Abstract
To solve the problems of incomplete network attack risk assessment and randomization of IP address hopping in dynamic defense, the optimal dynamic defense strategy selection method based on network attack surface evaluation is proposed. The network attack surface evaluation model based on the analytic hierarchy process (AHP) and cloud model is studied, and the attack surface evaluation index and its quantitative method are designed. A method for evaluating the global importance of host assets based on the K-CORE algorithm is proposed, and different hopping frequencies are set by the importance of host assets. Based on this, the IP address hopping offensive and defensive scenario is modeled, and an optimal hopping strategy selection method based on the dynamic game is proposed. The value of attack surface under different game conditions is used as the offensive and defensive gains parameter, and the solution is solved by refining the Bayesian Nash equilibrium, to achieve the optimal IP address hopping strategy selection. Experiments show that the proposed method can effectively calculate the optimal hopping strategy and provide meaningful support for improving dynamic defense capabilities.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
