Abstract
In the multistep attack scenario, each rational attack-defense player tries to maximize his payoff, but the uncertainty about his adversary prevents him from taking the favorable actions. How to select the best strategy from the candidate strategies to maximize the defense payoff becomes the core issue. For this purpose, the paper innovatively designs a game theory model from the point of network survivability in combination with the attribute attack graph. The attack graph is created based on the network connectivity and known vulnerabilities using the MulVAL toolkit, which gives the full view of all the known vulnerabilities and their interdependence. Then, we use the attack graph to extract attack-defense actions, candidate attack-defense strategies, attack-defense payoffs, and network states, as well as other game modeling elements. Afterwards, the payoffs of attack-defense strategies are quantified by integrating attack-defense strength and network survivability. In addition, we input the above elements into the game model. Through repeated learning, deduction, and improvement, we can optimize the layout of defense strategies. Finally, the efficient strategy selection approach is designed on the tradeoff between defense cost and benefit. The simulation of attack-defense confrontation in small-scale LAN shows that the proposed approach is reliable and effective.
Highlights
With the expansion of network scale as well as the increase of complexity and the continuous development of attack technology, it is impossible to absolutely prevent the network from being attacked
A large number of network key service nodes may meet the network attack, and the defender should provide enough network services to meet the normal operation of the network through conducting defense strategies. erefore, the strategy selecting both sides of attack-defense starts around the survivability of the network
This paper proposes a method of dynamic game strategy analysis about network survivability based on the attribute attack graph
Summary
With the expansion of network scale as well as the increase of complexity and the continuous development of attack technology, it is impossible to absolutely prevent the network from being attacked. Compared with the previous decision-making models based on the finite state machine, cybernetics, expert system, case reasoning, impact network, etc., which do not fully consider defense information and are only applicable to the analysis and statistics of simple attack-defense laws, the proposed dynamic attack-defense game model has better capability of interpretability. It can depict the adversary evolution process of complex multistep attack-defense scenarios and continuously guide the optimization and arrangement of defense strategies in the process of dynamic game between the two sides of attacker and defender.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
