The Research Of Network Vulnerability Assessment Based On Game Theory Model

With the rapid development of network technology, information disseminates rapidly by means of network. High-speed WAN and wide-area MAN is applied widely in enterprise communication, which advances modern enterprise's information level and marketing competence. But it is worth attention that viruses and hackers are also increasing rapidly along with widely application of Internet technology. New network attacks and viruses bring unprecedented security risk.Before the implementation of any protective measure, the organization should first have a clear cognition with the risk of the system. Network vulnerability assessment is an important part of network risk assessment. Currently, there are some forming techniques for network vulnerability assessment, but most of existing network vulnerability assessment methods doesn't take account of the fact that attackers are intelligent. Therefore they often pursue all possible results, ignoring the strategies or paths which would be the most likely chosen by attackers.Based on the need of the network vulnerability assessment, this paper analyzes the common methods for network vulnerability assessment, and proposes an attack graph generation method based on the effectiveness of attacks. This method generates multi objective network attack graph considering attack utility. Experiment results show that this method could analyze the attack paths quantitatively which would be chosen by network attacker.This paper proposes a network attack-defense model based on game theory for purpose of evaluating network information security and active defense. The model formalized describes and quantitative calculates both attacker and defender's cost and benefit using the game relationship of both sides. And calculates the payoff matrix, the possible attack paths which attacker would choose and the optimum defense strategy of defender's. At last, an example is given to illuminates the application process of this model in a local area network. Experiment results show the method could choose the optimal defense strategies and response rapidly.