Research On Network Security Game Model Based On Attack Graph

With the fast development of computer networks and information technology,the society has more requirements on the reliability and security of the networking and information service.Hence,it is necessary to develop the networking security framework to enhance network protecting ability.Since the cost for protecting networking is expensive,network managers needs to make more effective decisions under limited budget.Attack graph technology is a promising tool in network security analysis.Besides,it is widely used in the research of network security reinforcement.In the process of offense and defense of the network,the game features reflected by both offensive and defensive players have also received attention from domestic and foreign researchers in recent years.This paper focuses on solving decision making problem on network security analysis and network security reinforcement by Game Theory and attack graph.The main contributions include the optimal attacking strategy based on attack graph method and the optimal defensing strategy based on game theory model.First,from attacker's prospective,an optimal attacking strategy based on attach graph method is proposed.The attack graph of the target network is obtained by the attack graph generating tool.Then using Markov decision process represent attach graph and provides the rules of action based on action cost,success rate and expected income.Based on these,the optimal attacking strategy can be achieved by solving Markov decision process using depth first Algorithm and dynamic programming.Second,for the existing problem in current network security game theory model.A Network Attack-Defense Extensive-Form Game model is proposed based on deceptive honeypot method of network protecting.Dynamic and incomplete information are considered in the attack and defense interactive process modeling.The honeypot can be deployed before the attack.By solving ‘Stackelberg Equilibrium' in the game theory model,the optimal honeypot deploy strategy can beachieved with balance of defensing costs and earnings.Regarding the complicity of solving game theory problem,an algorithm is proposed for working out multiple sequence-form linear programming and mixed-integer linear programming.At last,the effectiveness and scalability of the model and the solution algorithm are verified through simulation analysis.