融合攻击图和博弈模型的网络防御策略生成方法

The Generation Method of Network Defense Strategy Combining with Attack Graph and Game Model

近些年威胁网络安全的事件日趋频繁,黑客的攻击手段越来越复杂,网络安全防护的难度不断增加。针对实际攻防环境中攻击策略复杂多变和攻击者不理性的问题,文章将攻击图融入攻防博弈模型,并引入强化学习算法,设计了一种网络主动防御策略生成方法。该方法首先基于改进攻击图的网络脆弱性评估模型,成功压缩策略空间并有效降低建模难度,然后对网络攻防进行博弈模型构建,将攻击者和防御者对网络的攻防策略问题设计为一个多阶段的随机博弈模型,引入强化学习Minimax-Q设计了自学习网络防御策略选取算法。防御者在经过对一系列的攻击行为学习之后,求解出针对该攻击者的最优防御策略。最后,本文通过仿真实验验证了该算法的有效性和先进性。

In recent years,incidents threatening network security have become more frequent,hackers’attack methods have become more and more sophisticated,and the difficulty of network security protection has continued to increase Aiming at the problem of the complex and changeable attack strategies and the imperfect rationality of the attacker in the actual network attack and defense environment,the article integrated the attack graph into the attack and defensive game model,and introduced a reinforcement learning algorithm to design a network active defense strategy generation method.The article first proposed a network vulnerability assessment model based on an improved attack graph,this model successfully compresses strategy space and effectively reduces the difficulty of modeling;then the article built a game model for network attack and defense,designed the attacker and defender’s decision-making on the network attack and defense strategy as a multi-stage random game model.At the same time,the article introduces reinforcement learning Minimax-Q Learning to design a self-learning network defense algorithm,through this algorithm,the defender can learn a series of attack behaviors to solve the optimal defense strategy for the attacker.Finally,the article verifies the effectiveness and advancement of the algorithm through simulation experiments.At the same time,the article introduced reinforcement learning Minimax-Q to design a self-learning network defense strategy selection algorithm,through this algorithm,the defender can learn a series of attack behaviors to solve the optimal defense strategy for the attacker.Finally,the article verified the effectiveness and advancement of the algorithm through simulation experiments.,it shows that the proposed method has certain guiding significance for network defense.