Decision method for dynamic network transformation under full information conditions and system thereof

A technology of dynamic transformation and decision-making method, applied in the field of network security, it can solve the problems of limited, inapplicable defense costs, and increase the performance overhead of network systems, and achieve the effect of simplifying the solution process, improving practicability, and ensuring universality.

Inactive Publication Date: 2019-02-22
PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
View PDF5 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although existing studies have proposed a variety of MTD technologies and implementation methods for different network security threats, the simple superposition of different MTD technologies will greatly increase the performance overhead of the network system, and the "at all costs" defense cannot be applied to networks with limited defense costs. actual conditions

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Decision method for dynamic network transformation under full information conditions and system thereof
  • Decision method for dynamic network transformation under full information conditions and system thereof
  • Decision method for dynamic network transformation under full information conditions and system thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] The present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments, but the protection scope of the present invention is not limited thereto.

[0047] Since the selection of the moving target defense (Moving Target Defense, MTD) jump strategy will directly lead to the difference in the attack surface and detection surface of the network system, and the change of the attack surface and detection surface of the target network can reflect the defense effectiveness of MTD, so it can be Using the attack surface and detection surface to describe the defense effectiveness produced by the MTD jump strategy.

[0048] Definition 1: The attack surface (Attack Surface, AS) is a set of network resources that the defender needs to transfer and transform in order to prevent the attacker from entering and achieve the attack purpose at a certain time t. It consists of the Attack Surface Dimension (ASD) and the dimension...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention belongs to the technical field of network safety and specifically relates to a decision method for dynamic network transformation under full information conditions and a system thereof.The decision method comprises the following steps: obtaining state transition probability according to the network state, an attack strategy and a defense strategy; using a game theory to describe gains of both sides of the offensive and defensive game during moving target defense; constructing a moving target defense model based on a Markov game in combination with the state transition probability; transforming the solution of the moving target defense model into an equivalent of a target function and obtaining an optimal moving target defense strategy. According to the method and the systemin the invention, the moving target defense model based on the Markov game is constructed according to the state transition probability and both the sides of the offensive and defensive game; furthermore, the optimal moving target defense strategy is obtained by solving so as to realize balance of network performance overheads and moving target defense gains and solve the technical problem of howto select the optimal defense strategy based on limited network resources.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a decision-making method and system for network dynamic transformation under the condition of complete information. Background technique [0002] With the continuous evolution of new network attack methods, attacks such as Zero-day Exploitation and Advanced Persistent Threat (Advanced Persistent Threat) have severely challenged Internet security. Studies have shown that the biggest feature of Internet security is "easy to attack but difficult to defend". On the one hand, because the attacker can detect, collect and utilize the resource vulnerability of the target network system for a long time, it has the advantage of time and information asymmetry; on the other hand, because the existing firewall, intrusion detection and virus killing methods are Defenses are implemented based on prior knowledge, so there are cognitive limitations and hysteresis. The root ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/24
CPCH04L41/145H04L63/205
Inventor 张玉臣汪永伟雷程刘小虎范钰丹张畅张任川刘璟孙怡峰周供伟谭晶磊
Owner PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap