通信学报 ›› 2020, Vol. 41 ›› Issue (2): 97-111.doi: 10.11959/j.issn.1000-436x.2020026

• 学术论文 • 上一篇    下一篇

基于动态伪装网络的主动欺骗防御方法

王硕1,2,王建华1,裴庆祺2,3,汤光明1,王洋1,刘小虎1   

  1. 1 信息工程大学密码工程学院,河南 郑州 450001
    2 西安电子科技大学综合业务网理论及关键技术国家重点实验室,陕西 西安 710071
    3 西安电子科技大学陕西省区块链与安全计算重点实验室,陕西 西安 710071
  • 修回日期:2019-12-09 出版日期:2020-02-25 发布日期:2020-03-09
  • 作者简介:王硕(1991- ),男,河南南阳人,信息工程大学博士生,主要研究方向为网络与信息安全、机器学习|王建华(1962- ),男,北京人,博士,信息工程大学教授、博士生导师,主要研究方向为密码学、信息安全管理、计算机网络|裴庆祺(1975- ),男,广西玉林人,博士,西安电子科技大学教授、博士生导师,主要研究方向为无线网络安全、区块链安全技术|汤光明(1963- ),女,湖南常德人,博士,信息工程大学教授、博士生导师,主要研究方向为网络与信息安全、信息安全管理、信息隐藏|王洋(1985- ),女,陕西西安人,信息工程大学博士生,主要研究方向为网络与信息安全|刘小虎(1989- ),男,河南太康人,信息工程大学讲师,主要研究方向为网络与信息安全、移动目标防御
  • 基金资助:
    国家自然科学基金资助项目(U1636209);陕西省重点研发计划基金资助项目(2019ZDLGY13-04);陕西省重点研发计划基金资助项目(2019ZDLGY13-07)

Active deception defense method based on dynamic camouflage network

Shuo WANG1,2,Jianhua WANG1,Qingqi PEI2,3,Guangming TANG1,Yang WANG1,Xiaohu LIU1   

  1. 1 Department of Cryptogram Engineering,Information Engineering University,Zhengzhou 450001,China
    2 National Key Laboratory of Integrated Services Network,Xidian University,Xi’an 710071,China
    3 Shaanxi Key Laboratory of Blockchain and Security Computing,Xidian University,Xi’an 710071,China
  • Revised:2019-12-09 Online:2020-02-25 Published:2020-03-09
  • Supported by:
    The National Natural Science Foundation of China(U1636209)

摘要:

针对现有蜜罐易被攻击者识破而导致其抵御渗透攻击时经常失效的问题,提出一种基于动态伪装网络的主动欺骗防御方法。首先,给出动态伪装网络定义并描述基于动态伴随网络的主动欺骗攻防场景;然后,在分析攻防交互过程的基础上,构建信号博弈模型来指导最优欺骗策略选取;进一步,设计基于双层威胁渗透图的攻防策略收益量化方法;最后,提出一种统一纯策略与混策略的博弈均衡求解方法。实验结果表明,基于动态伪装网络,精炼贝叶斯均衡能够为防御者实施最优防御策略提供有效指导,实现防御者收益最大化。此外,还总结了利用动态伪装网络进行主动欺骗防御的特点与规律。

关键词: 蜜罐, 网络欺骗防御, 动态伪装网络, 信号博弈, 博弈均衡

Abstract:

In view of the problem that the existing honeypots often fail to resist the penetration attack due to the lack of confidentiality,an active deception defense method based on dynamic camouflage network (DCN) was presented.The definition of DCN was given firstly,and then the attacker-defender scenario of active deception based on DCN was described.Next,the interaction process of the attacker-defender scenario was modeled by using a signaling game,whose equilibrium can guide the selection of optimal deception strategy.Furthermore,to quantify the payoffs accurately,the two-layer threat penetration graph (TLTPG) was introduced.Finally,the solution for game equilibrium was designed,through which pure strategy and mixed strategy could be calculated simultaneously.The experimental results show that,based on the dynamic camouflage network,the perfect Bayesian equilibrium can provide effective guidance for the defender to implement the optimal defense strategy and maximize the benefits of the defender.In addition,the characteristics and rules of active deception defense DCN-based are summarized.

Key words: honeypot,network deception defense, dynamic camouflage network, signaling game, game equilibrium

中图分类号: 

No Suggested Reading articles found!