Optimal Strategy for Cyberspace Mimic Defense Based on Game Theory

Chen, Zequan; Chen, Gang; Zhang, Lin; Yang, Xin; Li, Hui; Zhao, Yan; Ma, Chengtao; Sun, Tao

doi:10.1109/access.2021.3077075

Cited by 4 publications

(4 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…They evaluated the historical confidence of the executors by setting a sliding window, which can effectively improve the operating efficiency of the algorithm and the security of the system under non-uniform distributed cyber attacks. Moreover, by introducing dynamic game theory into the scheduling strategy, Zequan Chen et al [43] proposed a strategy that can balance the defense costs and system security. In this strategy, the number of executors will be dynamically adjusted according to the historical strategies of the attackers, which can reduce the defense cost of the system.…”

Section: ) Combining Differences and Historical Confidencementioning

confidence: 99%

An Optimal Seed Scheduling Strategy Algorithm Applied to Cyberspace Mimic Defense

Chen¹,

Qin

et al. 2021

IEEE Access

View full text Add to dashboard Cite

Cyberspace mimic defense (CMD) is an active defense theory that has emerged in recent years. By dynamically constructing and scheduling multiple executors, the CMD can not only effectively defend against security threats caused by unknown cyberspace weaknesses, but also improve the present situation of information asymmetry between attack and defense in cyberspace. However, as one of the key technologies of the CMD, the scheduling strategy algorithm still needs to be improved in real-time security, reliability, and universality, which has restricted the development and large-scale deployment of the CMD. To solve this problem, we propose an optimal seed scheduling strategy algorithm (OSSSA) in this paper. After using continuous-time Markov processes to mathematically analyze the model of the mimic defense system in cyberspace, we introduce the key factors and their evaluation methods that affecting the CMD defense performance in the OSSSA, then propose a reliable working mechanism of the OSSSA. Furthermore, we present an evaluation method that can effectively evaluate the defense performance of the scheduling algorithms. Experimental results from software simulations and real experiments both show that the OSSSA has better real-time defense performance than the current mainstream scheduling strategy algorithms, and can adapt to different practical application scenarios, which is helpful to the further development of the CMD.

show abstract

Section: ) Combining Differences and Historical Confidencementioning

confidence: 99%

An Optimal Seed Scheduling Strategy Algorithm Applied to Cyberspace Mimic Defense

Chen¹,

Qin

et al. 2021

IEEE Access

View full text Add to dashboard Cite

show abstract

“…Relying on the ability to make multifaceted decisions on power grid security issues, game theory is widely applied in the field of network security [9][10][11][12][13][14][15][16]. In [9], a security resource allocation game model is established to discuss the load redistribution attacks problem.…”

Section: Introductionmentioning

confidence: 99%

“…However, the model lacks in describing the cumulative profits in a dynamic, changing game process; ref. [13] establishes a Markov anti-attack model, compares the effectiveness of network space simulation defense under different attack types, and uses dynamic games with incomplete information to determine the optimal strategy; ref. [14] formulates a multistage optimization model for the deployment of a mobile target defense mechanism under a Markov decision, maximizing the profits under environmental constraints.…”

Section: Introductionmentioning

confidence: 99%

“…[14] formulates a multistage optimization model for the deployment of a mobile target defense mechanism under a Markov decision, maximizing the profits under environmental constraints. However, each iteration solution of [13,14] depends on the revenue in the current unit time, ignoring the previous revenue, bringing in an exponential increase in complex calculations; in [15], a Markovian-Stackelberg game is proposed to simulate the sequential actions of attackers and defenders, and a secure constrained optimal power flow is given, which preserves the safety margin of key components to minimize the power outage scale and potential future risks; in [16], the adversarial interaction of the attacker and defender is modeled as a resource-constrained game, and a linear-time algorithm is used to obtain the optimal defense strategy. However, the game process in the above works assumes that both sides (attacker and defender) of the game are in pure rationality.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Attack–Defense Confrontation Analysis and Optimal Defense Strategy Selection Using Hybrid Game Theoretic Methods

Jin,

Zhao,

Yuan

2024

Symmetry

View full text Add to dashboard Cite

False data injection attacks are executed in the electricity markets of smart grid systems for financial benefits. The attackers can maximize their profits through modifying the estimated transmission power and changing the prices of market electricity. As a response, defenders need to minimize expected load losses and generator trips through load and power generation adjustments. The selection of strategies of the attacking and defending sides turns out to be a symmetric game process. This article proposes a hybrid game theory method for analyzing the attack–defense confrontation: firstly, a micro-grid-based power market model considering false data injection attacks is established using the Nash equilibrium method; secondly, the attack–defense game function is constructed and solved via the Stackelberg equilibrium algorithm. The Markov game algorithm and distributed learning algorithm are used to update equilibrium function; finally, a dynamic game behavior model of the two players is constructed through simulating the attack–defense probability. The evolutionary game method is used to select the optimal defense strategy for dynamic probability changes. Modified IEEE standard bus systems are illustrated to certify the effectiveness of the proposed model.

show abstract