A Game Model of APT Attack for Distributed Network

Considering the lack of theoretical analysis for distributed network under APT (advanced persistent threat) attacks, a game model was proposed to solve the problem based on APT attack path. Firstly, this paper analyzed the attack paths of attackers and proposed the defensive framework of network security by analyzing the characteristics of the APT attack and the distributed network structure. Secondly, OAPG(an attack path prediction model oriented to APT) was established from the value both the attacker and the defender based on game theory, besides, this paper calculated the game equilibrium and generated the maximum revenue path of the attacker, and then put forward the best defensive strategy for defender. Finally, this paper validated the model by an instance of APT attack, the calculated results showed that the model can rational analyze the attacker and defender from the attack path, and can provide a reasonable defense scheme for organizations that use distributed networks.

[1]  Ming Zhang,et al.  A Game Theoretic Model for Defending Against Stealthy Attacks with Limited Resources , 2015, GameSec.

[2]  Gábor Horváth,et al.  FlipThem: Modeling Targeted Attacks with FlipIt for Multiple Resources , 2014, GameSec.

[3]  Prasant Mohapatra,et al.  Stealthy attacks meets insider threats: A three-player game model , 2015, MILCOM 2015 - 2015 IEEE Military Communications Conference.

[4]  Quanyan Zhu,et al.  GADAPT: A Sequential Game-Theoretic Framework for Designing Defense-in-Depth Strategies Against Advanced Persistent Threats , 2016, GameSec.

[5]  Quanyan Zhu,et al.  Flip the Cloud: Cyber-Physical Signaling Games in the Presence of Advanced Persistent Threats , 2015, GameSec.

[6]  Ronald L. Rivest,et al.  FlipIt: The Game of “Stealthy Takeover” , 2012, Journal of Cryptology.

[7]  Stefan Rass,et al.  Defending Against Advanced Persistent Threats Using Game-Theory , 2017, PloS one.

[8]  Quanyan Zhu,et al.  Game-Theoretic Methods for Robustness, Security, and Resilience of Cyberphysical Control Systems: Games-in-Games Principle for Optimal Cross-Layer Resilient Control Systems , 2015, IEEE Control Systems.

[9]  Lidong Zhai,et al.  A Game Model for Predicting the Attack Path of APT , 2014, 2014 IEEE 12th International Conference on Dependable, Autonomic and Secure Computing.

[10]  Ananthram Swami,et al.  Stealthy attacks with insider information: A game theoretic model with asymmetric feedback , 2016, MILCOM 2016 - 2016 IEEE Military Communications Conference.

[11]  Jong Hyuk Park,et al.  A comprehensive study on APT attacks and countermeasures for future networks and communications: challenges and solutions , 2019, The Journal of Supercomputing.

[12]  Ronald L. Rivest,et al.  Defending against the Unknown Enemy: Applying FlipIt to System Security , 2012, GameSec.