| ¡¡ | Chinese Journal of Computers Full Text |
| Title | Evaluating Network Security and Optimal Active Defense Based on Attack-Defense Game Model |
| Authors | JIANG Wei1) FANG Bin-Xing1),2) TIAN Zhi-Hong1),2) ZHANG Hong-Li1) |
| Address | 1)(Computer Network and Information Security Research Center, Harbin Institute of Technology, Harbin 150001) 2)(Institute of Computing Technology, Chinese Academy of Sciences, Beijing 100190) |
| Year | 2009 |
| Issue | No.4(817¡ª827) |
| Abstract & Background | Abstract To evaluate the security of network information systems and perform active defense, this paper presents some models including defense graph model, attack-defense taxonomy and cost quantitative method, and Attack-Defense Game (ADG) model. Algorithms for selecting optimizing active defense strategy based on those models are proposed and analyzed in a representative network example. Results indicate that the models and methods are effective and efficient. Keywords internet security; defense graph; quantitative cost analysis; attack-defense game model; optimal active defense Background This research is partly supported by the National Basic Research Program(973 Program) of China under grant No.2007CB311100, the National High Technology Research and Development Program(863 Program) of China under grant(Nos.2007AA01Z442,2007AA01Z406,2009AA012437). Traditional static protective measures are not sufficient to secure a complex networked system. Existing cyber security technologies can only passively prevent, detect, and react to cyber attacks. Intrusion detection (ID) architecture is a passive information processing paradigm. In many cases intrusion response is ¡°too late¡± after very serious damage is caused. Attack prediction is very critical for cyber homeland security. It is a big challenge that making correct optimal proactive defense decisions during an earlier stage of the attack. In such a way we can transform passive to proactive cyber defense, and much less harm will be caused without consuming a lot of resources. This paper views the interactions between an attacker and the defender as a two-player non-cooperative game and formulate an attack-defense game (ADG) model for the game. The defense graph model, attack-defense taxonomy and cost quantitative model are proposed. An algorithm for optimal active defense strategy selection based on those models is proposed. Optimal defense strategies with minimizing costs are used to defend the attack and harden the network in advance. |