$\require{mediawiki-texvc}$

연합인증

연합인증 가입 기관의 연구자들은 소속기관의 인증정보(ID와 암호)를 이용해 다른 대학, 연구기관, 서비스 공급자의 다양한 온라인 자원과 연구 데이터를 이용할 수 있습니다.

이는 여행자가 자국에서 발행 받은 여권으로 세계 각국을 자유롭게 여행할 수 있는 것과 같습니다.

연합인증으로 이용이 가능한 서비스는 NTIS, DataON, Edison, Kafe, Webinar 등이 있습니다.

한번의 인증절차만으로 연합인증 가입 서비스에 추가 로그인 없이 이용이 가능합니다.

다만, 연합인증을 위해서는 최초 1회만 인증 절차가 필요합니다. (회원이 아닐 경우 회원 가입이 필요합니다.)

연합인증 절차는 다음과 같습니다.

최초이용시에는
ScienceON에 로그인 → 연합인증 서비스 접속 → 로그인 (본인 확인 또는 회원가입) → 서비스 이용

그 이후에는
ScienceON 로그인 → 연합인증 서비스 접속 → 서비스 이용

연합인증을 활용하시면 KISTI가 제공하는 다양한 서비스를 편리하게 이용하실 수 있습니다.

Network Security Situation Assessment Method Based on Markov Game Model 원문보기

KSII Transactions on internet and information systems : TIIS, v.12 no.5, 2018년, pp.2414 - 2428  

Li, Xi (Information Engineering Department Ordnance Engineering College) ,  Lu, Yu (Information Engineering Department Ordnance Engineering College) ,  Liu, Sen (The 54th Research Institute of CETC) ,  Nie, Wei (College of Information Engineering Shenzhen University)

Abstract AI-Helper 아이콘AI-Helper

In order to solve the problem that the current network security situation assessment methods just focus on the attack behaviors, this paper proposes a kind of network security situation assessment method based on Markov Decision Process and Game theory. The method takes the Markov Game model as the ...

주제어

#network security   #situation assessment   #Markov Decision Process   #Game theory  

AI 본문요약
AI-Helper 아이콘 AI-Helper

* AI 자동 식별 결과로 적합하지 않은 문장이 있을 수 있으니, 이용에 유의하시기 바랍니다.

제안 방법

  • The solutions are all Nash equilibrium candidate solutions, if the candidate solution is unique, then need to verify the results by two order derivative. If the candidate solution is not unique, this paper uses the Pareto advantage standard and the expert experience to verify and determine the final Nash equilibrium point. For example, assuming that both (p1, p2, q1) = (1, 0, 1) and (p1, p2, q1) = (0, 0, 1) are candidate solutions, according to Pareto advantage, both sides will get more payoff if selecting (p1, p2, q1) = (1, 0, 1) , so the result is (p1, p2, q1) = (0, 0, 1).
  • In the second experiment, the both sides’ payoff values of the Markov Game model are modified.
  • The model can solve a safety problem that the static defense cannot cope with tactics and lack of dynamic change; Xie Lixia[6] proposes a network security situation awareness method based on neural network. She designs a BP neural network structure to meet the evaluation requirements, realize the nonlinear mapping relationship between the first level indicators and the second, and use the hierarchical matrix to accomplish the first level situation evaluation. Li F W[7] proposes a network security situation assessment method based on Hidden Markov model.
  • The Markov Game model proposed in this paper consists of two sides of the game, the state space, the behavior space, the transition probability and the pay function.
  • For the same attack using different defense, the final result of the damage will be a lot of difference. The network security situation assessment method proposed by this paper, takes full account of the network offensive and defensive actions adopted by the two sides, and gives a comprehensive evaluation.

이론/모형

  • In order to directly show the process that using Markov Game model to calculate the threat situation assessment, this paper uses the minimum dimension of the high dimension problem. In fact, the both sides’ actions(strategy) are not limited to the 2-3 types, and the algebraic method is used to solve the problem of higher dimensional Nash equilibrium.
  • 2. The framework uses Markov Game model to achieve the refinement and evaluation of network threats in Level3, which is the core of the framework. Game theory can well reflect the substantive characteristics of the attackers and the defenders.
  • The security situation assessment method proposed in this paper combines the Markov Decision Process and the Game Theory. This method reflects the characteristics of network security that the process of network attack and defense is a game with randomness.
  • This paper proposes a kind of network security situation assessment framework based on Markov Game model, with referencing multiple models[13,14,15,16,17],as shown in Fig. 2. The framework uses Markov Game model to achieve the refinement and evaluation of network threats in Level3, which is the core of the framework.
본문요약 정보가 도움이 되었나요?

참고문헌 (18)

  1. Gong Z H, Zhuo Y. "Research on Cyberspace Situational Awareness," Journal of Software, vol.21, no.7, pp.1605-1619, 2010. 

  2. Boyer S, Dain O, Cunningham R. "Stellar: A fusion system for scenario construction and security risk assessment," in Proc. of the 13th IEEE Int'l Workshop on Information Assurance, pp.105-116, 2015. 

  3. Ramaki A A, Khosravi-Farmad M, Bafghi A G. "Real time alert correlation and prediction using Bayesian networks," in Proc. of the ISCISC, pp.98-103, 2015. 

  4. Wang C H, Chiou Y C. "Alert correlation system with automatic extraction of attack strategies by using dynamic feature weights," Int'l Journal of Computer and Communication Engineering, vol.5, no.1, pp.1-10, 2016. 

    crossref

  5. Jinxia Wei, Ru Zhang , Jianyi Liu, et al. "Defense Strategy of Network Security based on Dynamic Classification," Ksii Transactions on Internet and Information Systems, vol.9, no.12, pp.5116-5134, 2015. 

    원문보기 상세보기

  6. Xie L X, Wang Y C, Yu J B. "Network Security Situation Awareness Approach Based on Markov Game Model," J Tsinghua Univ (Sci & Technol), vol.53, no.12, pp.1750-1760, 2013. 

  7. Li F W, Sun S, Zhu J, etal. "Situation Assessment Method based on Hidden Markov Model," Computer Engineering and Design, vol.36, no.7, pp.1706-1711, 2015. 

  8. Wen Z C, Chen Z G. "Network security situation prediction method based on hidden Markov model," Journal of Central South University (Science and Technology), vol.46, no.10, pp.3689-3695, 2015. 

  9. Xi R R, Yun X C, Zhang Y Z, etal. "An Improved Quantitative Evaluation Method for Network Security," Chinese Journal of Computers, vol.38, no.4, pp.749-758, 2015. 

  10. Guan-Yu Hu, Zhi-Jie Zhou, Bang-Cheng Zhang, etal. "A method for predicting the network security situation based on hidden BRB model and revised CMA-ES algorithm," Applied Soft Computing, vol.48, pp.404-418, 2016. 

    상세보기 crossref

  11. Bass T. "Multi sensor data fusion for next generation distributed intrusion detection systems," in Proc. of the'99 IRIS National Symp. on Sensor and Data Fusion. pp.24-27, 1999. 

  12. Bass T. "Intrusion detection systems and multi sensor data fusion," Communications of the ACM, vol.43, no.4, pp.99-105, 2000. 

    상세보기

  13. Gad A, Farooq M. "Data fusion architecture for maritime surveillance," in Proc. of the Int'l Society on Information Fusion(ISIF), pp.448-455, 2002. 

  14. Kadar I. "Knowledge representation issues in perceptual reasoning managed situation assessment," in Proc. of the FUSION, pp.13-15, 2005. 

  15. Llinas J, Hall D. "An introduction to multi sensor data fusion," in Proc. of the ISCAS '98 - Proceedings of the 1998 IEEE International Symposium on Circuits and Systems, vol. 6, pp.537-540, 1998. 

  16. Blasch E, Plano S. "DFIG level5 issues supporting situational assessment reasoning," in Proc. of the FUSION, pp.35-43, 2005. 

  17. Zhang Y, Tan X B, Cui X L, etal. "Network Security Situation Awareness Approach Based on Markov Game Model," Journal of Software, vol.22, no.3, pp.495-508, 2011. 

    상세보기 crossref

  18. The snort project. "SNORT Users Manual," 

관련 콘텐츠

오픈액세스(OA) 유형

GOLD

오픈액세스 학술지에 출판된 논문

섹션별 컨텐츠 바로가기

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

AI-Helper 아이콘
AI-Helper
안녕하세요, AI-Helper입니다. 좌측 "선택된 텍스트"에서 텍스트를 선택하여 요약, 번역, 용어설명을 실행하세요.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.

선택된 텍스트

맨위로