimal strategy that can balance the system availability and security, which could guide the deployment of MTD in the future.
作者
熊鑫立
杨林
李克超
XIONG Xinli;YANG Lin;LI Kechao(College of command and control engineering,Army Engineering University of PLA,Nanjing 210007,Jiangsu,China;National Key Laboratory of Science and Technology on Information System Security,Academy of Military Sciences PLA China,Beijing 100141,Beijing,China)
出处
《武汉大学学报(理学版)》
CAS
CSCD
北大核心
2020年第2期141-148,共8页
Journal of Wuhan University:Natural Science Edition
