Journal on Communications ›› 2019, Vol. 40 ›› Issue (6): 128-137.doi: 10.11959/j.issn.1000-436x.2019125
• Papers • Previous Articles Next Articles
JIANG Lyu1,ZHANG Hengwei1,2(),WANG Jindong1
Revised:
2019-04-28
Online:
2019-06-25
Published:
2019-07-04
Supported by:
CLC Number:
JIANG Lyu,ZHANG Hengwei,WANG Jindong. Optimal strategy selection method for moving target defense based on signaling game[J]. Journal on Communications, 2019, 40(6): 128-137.
"
原子攻击名称 | 分类 | 攻击成本AC | 攻击致命度AL |
e1:remote buffer overflow | root | 100 | 9 |
e2:install Trojan | probe | 80 | 3 |
e3:steal account and crack it | user | 140 | 5 |
e4:send abnormal data to GIOP | root | 50 | 8 |
e5:LPC to LSASS process | probe | 40 | 2 |
e6:FTP rhost attack | root | 120 | 10 |
e7:Oracle TNS Listener | root | 90 | 8 |
e8:shutdown Database server | user | 150 | 6 |
e9:SR-hard blood | root | 120 | 8 |
"
防御策略 | 策略描述 | MTD类型 | 防御成本 | |
d1 | IP switch,data storage enlarge ,动态频率 | 攻击面变换+探测面扩展 | 220 | |
d2 | protocol switch,port counterchange,固定频率 | 攻击面转移+攻击面变换 | 190 | |
d3 | fingerprint switch,Renew root data ,动态频率 | 攻击面转移 | 170 | |
d4 | port enlarge,protocol switch,固定频率 | 攻击面转移+探测面扩展 | 160 | |
d5 | route enlarge,install oracle patches ,动态频率 | 探测面扩展 | 120 | |
d6 | port switch,patch SSH on FTP ,固定频率 | 攻击面转移 | 115 | |
d7 | add physical resources,add address blacklist | 探测面扩展 | 125 | |
d8 | limit packet to ports,limit ICMP/SYN packets | 无 | 110 |
[1] | 方滨兴 . 从层次角度看网络空间安全技术的覆盖领域[J]. 网络与信息安全学报, 2015,1(1): 1-6. |
FANG B X . A hierarchy model on the research fields of cyberspace security technology[J]. Chinese Journal of Network and Information Security, 2015,1(1): 1-6. | |
[2] | JAJODIA S , GHOSH A K , SWARUP V ,et al. Moving target defense:creating asymmetric uncertainty for cyber threats[M]. Berlin: Springer Science Business MediaPress, 2011. |
[3] | 蔡桂林, 王宝生, 王天佐 ,等. 移动目标防御技术研究进展[J]. 计算机研究与发展, 2016,53(5): 968-987. |
CAI G L , WANG B S , WANG T Z ,et al. Research on development of moving target defense technology[J]. Journal of Computer Research and Development, 2016,53(5): 968-987. | |
[4] | 刘效武, 王慧强, 吕宏武 ,等. 网络安全态势认知融合感控模型[J]. 软件学报, 2016,27(8): 2099-2114. |
LIU X W , WANG H Q , LV H W ,et al. Fusion-based cognitive awareness-control model for network security situation[J]. Journal of Software, 2016,27(8): 2099-2114. | |
[5] | 朱建明, 王秦 . 基于博弈论的网络空间安全若干问题分析[J]. 网络与信息安全学报, 2015,1(1): 43-49. |
ZHU J M , WANG Q . Analysis of cyberspace security based on game theory[J]. Chinese Journal of Network and Information Security, 2015,1(1): 43-49. | |
[6] | MANADHATA P K . Game theoretic approaches to attack surface shifting[J]. ACM Transactions on Information and System Security, 2017,23(2): 145-153. |
[7] | CARTER K M , RIORDAN J F , OKHRAVI H . A game theoretic approach to strategy determination for dynamic platform defenses[C]// ACM Workshop on Moving Target Defense. ACM, 2017: 21-30. |
[8] | VADLAMUDI S G , SENGUPTA S , KAMBHAMPATI S ,et al. Moving target defense for Web applications using Bayesian Stackelberg games[J]. Adaptive Agents and Multi-Agents Systems, 2016: 1377-1378. |
[9] | FILLER T , JUDAS J , FRIDRICH J . Signaling game model:DDoS defense analysis[J]. Journal of Security Engineering, 2016,39(3): 414-417. |
[10] | 张恒巍, 余定坤, 韩继红 ,等. 信号博弈网络安全威胁评估方法[J]. 西安电子科技大学学报, 2016,43(3): 137-143. |
ZHANG H W , YU D K , HAN J H ,et al. Network security threat assessment based on the signaling game[J]. Journal of Xidian University, 2016,43(3): 137-143. | |
[11] | 张恒巍, 余定坤, 韩继红 ,等. 基于攻防信号博弈模型的防御策略选取方法[J]. 通信学报, 2016,37(5): 51-61. |
ZHANG H W , YU D K , HAN J H ,et al. Defense policies selection method based on attack-defense signaling game model[J]. Journal on Communications, 2016,37(5): 51-61. | |
[12] | OKHRAVI H , COMELLA A , ROBINSON E ,et al. Creating a cyber moving target for critical infrastructure applications using platform diversity[J]. International Journal of Critical Infrastructure Protection, 2014,5(1): 30-39. |
[13] | BENZEL T . A strategic plan for cyber security research and development[J]. IEEE Security & Privacy, 2015,13(4): 3-5. |
[14] | FENG X , ZHENG Z , CANSEVER D . A signaling game model for moving target defense[C]// 2017 IEEE Conference on Computer Communications. IEEE, 2017: 1-9. |
[15] | LEI C , ZHANG H Q , WAN L M ,et al. Incomplete information Markov game theoretic approach to strategy generation for moving target defense[J]. Computer Communications, 2018,116: 184-199. |
[16] | HUANG S R , ZHANG H W , WANG J ,et al. Markov differential game for network defense decision-making method[J]. IEEE Access, 2018: 39621-39634. |
[17] | 刘江, 张红旗, 刘艺 . 基于不完全信息动态博弈的动态目标防御最优策略选取研究[J]. 电子学报, 2018,46(1): 82-89. |
LIU J , ZHANG H Q , LIU Y . Research on optimal selection of moving target defense policy based on dynamic game with incomplete information[J]. Acta Electronica Sinica, 2018,46(1): 82-89. | |
[18] | GORDON L , LOEB M , LUCYSHYN W ,et al. Computer crime and security survey[C]// 2014 Computer Security Institute. 2014: 11-34. |
[19] | MANADHATA P K , WING J M . An attack surface metric[J]. IEEE Transactions on Software Engineering, 2011,37(3): 371-386. |
[20] | LIN J Q , LIU P , JING J W . Using signaling games to model the multi-step attack-defense scenarios on confidentiality[J]. Security Lecture Notes in Computer Science, 2017,39(6): 118-137. |
[21] | MALEKI H , VALIZADEH S , KOCH W ,et al. Markov modeling of moving target defense games[C]// ACM Workshop on Moving Target Defense. ACM, 2018: 104-110. |
[22] | ZHUANG R , BARDAS A G , DELOACH S A ,et al. A theory of cyber attacks:a step towards analyzing MTD systems[C]// ACM Workshop on Moving Target Defense. ACM, 2017: 211-220. |
[23] | GAO X , ZHU Y F . Defense mechanism analysis based on signaling game model[C]// International Conference on Intelligent Human-Machine Systems and Cybernetics. IEEE, 2016: 414-417. |
[24] | FUDENBERG D , TIROLE J . Game theory[M]. Boston: Massachusetts Institute of Technology PressPress, 2012. |
[25] | ZHU Q,BA?AR T , . Game-theoretic approach to feedback-driven multi-stage moving target defense[C]// Decision and Game Theory for Security. Springer International Publishing, 2013: 246-263. |
[1] | Shiqi ZHAO, Xiaohong HUANG, Zhigang ZHONG. Research and implementation of reputation-based inter-domain routing selection mechanism [J]. Journal on Communications, 2023, 44(6): 47-56. |
[2] | Haiyan KANG, Molan LONG. Research on network attack analysis method based on attack graph of absorbing Markov chain [J]. Journal on Communications, 2023, 44(2): 122-135. |
[3] | Xiaoyu XU, Hao HU, Hongqi ZHANG, Yuling LIU. Random routing defense method based on deep deterministic policy gradient [J]. Journal on Communications, 2021, 42(6): 41-51. |
[4] | Hongbin ZHANG, Yan YIN, Dongmei ZHAO, Bin LIU. Network security situational awareness model based on threat intelligence [J]. Journal on Communications, 2021, 42(6): 182-194. |
[5] | Tengfei ZHANG, Shunzheng YU. Research prospects of user information detection from encrypted traffic of mobile devices [J]. Journal on Communications, 2021, 42(2): 154-167. |
[6] | Xu CHENG, Yingying WANG, Nianjie ZHANG, Zhangjie FU, Beijing CHEN, Guoying ZHAO. Multi-level loss object tracking adversarial attack method based on spatial perception [J]. Journal on Communications, 2021, 42(11): 242-254. |
[7] | Tao HUANG, Jiang LIU, Shuo WANG, Chen ZHANG, Yunjie LIU. Survey of the future network technology and trend [J]. Journal on Communications, 2021, 42(1): 130-150. |
[8] | Zhiyong LUO,Xu YANG,Jiahui LIU,Rui XU. Network intrusion intention analysis model based on Bayesian attack graph [J]. Journal on Communications, 2020, 41(9): 160-169. |
[9] | Fucai CHEN,Weizhen HE,Guozhen CHENG,Shumin HUO,Dacheng ZHOU. Design of key technologies for intranet dynamic gateway based on DPDK [J]. Journal on Communications, 2020, 41(6): 139-151. |
[10] | Shuo WANG,Jianhua WANG,Qingqi PEI,Guangming TANG,Yang WANG,Xiaohu LIU. Active deception defense method based on dynamic camouflage network [J]. Journal on Communications, 2020, 41(2): 97-111. |
[11] | Jinglei TAN,Hengwei ZHANG,Hongqi ZHANG,Hui JIN,Cheng LEI. Optimal strategy selection approach of moving target defense based on Markov time game [J]. Journal on Communications, 2020, 41(1): 42-52. |
[12] | Hanxun ZHOU,Chen CHEN,Runze FENG,Junkun XIONG,Hong PAN,Wei GUO. Mobile malware traffic detection approach based on value-derivative GRU [J]. Journal on Communications, 2020, 41(1): 102-113. |
[13] | Zhiyong LUO, Xu YANG, Guanglu SUN, Zhiqiang XIE, Jiahui LIU. Finite automaton intrusion tolerance system model based on Markov [J]. Journal on Communications, 2019, 40(10): 79-89. |
[14] | Shirui HUANG,Hengwei ZHANG,Jindong WANG,Ruiyu DOU. Network security threat warning method based on qualitative differential game [J]. Journal on Communications, 2018, 39(8): 29-36. |
[15] | Xiaodong ZANG,Jian GONG,Xiaoyan HU. Detecting malicious domain names based on AGD [J]. Journal on Communications, 2018, 39(7): 15-25. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|