中文摘要：

由于网络安全攻防双方的目标对立性和策略依存性,使得最优防御策略选取问题十分复杂.形式化定义了网络安全防御策略选取问题.提出了一种刻画网络安全攻防矛盾,解决防御策略选取问题的攻防随机博弈模型.该模型是矩阵型攻防博弈模型和Markov决策过程的扩展,是多人、多状态的动态攻防推演模型.将攻击者在网络实体上的特权状态作为攻防随机博弈模型的元素,建模网络攻防状态的动态变化,并预测攻击行为和决策最优防御策略.给出了基于上述模型的防御策略选取算法.用一个网络实例分析了该模型和算法在攻击策略预测和防御策略决策方面的有效性.

英文摘要：

The defender needs to predict,detect and understand attacks,and makes good decisions about defense strategies.Because the target of attackers and defenders is oppositional and their strategies are interdependent,the selection of optimal defense strategy is a complex issue.In this paper,the issue of optimal defense strategy selection is defined and formalized.A new attack-defense stochastic game model is proposed to describe the offensive and defensive conflict of attackers and defenders in network security and address the issue of optimal defense strategy selection.The model is a dynamic multi-player and multi-state model which is expanded by normal attack-defense game and Markov decision process.By viewing privilege state in node of attacker as elements in attack-defense stochastic game,we can model the dynamic transition of attack and defense state and compute the probabilities of attacker and defender behavior.This paper analyzes the cost factors related to attack and defense and provides a cost-benefit analysis method that helps defender evaluate and select defense strategies.An algorithm for defense strategy selection based on those models is proposed.A representative network example is provided to illustrate our models and demonstrate the efficacy of our models in the prediction of attack behaviors and decision of optimal defense strategies.