Signal Game Model and Migration Strategies for Multi-stage Platform Dynamic Defense

doi:10.3969/j.issn.1671-1122.2021.05.006

Abstract

Abstract:

In order to improve the signal recognition ability and defense effect of network platform in attack defense confrontation, the signal game model and migration strategy of multi-stage platform dynamic defense are proposed. Firstly, starting from the principle of platform dynamic defense, this paper analyzes the topology structure and game flow of platform dynamic defense, constructs the signal game model of multi-stage platform dynamic defense, gives the definition of attack and defense revenue parameters, introduces detection and detection factors, and analyzes the impact of information obtained by both sides on the next stage of the game. Secondly, according to the signal game process, the refined Bayesian equilibrium solution method of multi-stage equilibrium strategy is demonstrated, and then the optimal migration strategy selection algorithm of multi-stage platform dynamic defense is proposed. Finally, the effectiveness of the proposed model and strategy is verified by examples and simulations.

Key words: platform dynamic defense, signal game, multi-stage, migration strategy

CLC Number:

TP309

WANG Gang, WANG Zhiyi, ZHANG Enning, MA Runnian. Signal Game Model and Migration Strategies for Multi-stage Platform Dynamic Defense[J]. Netinfo Security, 2021, 21(5): 48-57.

Figures/Tables 11

References 19

[1]	JAJODIA S, GHOSH A K, SWARUP V, et al. Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats[M]. Berlin: Springer Ebooks, 2011.
[2]	LIU Jiang, ZHANG Hongqi, LIU Yi. Research on Optimal Selection of Moving Target Defense Policy Based on Dynamic Game with Incomplete Information[J]. Acta Electronica Sinica, 2018,46(1):82-89.
	刘江, 张红旗, 刘艺. 基于不完全信息动态博弈的动态目标防御最优策略选取研究[J]. 电子学报, 2018,46(1):82-89.
[3]	LIU Wenyan, HUO Shumin, CHEN Yang, et al. Analysis and Study of Cyber Attack Chain Model[J]. Journal on Communications, 2018,39(S2):88-94.
	刘文彦, 霍树民, 陈扬, 等. 网络攻击链模型分析及研究[J]. 通信学报, 2018,39(S2):88-94.
[4]	ZHANG Hengwei, HUANG Jianming. Network Defense Strategy Selection Method Based on Markov Evolutionary Game[J]. Acta Electronica Sinica 2018,46(6):1503-1509.
	张恒巍, 黄健明. 基于Markov演化博弈的网络防御策略选取方法[J]. 电子学报, 2018,46(6):1503-1509.
[5]	ZHEN Ni, LI Qianmu, LIU Gang. Game-model-based Network Security Risk Control[J]. Computer, 2018,51(4):28-38.
[6]	LIU Zhuotao, HAO Jin, HU YIH-CHUN, et al. Practical Proactive DDoS-attack Mitigation via Endpoint-driven In-network Traffic Control[J]. IEEE/ACM Transactions on Networking, 2018,26(4):1-14.
[7]	SONG Fei, ZHOU Yutong, WANG Yu, et al. Smart Collaborative Distribution for Privacy Enhancement in Moving Target Defense[J]. Information Sciences, 2019,479(4):593-606. doi: 10.1016/j.ins.2018.06.002 URL
[8]	TIAN Liqin, LIN Chuang. A Kind of Game-theoretic Control Mechanism of User Behavior Trust Based on Prediction in Trustworthy Network[J]. Chinese Journal of Computers, 2007,30(11):1930-1938.
	田立勤, 林闯. 可信网络中一种基于行为信任预测的博弈控制机制[J]. 计算机学报, 2007,30(11):1930-1938.
[9]	JIANG Wei. Research on Active Defense Based on Attack-defense Game Model[D]. Harbin: Harbin Institute of Technology, 2010.
	姜伟. 基于攻防博弈模型的主动防御关键技术研究[D]. 哈尔滨:哈尔滨工业大学, 2010.
[10]	ZHAO Qiang, DONG Jun. An Initiative Network Defence Strategy Based on Game Theory[J]. International Journal of Applied Decision Sciences, 2018,11(2):195-209. doi: 10.1504/IJADS.2018.090931 URL
[11]	TAN Jinglei, LEI Cheng, ZHANG Hongqi, et al. Optimal Strategy Selection Approach to Moving Target Defense Based on Markov Robust Game[J]. Computers & Security, 2019,85(8):63-76. doi: 10.1016/j.cose.2019.04.013 URL
[12]	ZHANG Hengwei, HUANG Shirui. Markov Differential Game Model and Its Application in Network Security[J]. Acta Electronica Sinica, 2019,47(3):606-612.
	张恒巍, 黄世锐. Markov微分博弈模型及其在网络安全中的应用[J]. 电子学报, 2019,47(3):606-612.
[13]	CHEN Zihan, CHENG Guang. Moving Target Defense Technology using Stackelberg-markov Asymmetrical Trilateral Game Model[J]. Journal on Computers, 2020,43(3):512-525. doi: 10.1093/comjnl/43.6.512 URL
	陈子涵, 程光. 基于Stackelberg-markov非对等三方博弈模型的移动目标防御技术[J]. 计算机学报, 2020,43(3):512-525.
[14]	WU Hao, WANG Wei, WEN Changyun, et al. Game Theoretical Security Detection Strategy for Networked Systems[J]. Information Sciences, 2018,453(7):346-363. doi: 10.1016/j.ins.2018.04.051 URL
[15]	ZHANG Hengwei, YANG Haopu. Defense Decision-making Method for Anti-apt Attack Based on Attack-defense Signaling Game[J]. Computer Engineering and Design, 2019,40(1):59-64.
	张恒巍, 杨豪璞. 基于攻防信号博弈的APT攻击防御决策方法[J]. 计算机工程与设计, 2019,40(1):59-64.
[16]	WANG Zengguang, LU Yu, LI Xi, et al. Optimal Defense Strategy Selection Based on the Static Bayesian Game[J]. Journal of XiDian University, 2019,46(5):55-61.
	王增光, 卢昱, 李玺, 等. 静态贝叶斯博弈最优防御策略选取方法[J]. 西安电子科技大学学报, 2019,46(5):55-61.
[17]	ZHANG Hengwei, LI Tao. Optimal Active Defense Based on Multi-stage Attack-Defense Signaling Game[J]. Acta Electronica Sinica, 2017,45(2):431-439.
	张恒巍, 李涛. 基于多阶段攻防信号博弈的最优主动防御[J]. 电子学报, 2017,45(2):431-439.
[18]	JIANG LYU, ZHANG Hengwei, WANG Jindong. Optimal Strategy Selection Method for Moving Target Defense Based on Signaling Game[J]. Journal on Communications 2019,40(6):128-137. doi: 10.1111/j.1460-2466.1990.tb02266.x URL
	蒋侣, 张恒巍, 王晋东. 基于信号博弈的移动目标防御最优策略选取方法[J]. 通信学报, 2019,40(6):128-137.
[19]	WANG Zhiyi, WANG Gang, CHEN Tongrui, et al. Platform Dynamic Defense Evolution Game Model and State Migration Strategy[J]. Journal of Air Force Engineering University(Natural Science Edition), 2020,21(3):85-92+98.
	王志屹, 王刚, 陈彤睿, 等. 平台动态防御演化博弈模型和状态迁移策略[J]. 空军工程大学学报(自然科学版), 2020,21(3):85-92+98.

研究方法	防御手段	博弈过程	均衡求解
文献[4]方法	静态防御	多阶段	详细
文献[15]方法	静态防御	单阶段	详细
文献[19]方法	平台动态防御	单阶段	一般
本文方法	平台动态防御	多阶段	详细

序号	迁移策略	NC	ASSC	AC
1	${{d}_{1}}$	30	40	100
2	${{d}_{2}}$	50	70	200