高级搜索

留言板

尊敬的读者、作者、审稿人, 关于本刊的投稿、审稿、编辑和出版的任何问题, 您可以本页添加留言。我们将尽快给您答复。谢谢您的支持!

姓名
邮箱
手机号码
标题
留言内容
验证码

基于主机安全状态迁移模型的动态网络防御有效性评估

刘江 张红旗 杨英杰 王义功

刘江, 张红旗, 杨英杰, 王义功. 基于主机安全状态迁移模型的动态网络防御有效性评估[J]. 电子与信息学报, 2017, 39(3): 509-517. doi: 10.11999/JEIT160513
引用本文: 刘江, 张红旗, 杨英杰, 王义功. 基于主机安全状态迁移模型的动态网络防御有效性评估[J]. 电子与信息学报, 2017, 39(3): 509-517. doi: 10.11999/JEIT160513
LIU Jiang, ZHANG Hongqi, YANG Yingjie, WANG Yigong. Effectiveness Evaluation of Moving Network Defense Based on Host Security State Transition Model[J]. Journal of Electronics & Information Technology, 2017, 39(3): 509-517. doi: 10.11999/JEIT160513
Citation: LIU Jiang, ZHANG Hongqi, YANG Yingjie, WANG Yigong. Effectiveness Evaluation of Moving Network Defense Based on Host Security State Transition Model[J]. Journal of Electronics & Information Technology, 2017, 39(3): 509-517. doi: 10.11999/JEIT160513

基于主机安全状态迁移模型的动态网络防御有效性评估

doi: 10.11999/JEIT160513
基金项目: 

国家863计划项目(2012AA012704),郑州市科技领军人才项目(131PLJRC644)

Effectiveness Evaluation of Moving Network Defense Based on Host Security State Transition Model

Funds: 

The National 863 Program of China (2012AA 012704), The Scientific and Technological Leading Talent Project of Zhengzhou (131PLJRC644)

  • 摘要: 为了进行动态网络防御有效性评估,该文提出动态网络防御环境下的主机安全状态转移图生成算法,构建了主机安全状态迁移模型,基于状态转移概率给出了动态网络防御有效性的定量评估方法,为动态网络防御策略设计提供了有益参考。最后,通过一个典型网络实例说明和验证了上述模型和方法的可行性和有效性。
  • PRAKASH A and WELLMAN M P. Empirical game-theoretic analysis for moving target defense[C]. Proceedings of the Second ACM Workshop on Moving Target Defense, Denver, Colorado, USA, 2015: 57-65.
    ZHUANG Rui, BARDAS A G, DELOACH S A, et al. A theory of cyber attacks: a step towards analyzing MTD systems[C]. Proceedings of the Second ACM Workshop on Moving Target Defense, Denver, Colorado, USA, 2015: 11-20.
    GREEN M, MACFARLAND D C, SMESTAD D R, et al. Characterizing network-based moving target defenses[C]. Proceedings of the Second ACM Workshop on Moving Target Defense, Denver, Colorado, USA, 2015: 31-35.
    JAFARIAN J H, AL-SHAER E, and QI Duan. An effective address mutation approach for disrupting reconnaissance attacks[J]. IEEE Transactions on Information Forensics and Security, 2015, 10(12): 2562-2577. doi: 10.1109/TIFS.2015. 2467358.
    EVANS D, NGUYEN-TUONG A, and KNIGHT J. Effectiveness of Moving Target Defenses[M]. New York: Moving Target Defense I: Creating Asymmetric Uncertainty for Cyber Threats, Springer, 2011: 29-48.
    MANADHATA P K. Game Theoretic Approaches to Attack Surface Shifting[M]. New York: Moving Target Defense II: Application of Game Theory and Adversarial Modeling, Springer, 2013: 1-13.
    ZHUANG Rui, ZHANG Su, DELOACH S A, et al. Simulation-based approaches to studying effectiveness of moving target network defense[C]. In National Symposium on Moving Target Research, Annapolis, MD, USA, 2012: 21-26.
    OKHRAVI H, RIORDAN J, and CARTER K. Quantitative Evaluation of Dynamic Platform Techniques as a Defensive Mechanism[M]. New York: Research in Attacks, Intrusions and Defenses, Springer, 2014: 405-425.
    ZHUANG Rui, DELOACH S A, and OU Xinming. A model for analyzing the effect of moving target defenses on enterprise networks[C]. Procee dings of the 9th Annual Cyber and Information Security Research Conference, Tennessee, USA, 2014: 73-76.
    HAN Yujuan, LU Wenlian, and XU Shouhuai. Characterizing the power of moving target defense via cyber epidemic dynamics[C]. Proceedings of the 2014 Symposium and Bootcamp on the Science of Security, Raleigh, NC, USA, 2014: 23-33.
    CARROLL T E, CROUSE M, FULP E W, et al. Analysis of
    network address shuffling as a moving target defense[C]. 2014 IEEE International Conference on Communications, Sydney, Australia, 2014: 701-706.
    HONG J B and KIM D S. Assessing the effectiveness of moving target defenses using security models[J]. IEEE Transactions on Dependable and Secure Computing, 2015, 13(2): 163-177. doi: 10.1109/TDSC.2015.2443790.
    姜伟, 方滨兴, 田志宏, 等. 基于攻防博弈模型的网络安全测评和最优主动防御[J]. 计算机学报, 2009, 32(4): 817-827. doi: 10.3724/SP.J.1016.2009.00817.
    JIANG Wei, FANG Binxing, TIAN Zhihong, et al. Evaluating network security and optimal active defense based on attack-defense game model[J]. Chinese Journal of Computers, 2009, 32(4): 817-827. doi: 10.3724/SP.J.1016. 2009.00817.
    VAN LEEUWEN B, STOUT W, and URIAS V. Operational cost of deploying moving target defenses defensive work factors[C]. 2015 IEEE Military Communications Conference, Tampa, FL, USA, 2015: 966-971.
    ZAFFARANO K, TAYLOR J, and HAMILTON S. A quantitative framework for moving target defense effectiveness evaluation[C]. Proceedings of the Second ACM Workshop on Moving Target Defense, Denver, Colorado, USA, 2015: 3-10.
    SHEYNER O, HAINES J, JHA S, et al. Automated generation and analysis of attack graphs[C]. Proceedings of 2002 IEEE Symposium on Security and Privacy, California, USA, 2002: 273-284.
    YACKOSKI J, BULLEN H, YU Xiang, et al. Applying Self-shielding Dynamics to the Network Architecture[M]. New York: Moving Target Defense II: Application of Game Theory and Adversarial Modeling, Springer, 2013: 97-115.
  • 加载中
计量
  • 文章访问数:  1449
  • HTML全文浏览量:  179
  • PDF下载量:  575
  • 被引次数: 0
出版历程
  • 收稿日期:  2016-05-19
  • 修回日期:  2016-09-09
  • 刊出日期:  2017-03-19

目录

    /

    返回文章
    返回