Abstract
Taking the strategy combination of attack and defense as the basic parameter, Dematel method (decision test and experiment evaluation method) is introduced to analyze the causal relationship between attack strategies and defense strategies by constructing the matrix of “expertise”. The method is used to calculate the effect of attack and defense strategies, compare the direct and indirect impact towards to target network system, thus achieve the purpose of assessing the overall impact of the offensive and defensive strategies on the target network system. Aiming at the attack and defense game theory based on Web service of a target network system, the attacker has four attack strategies: such as malicious code attack, denial of service attack. Defender has three defensive strategies: such as Web services security strategy defense, code reconstruction defense. The experimental results showed network defense in the network offensive and defensive system is the recipient of influence rather than those who are always in a passive position, cyber attacks are those who influence. Denial-of-service attacks are mainly those who affect the impact of the ability to resist other effects strong, the result is very important to study Web services-based network offensive and defensive game theory.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ming, X., Weidong, B., Yongjie, W., et al.: Introduction to the Evaluation of Cyber Attack Effects. National Defense Industry Press, Beijing (2007)
Roy, S., Ellis, C., Shiva, S., et al.: A survey of game theory as applied to network security. In: Hawaii International Conference on System Sciences, pp. 1–10. IEEE (2010)
Yuan, Z., Jianguo, H.: Network attack information support effectiveness evaluation method based on system entropy. J. PLA Univ. Sci. Technol. (Nat. Sci. Ed.) 15(2), 127–132 (2014)
Manshaei, M.H., Zhu, Q., Alpcan, T., et al.: Game theory meets network security and privacy. ACM Comput. Surv. (CSUR) 45(3), 25 (2013)
Liang, X., Xiao, Y.: Game theory for network security. IEEE Commun. Surv. Tutor. 15(1), 472–486 (2013)
Do, C.T., Tran, N.H., Hong, C., et al.: Game theory for cyber security and privacy. ACM Comput. Surv. (CSUR) 50(2), 30 (2017)
Zhenxue, W., Anming, Z., Yong, F., Xiaocong, O.: Information System Security Risk Estimation and Control Theory. Science Press, Beijing (2011)
Geers, K.: Strategic Cyberspace Security. CCD COE Publication, Estonia (2015)
Rongsheng, G.: Cyberspace Security Strategy. Aviation Industry Press, Beijing (2016)
Chuang, L., Yuanzhuo, W., Yang, W.: Network Security Analysis and Evaluation Based on Stochastic Game Model. Tsinghua University Press, Beijing (2011)
Tsai, C.L., Wu, T.H.: Information protection from network sniffing of bandwidths sharing. In: IEEE International Carnahan Conference on Security Technology, pp. 84–88 (2008)
Zhu, J., Chu, B., Lipford, H.: Detecting privilege escalation attacks through instrumenting web application source code. In: Proceedings of the 21st ACM on Symposium on Access Control Models and Technologies, pp. 73–80. ACM (2016)
Jensen, M., Gruschka, N., Herkenhoner, R., et al.: SOA and web services: new technologies, new standards – new attacks. In: European Conference on Web Services, pp. 35–44. IEEE (2007)
Kakavand, M., Mustapha, N., Mustapha, A., et al.: Towards a defense mechanism against REST-based web service attacks. Adv. Sci. Lett. 22(10), 2827–2831 (2016)
Zhang, H., Yi, Y., Wang, J., Cao, N., Duan, Q.: Network security situation awareness framework based on threat intelligence. CMC: Comput. Mater. Continua 56(3), 381–399 (2018)
Gruschka, N., Jensen, M., Dziuk, T.: Event-based application of WS-security policy on soap messages. In: ACM Workshop on Secure Web Services, pp. 1–8. ACM (2007)
Cheang, C.F., Wang, Y., Cai, Z., Xu, G.: Multi-VMs intrusion detection for cloud security using Dempster-Shafer theory. CMC: Comput. Mater. Continua 57(2), 297–306 (2018)
Attacking and Defending Web Services (2004). http://forumsystems.com/papers/Attacking-and-Defending-WS.pdf
Williams, C., Mobasher, B., Burke, R., et al.: Detection of obfuscated attacks in collaborative recommender systems. In: Proceedings of the ECAI 2006 Workshop on Recommender Systems, p. 94 (2006)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Liu, L., Huang, C., Fang, Y., Wang, Z. (2019). Network Attack and Defense Effectiveness Evaluation Based on Dematel Method. In: Sun, X., Pan, Z., Bertino, E. (eds) Artificial Intelligence and Security. ICAIS 2019. Lecture Notes in Computer Science(), vol 11634. Springer, Cham. https://doi.org/10.1007/978-3-030-24271-8_50
Download citation
DOI: https://doi.org/10.1007/978-3-030-24271-8_50
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-24270-1
Online ISBN: 978-3-030-24271-8
eBook Packages: Computer ScienceComputer Science (R0)