Intelligent planning method for cyber defense strategies based on bounded rationality
Considering that network defense subjects were usually resource-constrained, an intelligent planning and au-tonomous implementation of network defense strategies under bounded rationality was studied considering the concept of intelligent confrontation.First, attack graph, general knowledge and doma...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2023-05-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2023091/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841539191347871744 |
|---|---|
| author | Yingze LIU Yuanbo GUO Chen FANG Yongfei LI Qingli CHEN |
| author_facet | Yingze LIU Yuanbo GUO Chen FANG Yongfei LI Qingli CHEN |
| author_sort | Yingze LIU |
| collection | DOAJ |
| description | Considering that network defense subjects were usually resource-constrained, an intelligent planning and au-tonomous implementation of network defense strategies under bounded rationality was studied considering the concept of intelligent confrontation.First, attack graph, general knowledge and domain-specific knowledge were fused to construct a network defense security ontology.On that basis, knowledge reasoning was utilized to recommend security defense strategies to better adapt to the security needs of protected network information assets and current attack threats.Finally, an autonomous planning and implementation of defense strategies was achieved under the constraints of limited network security defense resources and dynamic changes of network information assets with the help of bounded rationality.The example shows that the proposed method is robust under dynamic attacks.The experiments show that the defense effec-tiveness is improved by 5.6%~26.12% compared with existing game theory and attack graph-based methods against a typical APT attack. |
| format | Article |
| id | doaj-art-4f15f7b1e4234066be639a0903351edc |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2023-05-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-4f15f7b1e4234066be639a0903351edc2025-01-14T07:23:50ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2023-05-0144526359838117Intelligent planning method for cyber defense strategies based on bounded rationalityYingze LIUYuanbo GUOChen FANGYongfei LIQingli CHENConsidering that network defense subjects were usually resource-constrained, an intelligent planning and au-tonomous implementation of network defense strategies under bounded rationality was studied considering the concept of intelligent confrontation.First, attack graph, general knowledge and domain-specific knowledge were fused to construct a network defense security ontology.On that basis, knowledge reasoning was utilized to recommend security defense strategies to better adapt to the security needs of protected network information assets and current attack threats.Finally, an autonomous planning and implementation of defense strategies was achieved under the constraints of limited network security defense resources and dynamic changes of network information assets with the help of bounded rationality.The example shows that the proposed method is robust under dynamic attacks.The experiments show that the defense effec-tiveness is improved by 5.6%~26.12% compared with existing game theory and attack graph-based methods against a typical APT attack.http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2023091/cyber defensedefense strategy recommendationintelligent planningbounded rationalitysecurity ontology |
| spellingShingle | Yingze LIU Yuanbo GUO Chen FANG Yongfei LI Qingli CHEN Intelligent planning method for cyber defense strategies based on bounded rationality Tongxin xuebao cyber defense defense strategy recommendation intelligent planning bounded rationality security ontology |
| title | Intelligent planning method for cyber defense strategies based on bounded rationality |
| title_full | Intelligent planning method for cyber defense strategies based on bounded rationality |
| title_fullStr | Intelligent planning method for cyber defense strategies based on bounded rationality |
| title_full_unstemmed | Intelligent planning method for cyber defense strategies based on bounded rationality |
| title_short | Intelligent planning method for cyber defense strategies based on bounded rationality |
| title_sort | intelligent planning method for cyber defense strategies based on bounded rationality |
| topic | cyber defense defense strategy recommendation intelligent planning bounded rationality security ontology |
| url | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2023091/ |
| work_keys_str_mv | AT yingzeliu intelligentplanningmethodforcyberdefensestrategiesbasedonboundedrationality AT yuanboguo intelligentplanningmethodforcyberdefensestrategiesbasedonboundedrationality AT chenfang intelligentplanningmethodforcyberdefensestrategiesbasedonboundedrationality AT yongfeili intelligentplanningmethodforcyberdefensestrategiesbasedonboundedrationality AT qinglichen intelligentplanningmethodforcyberdefensestrategiesbasedonboundedrationality |