Research On Dynamic Network Defense Based On Game Model

The number and complexity of cyber attacks are on the rise,and network security issues are becoming more and more serious.The genetic defects such as static,certainty,and predictability of the traditional network architecture can cause attackers to easily bypass the traditional defense methods based on prior knowledge such as firewall and intrusion detection.Cyberspace presents a kind of offensive and defensive asymmetry security posture.In addition,with the continuous development of information technology,attackers' attack methods and attack ideas are more advanced and complex.Unknown vulnerabilities in network systems are constantly being discovered,and known vulnerabilities are usually not repaired in time.The traditional patched architecture based on boundary defense theory and qualitative description has been unable to face the increasingly complex security issues in cyberspace.In order to change the asymmetric security status of cyberspace,this paper is based on the dynamic defense thinking,and aims to interfere with and block the integrity of cyber kill chain,and studies the technology of dynamic network defense based on game model.By dynamicizing key network attributes,it increases the difficulty and cost of attackers detecting the vulnerability of target systems,and effectively controls the dynamic cost and overhead of defenders.Under the premise of system stability and normal business,enhance the active defense ability of the target system to deal with the threat of uncertainty.The main research contents of the thesis include:1.We study the optimization of dynamic network defense techniques with a single attribute.Modeling the target reconnaissance-based attack and defense behavior in cyberspace as a two-player non-zero and hybrid strategy game,proving that the periodic dynamic mechanism is the optimal defense strategy against non-adaptive attackers.The optimal dynamic frequency calculation formula under specific network system parameters is given to reduce the defense cost and improve the security gain.2.We study the policy switching problem of dynamic network defense with multi-strategy switching.Based on the Stackelberg game model,it is proved that multi-policy switching based on multi-dimensional attribute dynamic capability can effectively improve the security and defense benefits of the network,thus guiding the target system with multi-strategy dynamic defense ability to switch dynamic attribute and dynamic frequency strategically and improve the defense efficiency.3.We study the design and implementation of an intranet protection mechanism for L2/L3 address collaborative dynamics.Based on the centralized control characteristics of SDN,the SDN controller cooperatively controls the masquerading transformation of the L2/L3 address to systematically hide the real network host without affecting normal business conditions.Experimental analysis shows that the target system using this mechanism can effectively cut off the association between L2/L3 addresses and real network identities and upper-layer services,maximally hide hosts in the network and block the continuity of network attacks.