Username   Password       Forgot your password?  Forgot your username? 

An Analytical Method for Dynamic Evolution of Attack Process based on Markov Game 

Volume 13, Number 5, September 2017 - Paper 19 - pp. 763-774
DOI: 10.23940/ijpe.17.05.p19.763774

Weicheng Yan, Lingyan Li

School of Management, Xi’an University of Architecture & Technology, Xi’an 710055, Shaanxi, China

(Submitted on January 29, 2017; Revised on April 12, 2017; Accepted on July 23, 2017)


Because of the randomness of attacker and defender’s strategy selection, the state variation during the network attack process must be a random process. So, the network attack and defense process can be abstracted a confrontation of multi-state based on different gains matrix. This paper describes the random of attack and defense strategy selection with Markov decision, and extends the Markov game model from single-state to multi-state and multi-agent. After that, it proves the existence of equilibrium strategy and gives the solving method of nonlinear programming. Finally, deduction and simulation analysis of the practical example indicate that this model's method is correspond to the actual application and the evaluation result is accurate, so it can be used to have a more detailed simulation to network attack and defense process in reality.


References: 32

    1. M. Albanese, S. Jajodia and S. Noel, “Time-efficient and cost-effective network hardening using attack graphs”, in IEEE/IFIP International Conference on Dependable Systems and Networks, pp.1-12, 2012.
    2. X. J. Chen, B. X. Fang, Q. F. Tan and H. L. Zhang, “Inferring attack intent of malicious insider based on probabilistic attack graph model”, Chinese Journal of Computers, vol. 37, no.1, pp.62-72, 2014.
    3. Y. Y. Chen and H. C. Shu, “The algorithm model for cumulative vulnerability risk assessment”, International Journal of Internet Protocol Technology, vol. 8, no. 2, pp.150-157, 2014.
    4. P. Cheng, L. Wang, S. Jajodia and A. Singhal, “Aggregating CVSS Base Scores for Semantics-Rich Network Security Metrics”, Reliable Distributed Systems, vol.90, no.1, pp.31-40, 2012.
    5. M. Dacier. “Towards quantitative evaluation of computer security”, Ph. D. dissertation of Institute National Polytechniquede Toulouse, France, 1994.
    6. N. Feng, H. J. Wang and M. Li, “A security risk analysis model for information systems: Causal relationships of risk factors and vulnerability propagation analysis”, Information Sciences, vol. 256, no. 1, pp.57-73, 2014.
    7. X. Feng, D. Wang, M. Huang and J. Li, “A mining approach for causal knowledge in alert correlating based on the Markova property”, Journal of Computer Research & Development, vol. 51, no. 11, pp.2493-2504, 2014.
    8. L. Gao, J. Yang and G. Qin, “Methods for pattern mining in dynamic networks and applications”, Journal of Software, vol. 24, no. 9, pp.2042-2061, 2013.
    9. L. L. Hou, S. Y. Lao, Y. D. Xiao and B. Liang, “Recent progress in controllability of complex network”, Acta Physical Sinica, vol. 64, no. 18, pp.188901-188901, 2015.
    10. L. Hu, N. N. Xie, Nurbol, Z. Y. Liu and S. Chai, “A multi-stage attack scenario recognition algorithm based on intelligent planning”, Acta Electronica Sinica, vol. 41, no. 9, pp.1753-1759, 2013.
    11. W. Jiang, B. X. Fang, H. L. Zhang, “Evaluating Network Security and Optimal Active Defense Based on Attack-Defense Game Model”, Chinese Journal of Computers, vol. 4, no. 1, pp. 817-827, 2009.
    12. M. Keramati, A. Akbari, & M. Keramati, “CVSS-based security metrics for quantitative analysis of attack graphs”, in Proc. of International Conference on Computer and Knowledge Engineering, pp.178-183, 2013.
    13. Z. Y. Li, J. S. Wang, Y. Q. Xu and Y. M. Wang, “Complex network attack effect based on dynamic Bayesian network”, Journal of Nanjing university of Posts and Telecommunications (Natural Science Edition), vol.35, no.5, pp.67-73, 2015.
    14. W. X. Liu, K. F. Zheng, Y. Hu and B. Wu, “Approach of goal-oriented attack graph-based threat evaluation for network security”, Journal of Beijing University of Posts & Telecommunications, vol. 38, no. 1, pp.82-86, 2015.
    15. W. X. Liu, K. F. Zeng and B. Wu, “Alert processing based on attack graph and multi-source analyzing”, Journal of Communications, vol. 31, no. 9, pp.135-144, 2015.
    16. S. L. Luo, L. Zhang, L. Guo, G. L. Yan, Z. Liu and Y. P. Zhao, “An original effective method for modeling the attack tree”, Transactions of Beijing Institute of Technology, vol. 33, no. 5, pp.500-504, 2013.
    17. Z. Y. Luo, B. You, J. Z. Xu and Y. Liang, “Automatic recognition model of intrusive intention based on three layers attack graph”, Journal of Jilin University, vol. 44, no. 5, pp.1392-1397, 2014.
    18. C. Ma, C. Wang, D. Zhang, & Y. Li, “A dynamic network risk assessment model based on attacker's inclination”, Journal of Computer Research & Development, vol. 52, no. 9, pp.2056-2068, 2015.
    19. J. C. Ma, J. Y. Sun, Y. J. Wang, B. K. Zhao, & S. Chen, “Study of attack graph construction based on distributed parallel processing”, Acta Armamentarii, vol. 33, no. 1, pp.109-115, 2012.
    20. R. Ortalo, Y. Deswarte, M. Kaâniche, “Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security”, IEEE Transactions on Software Engineering, vol. 25, no. 5, pp. 633-650, 1999.
    21. N. Poolsappasit, R. Dewri and I. Ray, “Dynamic security risk management using Bayesian attack graphs”, IEEE Transactions on Dependable & Secure Computing, vol. 9, no. 1, pp.61-74, 2011.
    22. S. Roschke, F. Cheng and C. Meinel, “High-quality attack graph-based ids correlation”, Logic Journal of IGPL, vol. 21, no. 4, pp.571-591, 2013.
    23. J. E. Strutt, J. D. Patrick and N. D. E. Custance, “A risk assessment methodology for security advisors”, in Proc. of International Carnahan Conference on Security Technology, pp. 225-229, 1995.
    24. Z. H. Tian, Y. U. Xiang-Zhan, H. L. Zhang, & B. X. Fang, “A real-time network intrusion forensics method based on evidence reasoning network”, Chinese Journal of Computers, vol. 37, no. 5, pp.1184-1194, 2014.
    25. C., Wang Q. Miao, & Y. Dai, “Network survivability analysis based on stochastic game model”, Multimedia Information Networking and Security, vol. 48, no. 11, pp.99-104, 2012.
    26. L. D. Wang, “A quantitative computer system and network security risk assessment method”, Ph. D. dissertation of Harbin Institute of Technology, 2002.
    27. X. Wang, B. Sun, Y. Liao, & C. Xiang, “Computer network vulnerability assessment based on Bayesian attribute network”, Journal of Beijing University of Posts and Telecommunications, vol. 38, no. 4, pp.110-116, 2015.
    28. Y. Yun, X. Xu, Z. Qi, & X. Wu, “Attack graph generation algorithm for large-scale network system”, Journal of Computer Research & Development, vol. 50, no.10, pp.2133-2139, 2013.
    29. Q. Q. Zhou, F. Z. Zhang, W. Y. Liu, “Detecting unknown recommendation attacks based on bionic pattern recognition”, Ruan Jian XueBao/Journal of Software, vol. 25, no. 11, pp.2652−2665, 2014.
    30. Q. Zhou and F. Zhang, “Ensemble approach for detecting user profile attacks based on bionic pattern recognition”, Journal of Computer Research & Development, vol. 51, no. 4, pp.789-801, 2014.
    31. J. M. Zhu, B. Song and Q. F. Huang, “Evolution game model of offense-defense for network security based on system dynamics”, Journal on Communications, vol. 35, no. 1, pp.54-61, 2014.
    32. L. N. Zhu, Z. C. Zhang and L. Feng “Research on hierarchical network security threat situation assessment”, Application Research of Computers, vol. 28, no. 11, pp.4303-4302, 2012.



      Click here to download the paper.

      Please note : You will need Adobe Acrobat viewer to view the full articles.Get Free Adobe Reader

      This site uses encryption for transmitting your passwords.