Abstract
To analyze the influence of threat propagation on network system and accurately evaluate system security, this paper proposes an approach to improve the awareness of network security, based on Attack-Defense Stochastic Game Model (ADSGM). The variety of network security elements collected by multi-sensors are fused into a standard dataset such as assets, threats and vulnerabilities. For every threat, it builds a threat propagation network and propagation rule. By using the game theory to analyze the network offensive and defensive process, it establishes the ADSGM. The ADSGM can dynamically evaluate network security situation and provide the best reinforcement schema. Experimental results on a specific network indicate that the approach is more precise and more suitable for a real network environment. The reinforcement schema can effectively prevent the propagation of threats and reduce security risks.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Xuan, Z.: Survey of network security situation awareness and key technologies. In: Li, S., Jin, Q., Jiang, X., Park, J.J. (eds.) Frontier and Future Development of Information Technology in Medicine and Education. LNEE, vol. 269, pp. 3281–3286. Springer, Dordrecht (2014). https://doi.org/10.1007/978-94-007-7618-0_423
Chen, X., Zheng, Q., et al.: Study on evaluation for security situation of networked systems. J. Xi’an Jiao Tong Univ. 38, 404–408 (2004)
Trusted Computing Group: TCG Specification architecture overview specification revision 1.2. [EB/OL], 15 April 2011
Trusted Computing Group: TCG Specification Architecture Overview, pp. 5–40. Trusted Computing Group, Oregon (2007)
Xie, L., Wang, Y.: New method of network security situation awareness. J. Beijing Univ. Posts Telecommun. 31–35 (2014)
Qu, Z.Y., Li, Y.Y.: A network security situation evaluation method based on D-S evidence theory. In: International Conference on Environmental Science and Information Application Technology, pp. 496–499. IEEE (2010)
Liu, S.C., Liu, Y.: Network security risk assessment method based on HMM and attack graph model. In: IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/distributed Computing, pp. 517–522. IEEE (2016)
Hu, H., Zhang, H., Liu, Y., et al.: Quantitative method for network security situation based on attack prediction. Secur. Commun. Netw. 1–19 (2017)
Dang, D.: Assessment of information security risk by support vector machine. J. Huazhong Univ. Sci. Technol. 38(3), 46–49 (2010)
Liang, X., Xiao, Y.: Game theory for network security. IEEE Commun. Surv. Tutor. 15(1), 472–486 (2013)
Chen, Y., Wu, X., et al.: Network security evaluation of stochastic game and network based on entropy. J. Beijing Univ. Posts Telecommun. 1, 92–96 (2014)
Wang, Y., et al.: Modeling and security analysis of enterprise network using attack–defense stochastic game Petri nets. Secur. Commun. Netw. 6(1), 89–99 (2013)
Shen, D., Chen, G., Haynes, L., et al.: A Markov game theoretic data fusion approach for cyber situational awareness. In: Proceedings of SPIE - The International Society for Optical Engineering, vol. 6571, no. 48, pp. 65710F–65710F-12 (2007)
Ryutov, T., Orosz, M., Blythe, J., von Winterfeldt, D.: A game theoretic framework for modeling adversarial cyber security game among attackers, defenders, and users. In: Foresti, S. (ed.) STM 2015. LNCS, vol. 9331, pp. 274–282. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-24858-5_18
Shandilya, V., Shiva, S.: A Network Security Game Model, pp. 159–161 (2015)
Liu, X., Yuan, Y.: A novel dynamic method in distributed network attack-defense game. Math. Probl. Eng. 1–7 (2015)
Zhang, Y., Tan, X., Cui, X.: Network security situation awareness approach based on Markov game model. J. Softw. 22, 495–508 (2011)
GB/T 20984-2007: Information security technology, information security risk assessment specification
Feng, N., Wang, H.J., Li, M.: A security risk analysis model for information systems: causal relationships of risk factors and vulnerability propagation analysis. Inf. Sci. 256, 57–73 (2014)
Zhang, Y., Fang, B.X., Chi, Y., Yun, X.: Research on network node correlation in network risk assessment. J. Comput. Res. 30, 234–240 (2007)
Acknowledgment
This work was supported by the National Key Research and Development Program of China (2016YFB0800903), the NSF of China (U1636212, U1636112).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Liu, J., Weng, F., Zhang, R., Guo, Y. (2018). Network Security Situation Assessment Approach Based on Attack-Defense Stochastic Game Model. In: Sun, X., Pan, Z., Bertino, E. (eds) Cloud Computing and Security. ICCCS 2018. Lecture Notes in Computer Science(), vol 11065. Springer, Cham. https://doi.org/10.1007/978-3-030-00012-7_15
Download citation
DOI: https://doi.org/10.1007/978-3-030-00012-7_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-00011-0
Online ISBN: 978-3-030-00012-7
eBook Packages: Computer ScienceComputer Science (R0)