移动边缘计算网络下基于静态贝叶斯博弈的入侵响应策略研究

doi:10.11959/j.issn.1000-436x.2023040

摘要/Abstract

摘要：

针对移动边缘计算环境下边缘节点资源受限、入侵过程难以被准确检测且缺乏有效应对外部入侵的入侵响应策略的问题，提出了一种适用于移动边缘计算环境的入侵检测网络结构，建立了基于静态贝叶斯博弈的入侵响应决策模型，模拟边缘节点与外部入侵者的网络交互行为，并对博弈过程中攻击者和防御者选择不同行为的概率进行了预测。入侵响应决策模型综合考虑系统资源、响应成本以及检测率、误报率和漏报率等因素，在兼顾入侵检测系统资源消耗及边缘节点隐私保护的基础上，对入侵检测系统的响应决策进行优化。实验分析了影响入侵响应决策的因素，为具体应用提供了实验依据。

关键词: 移动边缘计算, 静态贝叶斯博弈, 贝叶斯纳什均衡

Abstract:

In the mobile edge computing (MEC) environment, the resources of edge nodes are limited.It is difficult to detect the intrusion process accurately, and there is no effective intrusion response strategy to deal with external intrusions.An intrusion detection network structure suitable for mobile edge computing environment was proposed and an intrusion response decision model based on static Bayesian game was established to simulate the network interaction behavior between edge nodes and external intruders.The probability of attackers and defenders in the game process was predicted respectively.The influence of the system resource, the cost of intrusion response, the detection rate and false alarm rate were considered comprehensively by the intrusion response decision model.The response decision of the intrusion detection system was optimized on the basis of the considering both resource consumption of the intrusion detection and the privacy protection of the edge nodes.The factors that affected the decision-making of intrusion response were analyzed, and the experimental basis for the specific application was provided.

Key words: mobile edge computing, static Bayesian game, Bayesian-Nash equilibrium

中图分类号:

TP309

范伟, 彭诚, 朱大立, 王雨晴. 移动边缘计算网络下基于静态贝叶斯博弈的入侵响应策略研究[J]. 通信学报, 2023, 44(2): 70-81.

Wei FAN, Cheng PENG, Dali ZHU, Yuqing WANG. Research on intrusion response strategy based on static Bayesian game in mobile edge computing network[J]. Journal on Communications, 2023, 44(2): 70-81.

图/表 16

图1

图2

表1

表2

攻防效用矩阵"

节点i类型	节点i策略	收益
节点i类型	节点i策略	节点j选择Monitor	节点j选择NotMonitor
恶意	Attack	$((1 - α) ω - c_{a} - α b_{a},$	$(ω - c_{a}, - ω)$
		$α b_{d} - (1 - α) ω - c_{d})$
恶意	NotAttack	$(0, - β b_{d} - c_{d})$	$(0, b_{n})$
正常	NotAttack	$(0, - β b_{d} - c_{d})$	$(0, b_{n})$

表2

图3

表3

入侵响应决策博弈的贝叶斯纳什均衡"

μ	纳什均衡
$μ < \frac{β b_{d} + c_{d} + b_{n}}{α b_{d} + β b_{d} + α ω + b_{n}}$	存在纯策略的贝叶斯纳什均衡
	${S_{i} (θ_{i}^{m}) = Attack, S_{i} (θ_{i}^{n}) = NotAttack, S_{j} (θ_{j}^{n}) = NotMonitor}$
$μ > \frac{β b_{d} + c_{d} + b_{n}}{α b_{d} + β b_{d} + α ω + b_{n}}$	只有混合策略的贝叶斯纳什均衡
	${S_{i} (θ_{i}^{m}) = Attack, S_{i} (θ_{i}^{n}) = NotAttack, S_{j} (θ_{j}^{n}) = Monitor, p^{} = \frac{β b_{d} + c_{d} + b_{n}}{μ (α b_{d} + β b_{d} + α ω + b_{n})}, q^{} = \frac{ω - c_{a}}{α (ω + b_{a})}}$

表3

图4

表4

图5

图6

图7

图8

图9

图10

图11

表5

参考文献［23］

［1］	ARMBRUST M , FOX A , GRIFFITH R ,et al． A view of cloud computing［J］． Communications of the ACM, 2010,53(4): 50-58．
［2］	HU Y C , PATEL M , SABELLA D ,et al． Mobile edge computing-a key technology towards 5G［R］． 2015．
［3］	LUAN T H , GAO L X , LI Z ,et al． Fog computing:focusing on mobile users at the edge［J］． arXiv Preprint,arXiv:1502．01815, 2015．
［4］	PRABAVATHY S , SUNDARAKANTHAM K , SHALINIE S M ． Design of cognitive fog computing for intrusion detection in Internet of things［J］． Journal of Communications and Networks, 2018,20(3): 291-298．
［5］	李韵, 黄辰林, 王中锋 ,等．基于机器学习的软件漏洞挖掘方法综述［J］．软件学报, 2020,31(7): 2040-2061．
	LI Y , HUANG C L , WANG Z F ,et al． Survey of software vulnerability mining methods based on machine learning［J］． Journal of Software, 2020,31(7): 2040-2061．
［6］	张玉清, 董颖, 柳彩云 ,等．深度学习应用于网络空间安全的现状、趋势与展望［J］．计算机研究与发展, 2018,55(6): 1117-1142．
	ZHANG Y Q , DONG Y , LIU C Y ,et al． Situation,trends and prospects of deep learning applied to cyberspace security［J］． Journal of Computer Research and Development, 2018,55(6): 1117-1142．
［7］	LEE S J , YOO P D , ASYHARI A T ,et al． IMPACT:impersonation attack detection via edge computing using deep autoencoder and feature abstraction［J］． IEEE Access, 2020,8: 65520-65529．
［8］	李忠成, 高惠燕, 张文祥．边缘计算中改进 ELM 的高效入侵检测算法［J］．计算机测量与控制, 2021,29(7): 223-228,234．
	LI Z C , GAO H Y , ZHANG W X ． An efficient edge computing intrusion detection algorithm based on improved ELM［J］． Computer Measurement ＆ Control, 2021,29(7): 223-228,234．
［9］	SUDQI K B , ABDUL W A W B , IDRIS M Y I B ,et al． A lightweight perceptron-based intrusion detection system for fog computing［J］． Applied Sciences, 2019,9(1): 178．
［10］	SOUZA C A D , WESTPHALL C B , MACHADO R B ,et al． Hybrid approach to intrusion detection in fog-based IoT environments［J］． Computer Networks, 2020,180: 107417．
［11］	SYVERSON P F , ． A different look at secure distributed computation［C］// Proceedings of the 10th IEEE Workshop on Computer Security Foundations． Piscataway:IEEE Press, 1997: 109-115．
［12］	陈赵懿, 高秀峰, 王帅．攻防博弈下的Ad hoc网络风险预测［J］．火力与指挥控制, 2020,45(8): 16-21．
	CHEN Z Y , GAO X F , WANG S ． Risk prediction of ad hoc network based on game［J］． Fire Control ＆ Command Control, 2020,45(8): 16-21．
［13］	AN X S , LIN F H , XU S G ,et al． A novel differential game model-based intrusion response strategy in fog computing［J］． Security and Communication Networks, 2018,2018: 1-9．
［14］	苗莉．边缘计算环境下安全防御模型及算法研究［D］．北京:北京科技大学, 2019．
	MIAO L ． Research on security defense model and algorithm in edge computing［D］． Beijing:University of Science and Technology Beijing, 2019．
［15］	ALPCAN T , BA?AR T , ． Network security a decision and game-theoretic approach［M］． Cambridge: Cambridge University Press, 2010．
［16］	石进, 陆音, 谢立．基于博弈理论的动态入侵响应［J］．计算机研究与发展, 2008,45(5): 747-757．
	SHI J , LU Y , XIE L ． Dynamic intrusion response based on game theory［J］． Journal of Computer Research and Development, 2008,45(5): 747-757．
［17］	姜伟, 方滨兴, 田志宏 ,等．基于攻防随机博弈模型的防御策略选取研究［J］．计算机研究与发展, 2010,47(10): 1714-1723．
	JIANG W , FANG B X , TIAN Z H ,et al． Research on defense strategies selection based on attack-defense stochastic game model［J］． Journal of Computer Research and Development, 2010,47(10): 1714-1723．
［18］	王元卓, 于建业, 邱雯 ,等．网络群体行为的演化博弈模型与分析方法［J］．计算机学报, 2015,38(2): 282-300．
	WANG Y Z , YU J Y , QIU W ,et al． Evolutionary game model and analysis methods for network group behavior［J］． Chinese Journal of Computers, 2015,38(2): 282-300．
［19］	BABAR S D , PRASAD N R , PRASAD R ． Game theoretic modelling of WSN jamming attack and detection mechanism［C］// Proceedings of 2013 16th International Symposium on Wireless Personal Multimedia Communications (WPMC)． Piscataway:IEEE Press, 2013: 1-5．
［20］	HARSANYI J C ． Games with incomplete information played by“Bayesian” players,I-III［J］． Management Science, 2004,50(12): 1804-1817．
［21］	KANTZAVELOU I , KATSIKAS S ． A generic intrusion detection game model in IT security［C］// Proceedings of the 5th International Conference on Trust,Privacy and Security in Digital Business． New York:ACM Press, 2008: 151-162．
［22］	NASH J F ． Equilibrium points in N-person games［J］． Proceedings of the National Academy of Sciences of the United States of America, 1950,36(1): 48-49．
［23］	DU S G , LI X L , DU J B ,et al． An attack-and-defence game for security assessment in vehicular ad hoc networks［J］． Peer-to-Peer Networking and Applications, 2014,7(3): 215-228．

参数	含义
α	入侵检测系统的检测率
β	入侵检测系统的误测率
c_a	节点i发动攻击的成本
c_d	防御节点j防御攻击的成本
b_n	网络正常运行时，防御节点j的收益
b_a	入侵检测系统检测到攻击时，恶意节点i受到的惩罚
b_d	入侵检测系统检测到攻击时，防御节点j的收益
ω	入侵检测系统未检测到攻击时，恶意节点i的收益及防御节点j的损失

参数	取值
攻击成本c_a	5
防御成本c_d	10
网络正常工作收益b_n	10
攻击失败代价b_a	120
防御成功收益b_d	80
攻击成功收益（或防御失败被攻击代价）ω	100
防御节点j认为节点i是恶意节点的概率μ	0.5

算法	检测率	误报率	漏报率	检测时间/s
静态贝叶斯博弈模型	94.5%	5.82%	5.07%	8.4
朴素贝叶斯	80.3%	19.56%	20.14%	2.7
随机森林	90.2%	10.41%	9.43%	23.6
DNN	95.4%	5.24%	4.31%	65.1

[1]	苏新, 张桂福, 行鸿彦, Zenghui Wang. 基于平衡生成对抗网络的海洋气象传感网入侵检测研究[J]. 通信学报, 2023, 44(4): 124-136.
[2]	余雪勇, 邱礼翔, 宋家宁, 朱洪波. 无人机辅助边缘计算中安全通信与能效优化策略[J]. 通信学报, 2023, 44(3): 45-54.
[3]	赵庶旭, 韦萍, 王小龙. 多任务并发边缘计算环境中最优联盟结构生成策略[J]. 通信学报, 2023, 44(2): 172-184.
[4]	龙隆, 刘子辰, 陆在旺, 张玉成, 李蕾. 移动边缘网络下服务缓存与资源分配联合优化策略[J]. 通信学报, 2023, 44(1): 64-74.
[5]	李斌, 刘文帅, 谢万城, 费泽松. 智能反射面赋能无人机边缘网络计算卸载方案[J]. 通信学报, 2022, 43(10): 223-233.
[6]	黄永明, 郑冲, 张征明, 尤肖虎. 大规模无线通信网络移动边缘计算和缓存研究[J]. 通信学报, 2021, 42(4): 44-61.
[7]	李方伟, 张海波, 王子心. 车联网中基于MEC的V2X协同缓存和资源分配[J]. 通信学报, 2021, 42(2): 26-36.
[8]	王娜,郑坤,付俊松,李剑. 基于分块的移动边缘计算密文检索方法[J]. 通信学报, 2020, 41(7): 95-102.
[9]	亓晋,孙海蓉,巩锟,许斌,张顺颐,孙雁飞. 移动边缘计算中基于信誉值的智能计算卸载模型研究[J]. 通信学报, 2020, 41(7): 141-151.
[10]	吴大鹏,吕吉,李职杜,王汝言. 移动性感知的边缘服务迁移策略[J]. 通信学报, 2020, 41(4): 1-13.
[11]	张海君,张资政,隆克平. 基于移动边缘计算的NOMA异构网络资源分配[J]. 通信学报, 2020, 41(4): 27-33.
[12]	赵临东,庄文芹,陈建新,周亮. 异构蜂窝网络中分层任务卸载：建模与优化[J]. 通信学报, 2020, 41(4): 34-44.
[13]	谭彬,赵嵩源,吴俊,张文茹. 基于移动边缘计算的虚拟现实压缩与传输系统[J]. 通信学报, 2020, 41(4): 45-53.
[14]	陈卓,冯钢,刘怡静,周杨. MEC中基于改进遗传模拟退火算法的虚拟网络功能部署策略[J]. 通信学报, 2020, 41(4): 70-80.
[15]	林艳, 闫帅, 张一晋, 李春国, 束锋. 基于交通流量预测的车联网双边拍卖边缘计算迁移方案[J]. 通信学报, 2020, 41(12): 205-214.