Intelligent planning method for cyber defense strategies based on bounded rationality
Considering that network defense subjects were usually resource-constrained, an intelligent planning and au-tonomous implementation of network defense strategies under bounded rationality was studied considering the concept of intelligent confrontation.First, attack graph, general knowledge and doma...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2023-05-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2023091/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Considering that network defense subjects were usually resource-constrained, an intelligent planning and au-tonomous implementation of network defense strategies under bounded rationality was studied considering the concept of intelligent confrontation.First, attack graph, general knowledge and domain-specific knowledge were fused to construct a network defense security ontology.On that basis, knowledge reasoning was utilized to recommend security defense strategies to better adapt to the security needs of protected network information assets and current attack threats.Finally, an autonomous planning and implementation of defense strategies was achieved under the constraints of limited network security defense resources and dynamic changes of network information assets with the help of bounded rationality.The example shows that the proposed method is robust under dynamic attacks.The experiments show that the defense effec-tiveness is improved by 5.6%~26.12% compared with existing game theory and attack graph-based methods against a typical APT attack. |
|---|---|
| ISSN: | 1000-436X |