详细信息
分类信息:
>>学科导航分类法 _工学 _计算机科学与技术 _计算机应用技术
封面图片 自有资源  
无权查看内容文件信息  
题名 基于贝叶斯博弈的攻击预测模型
姓名 曹晖
院系 信息科学与工程学院
专业 计算机应用技术
学位名称 工学硕士
外文题名 Attack Prediction Model Based on Bayesian Game
第一导师姓名 马义忠
关键词 静态贝叶斯博弈;动态贝叶斯博弈;攻击预测;入侵检测系统;主动防御
外文关键词 static bayesian game;dynamic bayesian game;attack prediction;intrusion detection system;active protection
学科 工学
摘要 对攻击预测建模是当前网络安全研究的一个重要方向。本文提出了基于静态贝叶斯博弈的攻击预测模型(SBGAPM)和基于动态贝叶斯博弈的攻击预测模型(DBGAPM)。其中,SBGAPM通过模拟攻击者和防御者的攻防行为选择,能预测出理性的攻击者和防御者为最大化各自的收益会选择攻击和防御的概率。DBGAPM在SBGAPM基础之上,能根据攻击者的历史行为,使用贝叶斯法则对网络中存在恶意主机节点的概率进行合理的修正。并以此为基础,通过分析攻击者和防御者双方的收益,预测出理性的攻击者和防御者在下一个博弈阶段会选择攻击和防御的概率。 预测结果为网络安全管理员进行安全配置提供了有价值的参考依据。从而使被动的检测变为主动的有针对性的防御成为可能。最后介绍了相应的实验过程和结果分析,验证了模型的有效性。 此外,本文还提出一个能在实际中应用的框架,该框架结合DBGAPM和入侵管理系统(IMS),可以帮助用户建立一个动态的纵深防御体系,形成一个可控可管理的安全平台。也表明安全产品正走向融合、协同工作和集中管理的发展方向。
外文摘要 Modeling for attack prediction is an important aspect of the research in network security. This paper describes attack prediction model based on static bayesian game (SBGAPM) and dynamic bayesian games (DBGAPM). The SBGAPM model can predict the probability of attacks or defenses that reasonable attacker or defender will take, in order to maximize their payoff. According to the attacker's historical behavior and SBGAPM result, The DBGAPM model reasonably updates the probability of malicious nodes existing in the network by using bayesian law, with which it can predict the probability of attacks or defenses that reasonable attacker or defender will take in the next stage of the game, in order to maximize their payoff. Thus the result can be used to assist security administrators to configure the network system. It may improve the passive detection to the active protection for the defender. This paper also presents the process of experimental and analysis result for validity of the model. In addition, This paper still give an application frame which including DBGAPM and IMS. This application frame can help user build a dynamic and strong prevention system, and the security platform are being controlled and managed. It also indicates security products 's way becomes mixing、working together、managing centrally.
研究领域 网络安全 信息安全
保存本页    打印本页