为了分析威胁传播对网络系统的影响,准确、全面地评估系统的安全性,并给出相应的加固方案,提出一种基于Markov博弈分析的网络安全态势感知方法通过对多传感器检测到的安全数据进行融合,得到资产、威胁和脆弱性的规范化数据;对每个威胁,分析其传播规律,建立相应的威胁传播网络:通过对威胁、管理员和普通用户的行为进行博弈分析,建立三方参与的Markov博弈模型,并对相关算法进行优化分析,使得评估过程能够实时运行.Markov博弈模型能够动态评估系统安全态势,并为管理员提供最佳的加固方案.通过对具体网络的测评分析表明,基于Markov博弈分析的方法符合实际应用,评估结果准确、有效,提供的加固方案可有效抑制威胁的扩散.%To analyze the influence of propagation on a network system and accurately evaluate system security, this paper proposes an approach to improve the awareness of network security, based on the Markov Game Model (MGM).This approach gains a standard data of assets, threats, and vulnerabilities via fusing a variety of system security data collected by multi-sensors.For every threat, it analyzes the rule of propagation and builds a threat propagation network (TPN).By using the Game Theory to analyze the behaviors of threats, administrators, and ordinary users, it establishes a three player MGM.In order to make the evaluation process a real-time operation, it optimizes the related algorithm.The MGM can dynamically evaluate system security situation and provide the best reinforcement schema for the administrator.The evaluation of a specific network indicates that the approach is suitable for a real network environment, and the evaluation result is precise and efficient.The reinforcement schema can effectively curb the propagation of threats.
展开▼
