Network Security Evaluation and Optimal Active Defense based on Attack and Defense Game Model
Fang Li
Abstract
With the rapid development of network technology, information spreads rapidly through the network. High-speed wide area network and broadband metropolitan area network have been widely used in enterprise communications, promoting the improvement of enterprise information level in modern society, and enhancing the market competitiveness of enterprises. However, it is worth noting that while Internet technology and the Internet are widely used, the activities of viruses and hackers are increasingly rampant, and various new network attacks and viruses emerge in an endless stream, bringing unprecedented security risks to network security. The target of attackers is to penetrate the network and steal valuable data. The goal of the defender is to prevent attackers from intruding into the network. Attacks can be divided into two types: reconnaissance and violent attack. Reconnaissance is when an attacker tries to find information about the target, while a violent attack attempts all possible passwords or key combinations until a valid password or password is found. Violent attacks are more likely to succeed against poorly protected systems because they do not require time to test each password or key combination. In order to evaluate the network information system security and active defense, the network defense graph model, the classification of attack and defense strategies and the cost quantification method, the network attack and defense game model and the optimal active defense selection algorithm based on the above models are proposed. Finally, a typical network example is used to analyze the application of the above models and algorithms in network security evaluation and optimal active defense. The analysis results show that the proposed models and methods are feasible and effective.