Research On Strategy Selection For Moving Target Defense

In recent years,with the rapid development of technologies such as the Internet and artificial intelligence,the Internet has brought convenience to people's lives,but the network security problems that follow have become increasingly prominent.In the network attack and defense,attackers are always in a favorable position because of their randomness and variability,and the defense system is difficult to cope with various attacks.There is asymmetry between attack and defense.In view of the asymmetry between the offensive and defensive sides,the United States proposes the Moving Target Defense,it adjusts the resource allocation of the system by implementing a dynamic transformation defense strategy,and increases the redundancy of each part of the network and the system to make it more uncertain.It reduces the occurrence of the situation that the attacker easily breaks through the defense system due to the single resource allocation of the existing system,thereby reversing the asymmetry between the attack and defense of the existing network.So how to choose the appropriate defense strategy to increase the uncertainty of the network and system in the Moving Target Defense is particularly important.It takes into account both the security of the system and the cost of switching resource configurations.One of the current idea is to establish an offensive and defensive game model based on game theory,and determine the optimal defense strategy by calculating the benefits of both offense and defense.In this dissertation,the research work carried out in the current offensive and defensive game model is as follows:(1)In the case of the game model,the defender may misjudge the attack strategy.By introducing the idea of Bayesian decision with minimal risk,the risk brought by the defense strategy to the system when the defense system misjudges the attack strategy is taken into account.We propose a Moving Target Defense strategy selection model based on incomplete information dynamic game.By analyzing the risk of the defensive strategy,the metrics of the defensive strategy are quantified more accurately and comprehensively.The refined Bayesian equilibrium of the complete information dynamic game selects the optimal defense strategy.Finally,the effectiveness of the optimal defense strategy in this model is demonstrated by the attack and defense experiments.(2)In the existing game model,the defendant's prior probability judgment on the attacker type is usually specified by experience,which is subjective,Furthermore,the posterior probability obtained by using Bayes' rule and the benefit quantization of the defense strategy are affected,resulting in a decrease in the system's defense success rate.To this end,this dissertation proposes a dynamic game model of incomplete information based on D-S evidence reasoning.Based on the incomplete information dynamic game,this model builds an attack type decision table and Using D-S evidence reasoning method to correct the defender's posterior probability of attack type.This method makes the posterior probability update more objective and makes up for the deficiency of prior probability in the existing model.This method makes the posterior probability update more objective and makes up for the deficiency of prior probability in the existing model.This model makes the posterior probability update more objective,and makes up for the deficiency of the prior probability in the existing model,making the defense strategy more reasonable.Finally,the method is verified by experiments to improve the defense success rate of the system.