| 融合攻击图和博弈模型的网络防御策略生成方法 |
| |
| 引用本文: | 金志刚,王新建,李根,岳顺民.融合攻击图和博弈模型的网络防御策略生成方法[J].信息网络安全,2021(1). |
| |
| 作者姓名: | 金志刚 王新建 李根 岳顺民 |
| |
| 作者单位: | 天津大学电气自动化与信息工程学院;国网天津市电力公司 |
| |
| 基金项目: | 国家自然科学基金[61571318];中国博士后科学基金[2016M601265]。 |
| |
| 摘 要: | 近些年威胁网络安全的事件日趋频繁,黑客的攻击手段越来越复杂,网络安全防护的难度不断增加。针对实际攻防环境中攻击策略复杂多变和攻击者不理性的问题,文章将攻击图融入攻防博弈模型,并引入强化学习算法,设计了一种网络主动防御策略生成方法。该方法首先基于改进攻击图的网络脆弱性评估模型,成功压缩策略空间并有效降低建模难度,然后对网络攻防进行博弈模型构建,将攻击者和防御者对网络的攻防策略问题设计为一个多阶段的随机博弈模型,引入强化学习Minimax-Q设计了自学习网络防御策略选取算法。防御者在经过对一系列的攻击行为学习之后,求解出针对该攻击者的最优防御策略。最后,本文通过仿真实验验证了该算法的有效性和先进性。
|
| 关 键 词: | 网络安全 攻击图 博弈模型 Minimax-Q 最优防御策略 |
The Generation Method of Network Defense Strategy Combining with Attack Graph and Game Model |
| |
| JIN Zhigang,WANG Xinjian,LI Gen,YUE Shunmin.The Generation Method of Network Defense Strategy Combining with Attack Graph and Game Model[J].Netinfo Security,2021(1). |
| |
| Authors: | JIN Zhigang WANG Xinjian LI Gen YUE Shunmin |
| |
| Affiliation: | (School of Electronic and Information Engineering,Tianjin University,Tianjin 300072,China;State Grid Tianjin Electric Power Company,Tianjin 300010,China) |
| |
| Abstract: | In recent years,incidents threatening network security have become more frequent,hackers’attack methods have become more and more sophisticated,and the difficulty of network security protection has continued to increase Aiming at the problem of the complex and changeable attack strategies and the imperfect rationality of the attacker in the actual network attack and defense environment,the article integrated the attack graph into the attack and defensive game model,and introduced a reinforcement learning algorithm to design a network active defense strategy generation method.The article first proposed a network vulnerability assessment model based on an improved attack graph,this model successfully compresses strategy space and effectively reduces the difficulty of modeling;then the article built a game model for network attack and defense,designed the attacker and defender’s decision-making on the network attack and defense strategy as a multi-stage random game model.At the same time,the article introduces reinforcement learning Minimax-Q Learning to design a self-learning network defense algorithm,through this algorithm,the defender can learn a series of attack behaviors to solve the optimal defense strategy for the attacker.Finally,the article verifies the effectiveness and advancement of the algorithm through simulation experiments.At the same time,the article introduced reinforcement learning Minimax-Q to design a self-learning network defense strategy selection algorithm,through this algorithm,the defender can learn a series of attack behaviors to solve the optimal defense strategy for the attacker.Finally,the article verified the effectiveness and advancement of the algorithm through simulation experiments.,it shows that the proposed method has certain guiding significance for network defense. |
| |
| Keywords: | network security attack graph game model Minimax-Q optimal defense strategy |
| 本文献已被 维普 等数据库收录! |
|
