| With the increasing complexity and automation of network attacks,security systems have raised the requirements for security mechanisms.Traditional passive protection mainly takes measures to stop the emerging cyber attacks,which does not prevent the attacks from occurring in advance.The active defense model is a current research hotspot,which mainly deploys defensive measures in advance against system vulnerabilities to deter attacks,but does not give proper consideration to attacks without forethought.To address the above problems,a network security protection model based on stochastic game with a combination of active and passive is proposed.The model introduces passive defense strategies in the active defense model,which analyzes and predicts the system vulnerabilities and gives defense strategies and deals with unanticipated attacks.This model achieves early prevention and timely remediation.This thesis focuses on the following areas for in-depth study.Firstly,the game model is introduced to the model network security,and an activepassive combined protection model based on stochastic game is proposed.Game theory is a key technology for active defense,which is employed to investigate and improve the decision-making issues in network attack-defense conflicts.In this paper,network attackdefense game models are classified in multiple dimensions and common game models are introduced in detail.And then,the elements of the model such as the payoff function and the optimal policy selection algorithm are designed,and the model’s effectiveness is demonstrated through examples and experiments.In addition,this paper summarizes the criteria used to evaluate both offensive and defensive behavior and optimizes the defense graph model.Cost-benefit quantification models are used to measure the behaviors of attackers and defenders,allowing the quantification of costs and benefits,etc.,and providing the basis for the utility functions used by the attack-defense game model.A new guideline for evaluating the behavior of both attackers and defenders is proposed based on the CVSS vulnerability scoring criterion and combined with the proposed security protection model.The defense graph incorporates information such as attack-defense strategies and attack-defense costs,that reflects the nature of network attack and defense.In this paper,combined with the proposed guidelines,an offense-defense graph model is optimally designed as an overall attack graph and a single-point defense graph,describing the relationship between network states,attackers and defenders is obtained.Furthermore,security analysis is a common method to evaluate the reliability of a system.In this paper,stochastic Petri nets and Markov chain models are combined to model the analysis of the proposed defense model.By illustrating the example analysis,the validity of this security analysis model is confirmed.Additionally,the reliability of the proposed protection model is proved to be better than other policies and some existing models by experimental simulation.Finally,an active and passive combined protection system is designed and implemented which has automatic security protection capability and the ability to visualize the gaming results.It is user-friendly and verifies the implementability of the two major functions of active and passive defense. |
PDF Full Text Request