| The impact of the Internet on people’s lives is more and more wide, thenetwork plays an increasingly important role in social life, but followed by avariety of network attacks, network security is facing a significant threat anddestruction.Faced of the endless and diverse network attacks, network defenders mustcontinually update their knowledge and technologies. In order to solve thenetwork attacks, there are many technologies such as firewalls, encryption andauthentication technology, intrusion detection and forensics, and so on.but we arestill in a passive situation.By mining the essence of network attacks,we have found that attackers usethe network and system vulnerability information to reach the purpose of attack.This research first analyzes the weaknesses information of current network andthen build a tree based on the associated weaknesses. The tree describes theprocess of changes of the states of the system under different associatedweaknesses which is the basis of the studies below.Then the paper introduces two models of the offensive and defensive gametheories, they are matrix attack game model and offensive and defensive state treegame model. The game model maps the application of game theory to networkattack and defense, solving the optimal strategy against both the offensive anddefensive choices. By analysis the attack and defense in mathematical means, weget a more rational solution to the problem of attack and defense decisions.Then the paper try to solve two main issues, namely the invasion chain ofevidence in the evidence collection process of attack and defense, and the activedefense technology research. First,we capture the current attacks, and then getthe next most possible attack weakness set. After that, this study further establishsystem state transition game tree, and use the game theory to solve the matrixgame model.At last, the paper constructs a classic network attack and defenseenvironment, as an example to analyze and explain the main content of this paper. |
PDF Full Text Request