基于主机安全状态迁移模型的动态网络防御有效性评估

doi:10.11999/JEIT160513

摘要
图/表
参考文献(17)
相关文章 (4)

全文: PDF (665 KB)
输出: BibTeX | EndNote (RIS)

摘要

为了进行动态网络防御有效性评估，该文提出动态网络防御环境下的主机安全状态转移图生成算法，构建了主机安全状态迁移模型，基于状态转移概率给出了动态网络防御有效性的定量评估方法，为动态网络防御策略设计提供了有益参考。最后，通过一个典型网络实例说明和验证了上述模型和方法的可行性和有效性。

	服务

	把本文推荐给朋友
	加入我的书架
	加入引用管理器
	E-mail Alert
	RSS
	作者相关文章
	刘江
	张红旗
	杨英杰
	王义功

关键词 ：动态网络防御, 主机安全状态迁移, 转移概率, 有效性评估

Abstract：

To evaluate the effectiveness of moving network defense, this paper presents the host security state deduce graph construction algorithm in moving network defense environment. The host security state transition model is constructed, the quantitative effectiveness evaluation method is proposed for moving network defense based on host state transition probability, and a useful reference is provided for the design of moving network defense policy. Finally, feasibility and effectiveness of the proposed model and method are illustrated and verified in a representative network example.

Key words： Moving network defense Host security state transition Transition probability Effectiveness evaluation

收稿日期: 2016-05-19 出版日期: 2016-11-17

PACS:

TP393.08

基金资助:

国家863计划项目(2012AA012704)，郑州市科技领军人才项目(131PLJRC644)

通讯作者: 刘江：男，1988年生，博士生，研究方向为动态目标防御、安全策略管理. E-mail: liujiang2333@163.com

作者简介: 刘江：男，1988年生，博士生，研究方向为动态目标防御、安全策略管理. 张红旗：男，1962年生，教授，博士生导师，研究方向为网络信息安全、安全管理. 杨英杰：男，1971年生，教授，硕士生导师，研究方向为数据挖掘、态势感知. 王义功：男，1987年生，硕士，讲师，研究方向为安全策略管理.

引用本文:

刘江,张红旗,杨英杰,王义功. 基于主机安全状态迁移模型的动态网络防御有效性评估[J]. 电子与信息学报, 2017, 39(3): 509-517. LIU Jiang, ZHANG Hongqi, YANG Yingjie, WANG Yigong. Effectiveness Evaluation of Moving Network Defense Based on Host Security State Transition Model. JEIT, 2017, 39(3): 509-517.

链接本文:

http://jeit.ie.ac.cn/CN/10.11999/JEIT160513 或 http://jeit.ie.ac.cn/CN/Y2017/V39/I3/509

[1]	PRAKASH A and WELLMAN M P. Empirical game-theoretic analysis for moving target defense[C]. Proceedings of the Second ACM Workshop on Moving Target Defense, Denver, Colorado, USA, 2015: 57-65.
[2]	ZHUANG Rui, BARDAS A G, DELOACH S A, et al. A theory of cyber attacks: a step towards analyzing MTD systems[C]. Proceedings of the Second ACM Workshop on Moving Target Defense, Denver, Colorado, USA, 2015: 11-20.
[3]	GREEN M, MACFARLAND D C, SMESTAD D R, et al. Characterizing network-based moving target defenses[C]. Proceedings of the Second ACM Workshop on Moving Target Defense, Denver, Colorado, USA, 2015: 31-35.
[4]	JAFARIAN J H, AL-SHAER E, and QI Duan. An effective address mutation approach for disrupting reconnaissance attacks[J]. IEEE Transactions on Information Forensics and Security, 2015, 10(12): 2562-2577. doi: 10.1109/TIFS.2015. 2467358.
[5]	EVANS D, NGUYEN-TUONG A, and KNIGHT J. Effectiveness of Moving Target Defenses[M]. New York: Moving Target Defense I: Creating Asymmetric Uncertainty for Cyber Threats, Springer, 2011: 29-48.
[6]	MANADHATA P K. Game Theoretic Approaches to Attack Surface Shifting[M]. New York: Moving Target Defense II: Application of Game Theory and Adversarial Modeling, Springer, 2013: 1-13.
[7]	ZHUANG Rui, ZHANG Su, DELOACH S A, et al. Simulation-based approaches to studying effectiveness of moving target network defense[C]. In National Symposium on Moving Target Research, Annapolis, MD, USA, 2012: 21-26.
[8]	OKHRAVI H, RIORDAN J, and CARTER K. Quantitative Evaluation of Dynamic Platform Techniques as a Defensive Mechanism[M]. New York: Research in Attacks, Intrusions and Defenses, Springer, 2014: 405-425.
[9]	ZHUANG Rui, DELOACH S A, and OU Xinming. A model for analyzing the effect of moving target defenses on enterprise networks[C]. Procee dings of the 9th Annual Cyber and Information Security Research Conference, Tennessee, USA, 2014: 73-76.
[10]	HAN Yujuan, LU Wenlian, and XU Shouhuai. Characterizing the power of moving target defense via cyber epidemic dynamics[C]. Proceedings of the 2014 Symposium and Bootcamp on the Science of Security, Raleigh, NC, USA, 2014: 23-33.
[11]	CARROLL T E, CROUSE M, FULP E W, et al. Analysis of
	network address shuffling as a moving target defense[C]. 2014 IEEE International Conference on Communications, Sydney, Australia, 2014: 701-706.
[12]	HONG J B and KIM D S. Assessing the effectiveness of moving target defenses using security models[J]. IEEE Transactions on Dependable and Secure Computing, 2015, 13(2): 163-177. doi: 10.1109/TDSC.2015.2443790.
[13]	姜伟, 方滨兴, 田志宏, 等. 基于攻防博弈模型的网络安全测评和最优主动防御[J]. 计算机学报, 2009, 32(4): 817-827. doi: 10.3724/SP.J.1016.2009.00817.
	JIANG Wei, FANG Binxing, TIAN Zhihong, et al. Evaluating network security and optimal active defense based on attack-defense game model[J]. Chinese Journal of Computers, 2009, 32(4): 817-827. doi: 10.3724/SP.J.1016. 2009.00817.
[14]	VAN LEEUWEN B, STOUT W, and URIAS V. Operational cost of deploying moving target defenses defensive work factors[C]. 2015 IEEE Military Communications Conference, Tampa, FL, USA, 2015: 966-971.
[15]	ZAFFARANO K, TAYLOR J, and HAMILTON S. A quantitative framework for moving target defense effectiveness evaluation[C]. Proceedings of the Second ACM Workshop on Moving Target Defense, Denver, Colorado, USA, 2015: 3-10.
[16]	SHEYNER O, HAINES J, JHA S, et al. Automated generation and analysis of attack graphs[C]. Proceedings of 2002 IEEE Symposium on Security and Privacy, California, USA, 2002: 273-284.
[17]	YACKOSKI J, BULLEN H, YU Xiang, et al. Applying Self-shielding Dynamics to the Network Architecture[M]. New York: Moving Target Defense II: Application of Game Theory and Adversarial Modeling, Springer, 2013: 97-115.