论文信息 - Network Attack and Defense Effectiveness Evaluation Based on Dematel Method

Network Attack and Defense Effectiveness Evaluation Based on Dematel Method

Taking the strategy combination of attack and defense as the basic parameter, Dematel method (decision test and experiment evaluation method) is introduced to analyze the causal relationship between attack strategies and defense strategies by constructing the matrix of “expertise”. The method is used to calculate the effect of attack and defense strategies, compare the direct and indirect impact towards to target network system, thus achieve the purpose of assessing the overall impact of the offensive and defensive strategies on the target network system. Aiming at the attack and defense game theory based on Web service of a target network system, the attacker has four attack strategies: such as malicious code attack, denial of service attack. Defender has three defensive strategies: such as Web services security strategy defense, code reconstruction defense. The experimental results showed network defense in the network offensive and defensive system is the recipient of influence rather than those who are always in a passive position, cyber attacks are those who influence. Denial-of-service attacks are mainly those who affect the impact of the ability to resist other effects strong, the result is very important to study Web services-based network offensive and defensive game theory.

[1] Paul Watson,et al. Experiments Towards Adaptation of Concurrent Workflows , 2007, ECOWS 2007.

[2] Chase Qishi Wu,et al. A Survey of Game Theory as Applied to Network Security , 2010, 2010 43rd Hawaii International Conference on System Sciences.

[3] Aida Mustapha,et al. Towards a defense mechanism against REST-based web service attacks , 2016 .

[4] Yang Xiao,et al. Game Theory for Network Security , 2013, IEEE Communications Surveys & Tutorials.

[5] Shaolei Ren,et al. Game Theory for Cyber Security and Privacy , 2017, ACM Comput. Surv..

[6] Chang-Lung Tsai,et al. Information protection from network sniffing of bandwidths sharing , 2008, 2008 42nd Annual IEEE International Carnahan Conference on Security Technology.

[7] Quanyan Zhu,et al. Game theory meets network security and privacy , 2013, CSUR.

[8] Jun Zhu,et al. Detecting Privilege Escalation Attacks through Instrumenting Web Application Source Code , 2016, SACMAT.

[9] Nils Gruschka,et al. SOA and Web Services: New Technologies, New Standards - New Attacks , 2007, ECOWS 2007.

[10] Ning Cao,et al. Network Security Situation Awareness Framework based on Threat Intelligence , 2018 .

[11] Nils Gruschka,et al. Event-based application of ws-security policy on soap messages , 2007, SWS '07.

[12] Zhiping Cai,et al. Multi-VMs Intrusion Detection for Cloud Security Using Dempster-shafer Theory , 2018 .