摘要
考虑到网络防御主体通常具有资源受限等特点,基于智能化攻防对抗的理念研究了有限理性条件下的网络防御策略智能规划与自主实施。首先,融合攻击图、通用与领域专有知识构建网络防御安全本体;在此基础上,利用知识推理推荐安全防御策略,以更好地适应受保护网络信息资产的安全需求及当前所面临的攻击威胁;最后,结合有限理性的智能规划方法,实现网络安全防御资源受限、网络信息资产动态变化等约束条件下的防御策略自主规划与实施。实例表明,动态攻击下所提方法具有稳健性。将所提方法与现有基于博弈论及攻击图方法进行对比,实验结果表明在对抗一次典型的APT攻击时所提方法的防御有效性提高了5.6%~26.12%。
Considering that network defense subjects were usually resource-constrained,an intelligent planning and autonomous implementation of network defense strategies under bounded rationality was studied considering the concept of intelligent confrontation.First,attack graph,general knowledge and domain-specific knowledge were fused to construct a network defense security ontology.On that basis,knowledge reasoning was utilized to recommend security defense strategies to better adapt to the security needs of protected network information assets and current attack threats.Finally,an autonomous planning and implementation of defense strategies was achieved under the constraints of limited network security defense resources and dynamic changes of network information assets with the help of bounded rationality.The example shows that the proposed method is robust under dynamic attacks.The experiments show that the defense effectiveness is improved by 5.6%~26.12%compared with existing game theory and attack graph-based methods against a typical APT attack.
作者
刘盈泽
郭渊博
方晨
李勇飞
陈庆礼
LIU Yingze;GUO Yuanbo;FANG Chen;LI Yongfei;CHEN Qingli(Department of Cryptogram Engineering,Information Engineering University,Zhengzhou 450001,China)
出处
《通信学报》
EI
CSCD
北大核心
2023年第5期52-63,共12页
Journal on Communications
基金
国家自然科学基金资助项目(No.62276091)
河南省重大公益专项基金资助项目(No.201300311200)。
关键词
网络防御
防御策略推荐
智能规划
有限理性
安全本体
cyber defense
defense strategy recommendation
intelligent planning
bounded rationality
security ontology
