| Advanced persistent threats(APTs)are persistent,organized,and targeted,which seriously threaten the massive privacy data in cloud storage systems,causing serious economic losses and social impacts.It is difficult for the cloud storage system to detect the attack in real time,due to the stealthy attack method.The dynamic process of APT detection can be modeled by game theory.The APT attackers make subjective decisions under uncertainties,such as the APT attack completion time and storage system defense strategy when their attack time is chosen.Therefore,the thesis uses prospect theory to study the impact of APT attacker's subjectivity on cloud storage security,and formulates a subjective APT defense game under the uncertain APT attack completion time and storage system defense strategy.The game model introduces the probability weight function of the attacker,and describes the estimation distortion of the system scanning probability and the distribution probability of the APT attack completion time when the attack interval is selected.On this basis,the static Nash equilibriums of the above two games are revealed.The simulation results show that in the system with a low security level,the subjective APT attacker reduces the attack rate due to the excessive attention to its possible attack cost,which improves the data security of the storage system.In order to explain the frame effect of subjective APT attackers and satisfy the principle of stochastic dominance in decision making,the thesis further formulates the APT defense game model based on cumulative prospect theory.The value function and cumulative probability weight are used to describe the risk attitude of the subjective APT attacker under the frame of utility reference point,and avoid the first-order stochastic dominant contradiction.The Nash equilibriums of the game are derived in the typical cloud storage APT defense scenarios,revealing that APT attackers tend to avoid risk under a low reference frame and thus reduce the attack rate.Without knowing the APT attack model,the thesis proposes an APT scan time scheduling mechanism based on reinforcement learning algorithm,and establishes a dynamic subjective APT defense game.The simulation results show that the mechanism can suppress the attack motivation of APT attackers and improve the data security level of cloud storage systems.After sufficient interactions,the optimal detection strategy can be obtained.When the risk seeking coefficient of the subjective attacker is 0.7,the algorithm can obtain the optimal strategy after 200 interactions,and the data security level is 13.3%higher than the Q-based detection algorithm. |
PDF Full Text Request