Optimal Strategy Selection for Moving Target Defense Based on Markov Game

With the evolution of the research on network moving target defense (MTD), the selection of optimal strategy has become one of the key problems in current research. Directed to the problem of the improper defensive strategy selection caused by inaccurately characterizing the attack and defense game in MTD, optimal strategy selection for MTD based on Markov game (MG) is proposed to balance the hopping defensive revenue and network service quality. On the one hand, traditional matrix game structure often fails to describe MTD confrontation accurately. To deal with this inaccuracy, MTD based on MG is constructed. Markov decision process is used to characterize the transition among network multi-states. Dynamic game is used to characterize the multi-phases of attack and defense in MTD circumstances. Besides, it converts all the attack and defense actions into the changes in attack surface or the ones in exploration surface, thus improving the universality of the proposed model. On the other hand, traditional models care little about defense cost in the process of optimal strategy selection. After comprehensively analyzing the impact of defense cost and defense benefit on the strategy selection, an optimal strategy selection algorithm is designed to prevent the deviation of the selected strategies from actual network conditions, thus ensuring the correctness of optimal strategy selection. Finally, the simulation and the deduction of the proposed approach are given in case study so as to demonstrate the feasibility and effectiveness of the proposed strategy optimal selection approach.

[1]  Sushil Jajodia,et al.  Moving Target Defense - Creating Asymmetric Uncertainty for Cyber Threats , 2011, Moving Target Defense.

[2]  Ehab Al-Shaer,et al.  Spatio-temporal Address Mutation for Proactive Cyber Agility against Sophisticated Attackers , 2014, MTD '14.

[3]  Sailik Sengupta,et al.  Moving Target Defense for Web Applications using Bayesian Stackelberg Games: (Extended Abstract) , 2016, AAMAS.

[4]  Ehab Al-Shaer,et al.  Adversary-aware IP address randomization for proactive agility against sophisticated attackers , 2015, 2015 IEEE Conference on Computer Communications (INFOCOM).

[5]  Laurent El Ghaoui,et al.  Robust Control of Markov Decision Processes with Uncertain Transition Matrices , 2005, Oper. Res..

[6]  Jeannette M. Wing,et al.  An Attack Surface Metric , 2011, IEEE Transactions on Software Engineering.

[7]  Michael P. Wellman,et al.  Empirical Game-Theoretic Analysis for Moving Target Defense , 2015, MTD@CCS.

[8]  William W. Streilein,et al.  On the Challenges of Effective Movement , 2014, MTD '14.

[9]  Juan F. Escobar,et al.  A Theory of Regular Markov Perfect Equilibria in Dynamic Stochastic Games: Genericity, Stability, and Purification , 2008 .

[10]  Samuel N. Hamilton,et al.  The Role of Game Theory in Information Warfare , 2002 .

[11]  Richard Colbaugh,et al.  Predictability-oriented defense against adaptive adversaries , 2012, 2012 IEEE International Conference on Systems, Man, and Cybernetics (SMC).

[12]  Li Jin,et al.  A Mining Approach for Causal Knowledge in Alert Correlating Based on the Markov Property , 2014 .

[13]  George Cybenko,et al.  No free lunch in cyber security , 2014, MTD '14.

[14]  Quanyan Zhu,et al.  Game-Theoretic Approach to Feedback-Driven Multi-stage Moving Target Defense , 2013, GameSec.

[15]  Adnane Addaim,et al.  Game Theory for Wireless Sensor Network Security , 2019, ICICT.

[16]  L. Shapley,et al.  Stochastic Games* , 1953, Proceedings of the National Academy of Sciences.

[17]  Demosthenis Teneketzis,et al.  Optimal Defense Policies for Partially Observable Spreading Processes on Bayesian Attack Graphs , 2015, MTD@CCS.

[18]  Pratyusa K. Manadhata,et al.  Game Theoretic Approaches to Attack Surface Shifting , 2013, Moving Target Defense.

[19]  Wen Gao,et al.  Evolving defense mechanism for future network security , 2015, IEEE Communications Magazine.

[20]  Guofei Gu,et al.  CloudRand : Building Heterogeneous and Moving-target Port Interfaces for Networked Systems , 2014 .

[21]  Scott A. DeLoach,et al.  Towards a Theory of Moving Target Defense , 2014, MTD '14.

[22]  Yuanzhuo Wang,et al.  Dynamic Optimization in Computer Systems and Computer Networks:Models, Solutions, and Applications , 2012 .

[23]  Radha Poovendran,et al.  A Game-Theoretic Approach to IP Address Randomization in Decoy-Based Cyber Defense , 2015, GameSec.

[24]  Scott A. DeLoach,et al.  A Theory of Cyber Attacks: A Step Towards Analyzing MTD Systems , 2015, MTD@CCS.

[25]  Azer Bestavros,et al.  Markov Modeling of Moving Target Defense Games , 2016, MTD@CCS.

[26]  Tan Xiao Network Security Situation Awareness Approach Based on Markov Game Model , 2011 .

[27]  Wei Hu,et al.  Moving target defense: state of the art and characteristics , 2016, Frontiers of Information Technology & Electronic Engineering.

[28]  Fenlin Liu,et al.  SDN-Based Double Hopping Communication against Sniffer Attack , 2016 .

[29]  Kevin M. Carter,et al.  A Game Theoretic Approach to Strategy Determination for Dynamic Platform Defenses , 2014, MTD '14.

[30]  Duohe Ma,et al.  Moving Target Network Defense Effectiveness Evaluation Based on Change-Point Detection , 2016 .