基于非零和攻防博弈模型的主动防御策略选取方法

针对现实网络攻防环境中防御措施的滞后性以及攻防对抗过程中双方收益不完全相等的问题，提出一种基于非零和博弈的主动防御策略选取方法。首先依据攻击者与系统的博弈关系，结合网络安全问题实际情况提出网络安全博弈图;其次在此基础上给出一种基于非零和博弈的网络攻防博弈模型，结合主机重要度以及防御措施成功率计算单一安全属性攻防收益值，进而根据攻防意图对整体攻防收益进行量化；最后通过分析纳什均衡得到最优主动防御策略。实例验证了该方法在攻击行为预测和主动防御策略选取方面的有效性和可行性。

Active defense strategy selection based on non-zero-sum attack-defense game model

In order to deal with the problems that defensive measures are lagging behind the attack and that the payoffs of attacker and defender are unequal, an active strategy selection method based on non-zero-sum game was proposed. Firstly, a network security game graph was presented combined with the actual situation of network security and the relationship between the attacker and the defender. Secondly, a network attack-defense game model was proposed based on non-zero-sum game. The attack-defense cost of single security attribute was calculated combined with the host important degree and success rate of defense measures, and according to attack-defense intention, the total attack-defense cost was quantified. Finally, the best strategy for defender was obtained by analyzing the Nash equilibrium of the game model. A representative example was given to illustrate the efficacy and feasibility of the method on attack prediction and active defense strategy selection.