基于攻防博弈模型的网络安全测评和最优主动防御.PDFVIP

32 　4 　　　　　　　　 Vol.32 No.4 2009 4 CHIN ESE JOU RNA L OF COMPUTERS Apr.2009 　 1) 1), 2) 1), 2) 1) 姜　伟 　方滨兴 　田志宏 　张宏莉 1)( 　　150001) 2)(　　100190) 　　 , 、、 . ., 、. 　 ;;;; TP309　　　DOI :10.3724/SP.J.101 .2009.00817 Evaluating Network Security and Optimal ActiveDefenseBased on Attack-Defense GameModel 1) 1), 2) 1), 2) 1) JIANG Wei 　FANG Bin-Xing 　TIAN Zhi-Hong 　ZHANG Hong-Li 1)(Computer Network and Inf ormation Security Research Center, HarbinInstitute of Technology, Harbin　150001) 2)(Instituteof Comp uting Technology, Chinese Academy of Sciences, Beij ing 　100190) Abstract　To evaluate the security of netw ork information systems and perform active defense, this paper presents some models including defense graph model, attack-defense taxonomy and cost quantitative method, and Attack-Defense Game (ADG)model.Algorithms for selecting op- timizing active defense strategy based on those models are proposed and analyzed in a representa- tive netw ork example.Results indicate that the models and methods are effective and efficient . ernet security;defense graph;quantitative cost analysis;attack-defense game model;optimal active defense , , 1　　 . , 、 ① 、 . :“ , 、 , , , , 、 :2008-12-08;:2009-02-12.“”(2007CB311100)、 “”(20