Journal on Communications ›› 2018, Vol. 39 ›› Issue (10): 143-154.doi: 10.11959/j.issn.1000-436x.2018223
• Correspondences • Previous Articles Next Articles
Xingming ZHANG,Zeyu GU,Shuai WEI,Jianliang SHEN
Revised:
2018-09-22
Online:
2018-10-01
Published:
2018-11-23
Supported by:
CLC Number:
Xingming ZHANG,Zeyu GU,Shuai WEI,Jianliang SHEN. Markov game modeling of mimic defense and defense strategy determination[J]. Journal on Communications, 2018, 39(10): 143-154.
"
主机 | 操作系统 | 系统弱点信息 | No. | CVSS评分 | 弱点属性 |
C1 | Windows Server 2008 | CVE-2017-0299 KASLR | 1 | 5.0 | AV:L/AC:L |
CVE-2017-0148 SMB远程缓冲区溢出 | 2 | 8.1 | AV:N/AC:H | ||
C2 | Ubuntu 14.02 | CVE-2016-10229 kernel远程执行代码 | 3 | 9.8 | AV:N/AC:L |
CVE-2017-1000367本地覆盖提权 | 4 | 6.4 | AV:L/AC:H | ||
C3 | Debian 7.0 | CVE-2016-10229 内核远程执行代码 | 5 | 9.8 | AV:N/AC:L |
CVE-2016-1247 web-root提权 | 6 | 7.8 | AV:L/AC:L | ||
C4 | OpenBSD 6.0 | CVE-2017-1000364远程内存破坏 | 7 | 7.4 | AV:L/AC:H |
C5 | RedHat 6.0 | CVE-2017-1000364远程内存破环 | 7 | 7.4 | AV:L/AC:H |
CVE-2017-1000367本地覆盖提权 | 4 | 6.4 | AV:L/AC:H |
[1] | SUBRAHMANIAN V S , OVELGONNE M , DUMITRAS T ,et al. The global cyber-vulnerability report[M]. Springer International Publishing, 2015. |
[2] | OKHRAVI H , HOBSON T , BIGELOW D ,et al. Finding focus in the blur of moving-target techniques[J]. IEEE Security & Privacy Magazine, 2014,12(2): 16-26. |
[3] | 邬江兴 . 网络空间拟态防御研究[J]. 信息安全学报, 2016,1(4): 1-10. |
WU J X . Research on cyber mimic defense[J]. Journal of Cyber Security, 2016,1(4): 1-10. | |
[4] | PRAKASH A , WELLMAN M P . empirical game-theoretic analysis for moving target defense[C]// ACM Workshop on Moving Target Defense. 2015: 57-65. |
[5] | ELDOSOUKY A R , SAAD W , NIYATO D . Single controller stochastic games for optimized moving target defense[C]// ICC 2016 IEEE International Conference on Communications. 2016: 1-6. |
[6] | FARHANG S , MANSHAEI M H , ESFAHANI M N ,et al. A dynamic bayesian security game framework for strategic defense mechanism design[M]// Decision and Game Theory for Security. Springer International Publishing, 2014: 319-328. |
[7] | KAMBHAMPATI S , KAMBHAMPATI S , KAMBHAMPATI S ,et al. Moving target defense for web applications using bayesian stackelberg games[C]// International Conference on Autonomous Agents &Multiagent Systems. 2016: 1377-1378. |
[8] | LEI C , MA D H , ZHANG H Q . Optimal strategy selection for moving target defense based on markov game[J]. IEEE Access, 2017,PP(99): 1-1. |
[9] | MALEKI H , VALIZADEH S , KOCH W ,et al. Markov modeling of moving target defense games[C]// ACM Workshop on Moving Target Defense. 2016: 81-92. |
[10] | 魏帅, 于洪, 顾泽宇 ,等. 面向工控领域的拟态安全处理机架构[J]. 信息安全学报, 2017,2(1): 54-73. |
WEI S , YU H , GU Z Y ,et al. Architecture of mimic security processor for industry control system[J]. Journal of Cyber Security, 2017,2(1): 54-73. | |
[11] | 仝青, 张铮, 张为华 ,等. 拟态防御 Web 服务器设计与实现[J]. 软件学报, 2017,28(4): 883-897. |
TONG Q , ZHANG Z , ZHANG W H ,et al. Design and implementation of mimic defense Web server[J]. Journal of Software, 2017,28(4): 883-897. | |
[12] | 马海龙, 伊鹏, 江逸茗 ,等. 基于动态异构冗余机制的路由器拟态防御体系结构[J]. 信息安全学报, 2017,2(1): 29-42. |
MA H L , YI P , JIANG Y M ,et al. Dynamic heterogeneous redundancy based router architecture with mimic defense[J]. Journal of Cyber Security, 2017,2(1): 29-42. | |
[13] | CARTER K M , RIORDAN J F , OKHRAVI H . A game theoretic approach to strategy determination for dynamic platform defenses[C]// ACM Workshop on Moving Target Defense. 2014: 21-30. |
[14] | WANG H , LI F , CHEN S . Towards cost-effective moving target defense against DDoS and covert channel attacks[C]// ACM Workshop on Moving Target Defense. 2016: 15-25. |
[15] | WINTERROSE M L , CARTER K M . Strategic evolution of adversaries against temporal platform diversity active cyber defenses[C]// Proceedings of the Agent-Directed Simulation Symposium at the Spring Simulation Multi-conference. 2014: 68-76. |
[16] | DORASZELSKI U , ESCOBAR J F . A theory of regular Markov perfect equilibria in dynamic stochastic games:genericity,stability,and purification[J]. Theoretical Economics, 2010,5(3): 369-402. |
[17] | BORKOVSKY R N , DORASZELSKI U , KRYUKOV Y . A user’s guide to solving dynamic stochastic games using the homotopy method[J]. Operation Research, 2010,58(4): 1116-1132 |
[18] | 陈小军, 方滨兴, 谭庆丰 ,等. 基于概率攻击图的内部攻击意图推断算法研究[J]. 计算机学报, 2014,37(1): 62-72. |
CHEN X J , FANG B X , TAN Q F ,et al. Inferring attack Intent of malicious insider based on probabilistic attack graph model[J]. Journal of Computer, 2014,37(1): 62-72. | |
[19] | SINGH U K , JOSHI C . Quantitative security risk evaluation using cvss metrics by estimation of frequency and maturity of exploit[C]// Proceedings of the World Congress on Engineering and Computer Science (WCECS2016). 2016. |
[20] | 姜伟, 方滨兴, 田志宏 ,等. 基于攻防博弈模型的网络安全测评和最优主动防御[J]. 计算机学报, 2009,32(4): 817-827. |
JIANG W , FANG B X , TIAN Z H ,et al. Evaluating network security and optimal active defense based on attack-defense game model[J]. Journal of Computer, 2009,32(4): 817-827. |
[1] | Jingbo LI, Li MA, Yang LI, Yingxun FU, Dongchao MA. Optimized design of sensing transmission and computing collaborative industrial Internet [J]. Journal on Communications, 2023, 44(6): 12-22. |
[2] | Shiqi ZHAO, Xiaohong HUANG, Zhigang ZHONG. Research and implementation of reputation-based inter-domain routing selection mechanism [J]. Journal on Communications, 2023, 44(6): 47-56. |
[3] | Zhen CHEN, Wenhui CHEN, Xiaowei LIU, Dianlong YOU, Linlin LIU, Limin SHEN. Functional complementarity relationship enhanced cloud API recommendation method [J]. Journal on Communications, 2023, 44(6): 125-137. |
[4] | Debin WEI, Chengsheng PAN, Li YANG, Zuoren YAN. Adaptive random early detection algorithm based on network traffic level grade prediction [J]. Journal on Communications, 2023, 44(6): 154-166. |
[5] | Yuancheng LI, Yongtai QIN. Deep reinforcement learning based algorithm for real-time QoS optimization of software-defined security middle platform [J]. Journal on Communications, 2023, 44(5): 181-192. |
[6] | Yingjie XIA, Siyu ZHU, Xuejiao LIU. Research on efficient cross trust-domain group authentication with conditional privacy of vehicle platoon under blockchian architecture [J]. Journal on Communications, 2023, 44(4): 111-123. |
[7] | Renchao XIE, Wen WEN, Qinqin TANG, Yunlong LIU, Gaochang XIE, Tao HUANG. Survey on rail transit mobile edge computing network security [J]. Journal on Communications, 2023, 44(4): 201-215. |
[8] | Zhiyong LUO, Yu ZHANG, Qing WANG, Weiwei SONG. Study of SDN intrusion intent identification algorithm based on Bayesian attack graph [J]. Journal on Communications, 2023, 44(4): 216-225. |
[9] | Yifeng WANG, Yuanbo GUO, Qingli CHEN, Chen FANG, Renhao LIN, Yongliang ZHOU, Jiali MA. Method based on contrastive incremental learning for fine-grained malicious traffic classification [J]. Journal on Communications, 2023, 44(3): 1-11. |
[10] | Jin ZHANG, Qiang GE, Weihai XU, Yiming JIANG, Hailong MA, Hongtao YU. Design, implementation and formal verification of BGP proxy for mimic router [J]. Journal on Communications, 2023, 44(3): 33-44. |
[11] | Pujie JING, Liangmin WANG, Xuewen DONG, Yushu ZHANG, Qian WANG, Sohail Muhammad. CHA: cross-chain based hierarchical architecture for practicable blockchain regulatory [J]. Journal on Communications, 2023, 44(3): 93-104. |
[12] | Jian SHU, Jiawei SHI, Linlan LIU, Al-Kali Manar. Topology prediction for opportunistic network based on spatiotemporal convolution [J]. Journal on Communications, 2023, 44(3): 145-156. |
[13] | Dongbin WANG, Dongzhe WU, Hui ZHI, Kun GUO, Xu ZHANG, Jinqiao SHI, Yu ZHANG, Yueming LU. Preventing flow table overflow against denial of service attack in software defined network [J]. Journal on Communications, 2023, 44(2): 1-11. |
[14] | Haiyan KANG, Molan LONG. Research on network attack analysis method based on attack graph of absorbing Markov chain [J]. Journal on Communications, 2023, 44(2): 122-135. |
[15] | Yuntao ZHANG, Binxing FANG, Chunlai DU, Zhongru WANG, Zhijian CUI, Shouyou SONG. Container escape detection method based on heterogeneous observation chain [J]. Journal on Communications, 2023, 44(1): 49-63. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|