非对称信息条件下APT攻防博弈模型

发布时间：2018-02-01 21:24

  本文关键词： 博弈论 非对称信息 网络攻击 高级持续威胁 网络安全　出处：《计算机应用》2017年09期 　论文类型：期刊论文

【摘要】：针对目前缺少对高级持续威胁(APT)攻击理论建模分析的问题,提出了一种基于Flip It模型的非对称信息条件下的攻防博弈模型。首先,将网络系统中的目标主机等资产抽象为目标资源节点,将攻防场景描述为攻防双方对目标资源的交替控制;然后,考虑到攻防双方在博弈中观察到的反馈信息的不对称性以及防御效果的不彻底性,给出了在防御者采取更新策略时攻防双方的收益模型及最优策略的条件,同时给出并分别证明了达到同步博弈与序贯博弈均衡条件的定理;最后通过数例分析了影响达到均衡时的策略及防御收益的因素,并比较了同步博弈均衡与序贯博弈均衡。结果表明周期策略是防御者的最优策略,并且与同步博弈均衡相比,防御者通过公布其策略达到序贯博弈均衡时的收益更大。实验结果表明所提模型能够在理论上指导应对隐蔽性APT攻击的防御策略。
[Abstract]:Aiming at the lack of theoretical modeling and analysis of advanced persistent threat (apt) attack, a game model of attack and defense based on Flip it model with asymmetric information is proposed. The target host and other assets in the network system are abstracted as the target resource node, and the attack and defense scene is described as the alternate control of the target resource between the attacking and defending sides. Then, considering the asymmetry of feedback information observed by both sides in the game and the inthoroughness of defense effect. In this paper, the profit model and the conditions of the optimal strategy are given when the defender adopts the renewal strategy, and the theorems of the equilibrium conditions of synchronous game and sequential game are given and proved respectively. Finally, several examples are given to analyze the influence of the strategy and the defense income factors, and to compare the synchronous game equilibrium with the sequential game equilibrium. The results show that the periodic strategy is the best strategy for the defender. And compared with synchronous game equilibrium. The results show that the proposed model can theoretically guide the defense strategy against hidden APT attacks.
【作者单位】： 武警工程大学网络与信息安全武警部队重点实验室;武警工程大学信息安全研究所;
【基金】：国家自然科学基金资助项目(61402531) 陕西省自然科学基础研究计划项目(2014JQ8358,2015JQ6231,2014JQ8307)~~
【分类号】：TP393.08
【正文快照】： 0引言近年来,针对关键基础设施(Critical Infrastructure,CI)和政府、大型企业、军事机构等信息系统的高级持续威胁(Advanced Persistent Threat,APT)[1]攻击事件频发,信息资产受到的安全威胁越来越严重。APT攻击以其目标性强、隐蔽性高、方式多维性、不易被侦测等特点成为常，

本文编号：1482907