Research On Life-cycle Management Strategy Of Industrial Internet Vulnerabilities Based On Game Theory

In recent years,China has vigorously promoted the integration policy of "industrialization driven by informatization and informatization promoted by industrialization".Industrial Internet has gradually become the core of industrial informatization development,and industrial Internet security has also become the basis of healthy industrial development in China.At present,researches on industrial Internet security vulnerabilities mainly focus on the detection technology and vulnerability analysis and evaluation,ignoring the continuity of vulnerability from excavation to disclosure to repair,and lacking relevant researches based on the life cycle of vulnerabilities.Therefore,this paper firstly analyzes the current situation of China's industrial Internet security,points out the existing security problems in the exploitation,disclosure and repair of industrial Internet vulnerabilities,and clarifies the importance of vulnerability life cycle management to the security and integration of China's industrial Internet.Secondly,the concept of industrial network security vulnerabilities is introduced in detail,and on this basis,the relevant literature of the security vulnerabilities from discovery to repair life cycle is sorted out to reveal the deficiencies of existing research.Then,the game theory method is used to model the knowledge sharing game process of the "white hat" of the industrial Internet security platform,the game process of the vulnerability disclosure cycle between the platform and multiple vendors in different situations,and the game process of the cooperative development of vulnerability patches among vendors after the claim of vulnerabilities,and to analyze and solve the problem.Finally,this paper summarizes the research results,gives relevant opinions and Suggestions,points out the shortcomings of the research,and looks forward to the future research direction of industrial Internet security.The Research shows that:(1)In the industrial Internet security platform,factors such as the amount of knowledge sharing,inherent knowledge,the rate of knowledge appreciation,the rate of security knowledge vulnerability conversion,the average rate of team vulnerability reward and the probability of winning team reward have a positive impact on the "white hat" security knowledge sharing strategy in the temporary team;High security knowledge sharing cost will reduce the willingness of "white hat" to share knowledge.(2)As the main body of dealing with network security vulnerabilities,manufacturers have different tolerance for vulnerabilities,which are mainly subject to factors such as market share,development time,cost and rate of return of vulnerability patches,hackers' attack ability and the moment of initial discovery of vulnerabilities.The disclosure cycle of industrial Internet security platform is related to the attack ability of hackers,the development time,cost rate of vulnerability patch and the moment of vulnerability discovery.(3)The higher the probability of attack by hackers before full disclosure and the higher the cost of cooperative development of vulnerability patches,the lower the probability of industrial manufacturers choosing cooperative development of vulnerability patch strategy;Shared patch the absorption rate,number of security patches,and patches of overflow ratio,the probability of successful invasion,hackers ability after full disclosure increasing multiples,the loss caused by hacking success,vendor "free-rider" factors such as the potential loss leads to industrial manufacturers choose cooperation development patches strategies have a positive impact.