中文摘要：

随着基于Web环境的互联网应用越来越广泛，Web应用的安全问题日益突出。针对黑客攻击Web应用的问题，提出一种基于贝叶斯Stackelberg博弈的Web安全应用模型。模型中提出了一种改进的收益计算方法，在综合考虑成本和收益参数的同时，将防御者的最优反击纳入考虑范畴，能够更加准确地计算攻防双方的支付矩阵。模型利用领导者的优势，利用DOBSS计算防守方的最优混合策略，分析证实了模型和分析方法的有效性。

英文摘要：

With Web-based Interact application environment is becoming more and more widely, Web application security issues become increasingly prominent. For Web application hacking problems, presents a security application model based on Bayesian Stackelberg game. In this model ,an improved payoff calculation method is presented, which takes the counterattack as well as cost parameters and benefit parameters of both sides＇strategies into account. And the payment of both offense and defense able to be calculated more accurately. Model uses the advantages of the leader, the defender can calculate the optimal mixed strategy with DOBSS algorithm. The example analysis proves the effectiveness of the model and algorithm.