Active Defense Strategy Selection Method Based on Two-Way Signaling Game

Most network security research studies based on signaling games assume that either the attacker or the defender is the sender of the signal and the other party is the receiver of the signal. The attack and defense process is commonly modeled and analyzed from the perspective of one-way signal transmission. Aiming at the reality of two-way signal transmission in network attack and defense confrontation, we propose a method of active defense strategy selection based on a two-way signaling game. In this paper, a two-way signaling game model is constructed to analyze the network attack and defense processes. Based on the solution of a perfect Bayesian equilibrium, a defense strategy selection algorithm is presented. The feasibility and effectiveness of the method are verified using examples from real-world applications. In addition, the mechanism of the deception signal is analyzed, and conclusions for guiding the selection of active defense strategies are provided.

Download Full-text

A Novel Attack-and-Defense Signaling Game for Optimal Deceptive Defense Strategy Choice

Wireless Communications and Mobile Computing ◽

10.1155/2020/8850356 ◽

2020 ◽

Vol 2020 ◽

pp. 1-10

Author(s):

Yongjin Hu ◽

Han Zhang ◽

Yuanbo Guo ◽

Tao Li ◽

Jun Ma

Keyword(s):

Traditional Approach ◽

Optimal Strategies ◽

Signaling Game ◽

Game Model ◽

Defense Strategies ◽

Defense Strategy ◽

Bayesian Equilibrium ◽

Proposed Model ◽

Improved Model ◽

Attack And Defense

Increasingly, more administrators (defenders) are using defense strategies with deception such as honeypots to improve the IoT network security in response to attacks. Using game theory, the signaling game is leveraged to describe the confrontation between attacks and defenses. However, the traditional approach focuses only on the defender; the analysis from the attacker side is ignored. Moreover, insufficient analysis has been conducted on the optimal defense strategy with deception when the model is established with the signaling game. In our work, the signaling game model is extended to a novel two-way signaling game model to describe the game from the perspectives of both the defender and the attacker. First, the improved model is formally defined, and an algorithm is proposed for identifying the refined Bayesian equilibrium. Then, according to the calculated benefits, optimal strategies choice for both the attacker and the defender in the game are analyzed. Last, a simulation is conducted to evaluate the performance of the proposed model and to demonstrate that the defense strategy with deception is optimal for the defender.

Download Full-text

A Defense Strategy Selection Method Based on the Cyberspace Wargame Model

Security and Communication Networks ◽

10.1155/2021/4292670 ◽

2021 ◽

Vol 2021 ◽

pp. 1-12

Author(s):

Yuwen Zhu ◽

Lei Yu ◽

Houhua He ◽

Yitong Meng

Keyword(s):

Effective Means ◽

Selection Method ◽

Limited Resources ◽

Tree Search ◽

Strategy Selection ◽

Optimal Defense ◽

Monte Carlo Tree Search ◽

Network Attack ◽

Defense Strategies ◽

Defense Strategy

Network defenders always face the problem of how to use limited resources to make the most reasonable decision. The network attack-defense game model is an effective means to solve this problem. However, existing network attack-defense game models usually assume that defenders will no longer change defense strategies after deploying them. However, in an advanced network attack-defense confrontation, defenders usually redeploy defense strategies for different attack situations. Therefore, the existing network attack-defense game models are challenging to accurately describe the advanced network attack-defense process. To address the above challenges, this paper proposes a defense strategy selection method based on the network attack-defense wargame model. We model the advanced network attack-defense confrontation process as a turn-based wargame in which both attackers and defenders can continuously adjust their strategies in response to the attack-defense posture and use the Monte Carlo tree search method to solve the optimal defense strategy. Finally, a network example is used to illustrate the effectiveness of the model and method in selecting the optimal defense strategy.

Download Full-text

Defense Strategy Selection Model Based on Multistage Evolutionary Game Theory

Security and Communication Networks ◽

10.1155/2021/4773894 ◽

2021 ◽

Vol 2021 ◽

pp. 1-15

Author(s):

Yanhua Liu ◽

Hui Chen ◽

Hao Zhang ◽

Ximeng Liu

Keyword(s):

Game Theory ◽

Evolutionary Game Theory ◽

Evolutionary Game ◽

Dynamic Network ◽

Game Model ◽

Strategy Selection ◽

Network Attack ◽

Learning Mechanism ◽

Defense Strategy ◽

Attack And Defense

Evolutionary game theory is widely applied in network attack and defense. The existing network attack and defense analysis methods based on evolutionary games adopt the bounded rationality hypothesis. However, the existing research ignores that both sides of the game get more information about each other with the deepening of the network attack and defense game, which may cause the attacker to crack a certain type of defense strategy, resulting in an invalid defense strategy. The failure of the defense strategy reduces the accuracy and guidance value of existing methods. To solve the above problem, we propose a reward value learning mechanism (RLM). By analyzing previous game information, RLM automatically incentives or punishes the attack and defense reward values for the next stage, which reduces the probability of defense strategy failure. RLM is introduced into the dynamic network attack and defense process under incomplete information, and a multistage evolutionary game model with a learning mechanism is constructed. Based on the above model, we design the optimal defense strategy selection algorithm. Experimental results demonstrate that the evolutionary game model with RLM has better results in the value of reward and defense success rate than the evolutionary game model without RLM.

Download Full-text

Generation Method of Power Network Security Defense Strategy Based on Markov Decision Process

Distributed Generation & Alternative Energy Journal ◽

10.13052/dgaej2156-3306.3635 ◽

2021 ◽

Author(s):

Wang Yang ◽

Liu Dong ◽

Wang Dong ◽

Xu Chun

Keyword(s):

Network Security ◽

Response Time ◽

Markov Decision Process ◽

Decision Process ◽

Evolutionary Game ◽

Power Network ◽

Network Attack ◽

Defense Strategy ◽

Markov Decision ◽

Attack And Defense

Aiming at the problem that the current generation method of power network security defense strategy ignores the dependency relationship between nodes, resulting in closed-loop attack graph, which makes the defense strategy not generate attack path, resulting in poor defense effect and long generation response time of power network security defense strategy, a generation method of power network security defense strategy based on Markov decision process is proposed. Based on the generation of network attack and defense diagram, the paper describes the state change of attack network by using Markov decision-making process correlation principle, introduces discount factor, calculates the income value of attack and defense game process, constructs the evolutionary game model of attack and defense, solves the objective function according to the dynamic programming theory, obtains the optimal strategy set and outputs the final results, and generates the power network security defense strategy. The experimental results show that the proposed method has good defense effect and can effectively shorten the generation response time of power network security defense strategy.

Download Full-text

Study on Stochastic Differential Game Model in Network Attack and Defense

Security and Communication Networks ◽

10.1155/2020/3417039 ◽

2020 ◽

Vol 2020 ◽

pp. 1-15

Author(s):

Xiaotong Xu ◽

Gaocai Wang ◽

Jintian Hu ◽

Yuting Lu

Keyword(s):

Differential Equation ◽

Stochastic Differential Equation ◽

Evolutionary Game ◽

Markov Property ◽

Game Model ◽

Strategy Selection ◽

Network Attack ◽

Disturbance Factor ◽

Attack And Defense ◽

Selection Of

In recent years, evolutionary game theory has been gradually applied to analyze and predict network attack and defense for maintaining cybersecurity. The traditional deterministic game model cannot accurately describe the process of actual network attack and defense due to changing in the set of attack-defense strategies and external factors (such as the operating environment of the system). In this paper, we construct a stochastic evolutionary game model by the stochastic differential equation with Markov property. The evolutionary equilibrium solution of the model is found and the stability of the model is proved according to the knowledge of the stochastic differential equation. And we apply the explicit Euler numerical method to analyze the evolution of the strategy selection of the players for different problem situations. The simulation results show that the stochastic evolutionary game model proposed in this paper can get a steady state and obtain the optimal defense strategy under the action of the stochastic disturbance factor. In addition, compared with other kinds of literature, we can conclude that the return on security investment of this model is better, and the strategy selection of the attackers and defenders in our model is more suitable for actual network attack and defense.

Download Full-text