The Experts below are selected from a list of 29223 Experts worldwide ranked by ideXlab platform
Pla Information - One of the best experts on this subject based on the ideXlab platform.
-
A Proactive Network Defense Model Based on Selfadaptive End Hopping
Journal of Electronics Information & Technology, 2015Co-Authors: Pla InformationAbstract:End hopping technology is one of the hot research domains in the field of proactive Network Defense. An end hopping model based on fixed time slot under the fixed policy is established. The Defense gains decline caused by fixed hopping period and the service loss caused by data packet loss on hopping boundary are analyzed. The real-time Network anomaly assessment algorithm based on the fusion of nonextensive entropy and Sibson entropy is proposed. Then, the selfadaptive end hopping period and space policy based on the proposed algorithm are designed and the proactive Network Defense model is constructed which improves the Defense gains. Furthermore, Hopping period stretching policy based on Network delay prediction is proposed to ensure the service quality on hopping boundary. Theoretical analysis and simulation results show the effectiveness and good service of the proposed model in Network Defense.
-
an ipv6 proactive Network Defense model based on multi homing hopping
Journal of Electronics Information & Technology, 2012Co-Authors: Pla InformationAbstract:Utilized the multi-homing in IPv6,motivated by the idea of frequency hopping communications,multi-homing hopping conception is proposed which can increase the address search space and difficulty of traffic monitoring for attackers by changing the host node address in multiple address domains dynamically.An active Defense model is established based on multi-homing hopping.The double random address generation algorithm is proposed which ensured the IP address of the host scattered in multiple address domains randomly.Two address handoff tactics are proposed which ensure the continuance and efficiency of communication.Host address security and traffic security are analyzed.The performance and function of the proposed model are evaluated empirically.The results show that multi-homing hopping based IPv6 proactive Network Defense model can effectively enhance the attacker overhead and protect the Network.
Jin-dong Wang - One of the best experts on this subject based on the ideXlab platform.
-
attack Defense differential game model for Network Defense strategy selection
IEEE Access, 2019Co-Authors: Heng-wei Zhang, Jin-dong Wang, Lv Jiang, Shirui Huang, Yuchen ZhangAbstract:The existing game-theoretic approaches for Network security problems mostly use the static game or the multi-stage dynamic game. However, these researches can not meet the timeliness requirment to analyze the Network attack and Defense. It is better to regard the attack and Defense as a dynamic and real-time process, in which way the rapidity and continuity of Network confrontation can be described more precisely. Referring to the epidemic model SIR, we formulated the novel model NIRM to analyze the evolution of Network security states. Based on the mentioned above, the attack-Defense differential game model was constructed by introducing the differential game theory. Then we figured out the solution of saddle-point strategies in the game. By analyzing the game equilibrium, the algorithm of optimal Defense strategies selection in the real-time confrontation was designed, which is more targeted and has greater timeliness. Finally by simulation experiments, we demonstrated the validity of the model and method proposed in this paper, and drew some instructive conclusions on Network Defense deployment.
-
ICCCS (5) - Network Defense Decision-Making Method Based on Stochastic Differential Game Model
Cloud Computing and Security, 2018Co-Authors: Shirui Huang, Jin-dong Wang, Heng-wei Zhang, Huang JianmingAbstract:In the actual Network attack and Defense, the attack-Defense behaviors generally change dynamically and continuously. Besides, since kinds of random disturbance is inevitable, the evolution of Network security state actually is random. To model and analyze Network security problems more accurately, we used the Gaussian white noise to describe the random disturbance. Then from the perspective of real-time attack and Defense, we characterized the random and continuous evolution of Network security state referring to dynamic epidemical model and the Ito stochastic differential equations. Based on previous statements, the attack and Defense stochastic differential game model was constructed, and the saddle point strategy for the game was proposed. Additionally, we designed an optimal Defense strategy selection algorithm to achieve real-time selection of the optimal Defense strategies in continuous and random attack-Defense process, which has greater timeliness and accuracy. Finally, simulations demonstrated that the proposed model and method are valid, and we offered specific recommendations for Network Defense based on the experimental data.
-
Markov Differential Game for Network Defense Decision-Making Method
IEEE Access, 2018Co-Authors: Shirui Huang, Jin-dong Wang, Heng-wei Zhang, Huang JianmingAbstract:While Network attack and Defense are experiencing a rapid change, the current research achievements of Network security based on traditional game theory fail to characterize the real-time performance of the actual Network attack–Defense process accurately. Furthermore, all kinds of disturbance and accidental factors would affect the evolution of the Network security state. Therefore, to tackle with the randomness of Network security state and the high dynamic of Network Defense decision making, we analyzed the attack–Defense behaviors from the perspectives of dynamic and real-time confrontation. Then we constructed the Markov attack–Defense differential game model for the dynamic analysis to predict multi-stage continuous attack–Defense process by combining differential game models and the Markov decision-making method. In addition, according to the discounted total payoffs of attack–Defense game, we designed the objective function of the game. Based on previous statements, we proposed the multi-stage game equilibrium solution and designed the optimal Defense strategy selection algorithm. Finally, we conducted simulations to demonstrate that the proposed model and method could shed some light to the real-time interplay of decision making between attack and Defense.
-
Network Defense strategy selection based on best-response dynamic evolutionary game model
2017 IEEE 2nd Advanced Information Technology Electronic and Automation Control Conference (IAEAC), 2017Co-Authors: Jian-ming Huang, Jin-dong Wang, Heng-wei Zhang, Na WangAbstract:Since traditional game theory applying to Network attack and Defense has the restriction of complete rational, we establish non-cooperative evolutionary game model of Network attack and Defense on the premise of bounded rationality, and solved by the replicator dynamic equations. For the strategy learning evolution process of defender, we use the Best-response dynamic learning mechanism to establish the dynamic evolutionary game model between defenders, which can analyze the dynamic evolution process and Defense evolution equilibrium point of defending strategy selection. Then, we summarize the evolution laws of Network Defense strategy selection under bounded rationality. The validity of the model and method is validated by system simulation.
-
Markov Evolutionary Games for Network Defense Strategy Selection
IEEE Access, 2017Co-Authors: Jian-ming Huang, Heng-wei Zhang, Jin-dong WangAbstract:Since the characteristics of opposite objectives, non-cooperation relationship, and dependent strategies of Network attack and Defense are highly consistent with game theory, researching the decision-making methods of Network Defense and applying the game models to analyze the Network attack-Defense behaviors has been of concern in recent years. However, most of the research achievements regarding to the game models are based on the hypothesis that both the two sides' players are completely rational, which is hard to meet. Therefore, we combined the evolutionary game theory and Markov decisionmaking process to construct a multi-stage Markov evolutionary game model for Network attack-Defense analysis, in view of the bounded rationality constraint. The model, based on the non-cooperative evolutionary game theory, could accomplish dynamic analysis and deduction for the multi-stage and multi-state Network attack-Defense process. In addition, an objective function with discounted total payoffs was designed by analyzing payoff characteristics of the multi-stage evolutionary game, which is more consistent with the reality of Network attack and Defense. Besides, the solving method for multi-stage game equilibrium was proposed on the basis of calculating the single-stage evolutionary game equilibrium. In addition, an algorithm for optimal Defense strategy of the multi-stage evolutionary games was given. Finally, the experiments showed the high effectiveness and validity of the model and method that has a guiding significance for the Network attack and Defense.
Heng-wei Zhang - One of the best experts on this subject based on the ideXlab platform.
-
attack Defense differential game model for Network Defense strategy selection
IEEE Access, 2019Co-Authors: Heng-wei Zhang, Jin-dong Wang, Lv Jiang, Shirui Huang, Yuchen ZhangAbstract:The existing game-theoretic approaches for Network security problems mostly use the static game or the multi-stage dynamic game. However, these researches can not meet the timeliness requirment to analyze the Network attack and Defense. It is better to regard the attack and Defense as a dynamic and real-time process, in which way the rapidity and continuity of Network confrontation can be described more precisely. Referring to the epidemic model SIR, we formulated the novel model NIRM to analyze the evolution of Network security states. Based on the mentioned above, the attack-Defense differential game model was constructed by introducing the differential game theory. Then we figured out the solution of saddle-point strategies in the game. By analyzing the game equilibrium, the algorithm of optimal Defense strategies selection in the real-time confrontation was designed, which is more targeted and has greater timeliness. Finally by simulation experiments, we demonstrated the validity of the model and method proposed in this paper, and drew some instructive conclusions on Network Defense deployment.
-
ICCCS (5) - Network Defense Decision-Making Method Based on Stochastic Differential Game Model
Cloud Computing and Security, 2018Co-Authors: Shirui Huang, Jin-dong Wang, Heng-wei Zhang, Huang JianmingAbstract:In the actual Network attack and Defense, the attack-Defense behaviors generally change dynamically and continuously. Besides, since kinds of random disturbance is inevitable, the evolution of Network security state actually is random. To model and analyze Network security problems more accurately, we used the Gaussian white noise to describe the random disturbance. Then from the perspective of real-time attack and Defense, we characterized the random and continuous evolution of Network security state referring to dynamic epidemical model and the Ito stochastic differential equations. Based on previous statements, the attack and Defense stochastic differential game model was constructed, and the saddle point strategy for the game was proposed. Additionally, we designed an optimal Defense strategy selection algorithm to achieve real-time selection of the optimal Defense strategies in continuous and random attack-Defense process, which has greater timeliness and accuracy. Finally, simulations demonstrated that the proposed model and method are valid, and we offered specific recommendations for Network Defense based on the experimental data.
-
Markov Differential Game for Network Defense Decision-Making Method
IEEE Access, 2018Co-Authors: Shirui Huang, Jin-dong Wang, Heng-wei Zhang, Huang JianmingAbstract:While Network attack and Defense are experiencing a rapid change, the current research achievements of Network security based on traditional game theory fail to characterize the real-time performance of the actual Network attack–Defense process accurately. Furthermore, all kinds of disturbance and accidental factors would affect the evolution of the Network security state. Therefore, to tackle with the randomness of Network security state and the high dynamic of Network Defense decision making, we analyzed the attack–Defense behaviors from the perspectives of dynamic and real-time confrontation. Then we constructed the Markov attack–Defense differential game model for the dynamic analysis to predict multi-stage continuous attack–Defense process by combining differential game models and the Markov decision-making method. In addition, according to the discounted total payoffs of attack–Defense game, we designed the objective function of the game. Based on previous statements, we proposed the multi-stage game equilibrium solution and designed the optimal Defense strategy selection algorithm. Finally, we conducted simulations to demonstrate that the proposed model and method could shed some light to the real-time interplay of decision making between attack and Defense.
-
Network Defense strategy selection based on best-response dynamic evolutionary game model
2017 IEEE 2nd Advanced Information Technology Electronic and Automation Control Conference (IAEAC), 2017Co-Authors: Jian-ming Huang, Jin-dong Wang, Heng-wei Zhang, Na WangAbstract:Since traditional game theory applying to Network attack and Defense has the restriction of complete rational, we establish non-cooperative evolutionary game model of Network attack and Defense on the premise of bounded rationality, and solved by the replicator dynamic equations. For the strategy learning evolution process of defender, we use the Best-response dynamic learning mechanism to establish the dynamic evolutionary game model between defenders, which can analyze the dynamic evolution process and Defense evolution equilibrium point of defending strategy selection. Then, we summarize the evolution laws of Network Defense strategy selection under bounded rationality. The validity of the model and method is validated by system simulation.
-
Markov Evolutionary Games for Network Defense Strategy Selection
IEEE Access, 2017Co-Authors: Jian-ming Huang, Heng-wei Zhang, Jin-dong WangAbstract:Since the characteristics of opposite objectives, non-cooperation relationship, and dependent strategies of Network attack and Defense are highly consistent with game theory, researching the decision-making methods of Network Defense and applying the game models to analyze the Network attack-Defense behaviors has been of concern in recent years. However, most of the research achievements regarding to the game models are based on the hypothesis that both the two sides' players are completely rational, which is hard to meet. Therefore, we combined the evolutionary game theory and Markov decisionmaking process to construct a multi-stage Markov evolutionary game model for Network attack-Defense analysis, in view of the bounded rationality constraint. The model, based on the non-cooperative evolutionary game theory, could accomplish dynamic analysis and deduction for the multi-stage and multi-state Network attack-Defense process. In addition, an objective function with discounted total payoffs was designed by analyzing payoff characteristics of the multi-stage evolutionary game, which is more consistent with the reality of Network attack and Defense. Besides, the solving method for multi-stage game equilibrium was proposed on the basis of calculating the single-stage evolutionary game equilibrium. In addition, an algorithm for optimal Defense strategy of the multi-stage evolutionary games was given. Finally, the experiments showed the high effectiveness and validity of the model and method that has a guiding significance for the Network attack and Defense.
Brian H. Trammell - One of the best experts on this subject based on the ideXlab platform.
-
Transport of Real-time Inter-Network Defense (RID) Messages over HTTP/TLS
2012Co-Authors: Brian H. TrammellAbstract:The Incident Object Description Exchange Format (IODEF) defines a common XML format for document exchange, and Real-time Inter-Network Defense (RID) defines extensions to IODEF intended for the cooperative handling of security incidents within consortia of Network operators and enterprises. This document specifies an application-layer protocol for RID based upon the passing of RID messages over HTTP/TLS. [STANDARDS-TRACK]
-
Transport of Real-time Inter-Network Defense (RID) Messages
2010Co-Authors: Kathleen M. Moriarty, Brian H. TrammellAbstract:The Incident Object Description Exchange Format (IODEF) defines a common XML format for document exchange, and Real-time Inter-Network Defense (RID) defines extensions to IODEF intended for the cooperative handling of security incidents within consortia of Network operators and enterprises. This document specifies a transport protocol for RID based upon the passing of RID messages over HTTP/TLS (Transport Layer Security). This document is not an Internet Standards Track specification; it is published for informational purposes.
Kathleen M. Moriarty - One of the best experts on this subject based on the ideXlab platform.
-
Real-time Inter-Network Defense (RID)
2010Co-Authors: Kathleen M. MoriartyAbstract:Security incidents, such as system compromises, worms, viruses, phishing incidents, and denial of service, typically result in the loss of service, data, and resources both human and system. Service providers and Computer Security Incident Response Teams need to be equipped and ready to assist in communicating and tracing security incidents with tools and procedures in place before the occurrence of an attack. Real-time Inter-Network Defense (RID) outlines a proactive inter-Network communication method to facilitate sharing incident handling data while integrating existing detection, tracing, source identification, and mitigation mechanisms for a complete incident handling solution. Combining these capabilities in a communication system provides a way to achieve higher security levels on Networks. Policy guidelines for handling incidents are recommended and can be agreed upon by a consortium using the security recommendations and considerations.
-
Transport of Real-time Inter-Network Defense (RID) Messages
2010Co-Authors: Kathleen M. Moriarty, Brian H. TrammellAbstract:The Incident Object Description Exchange Format (IODEF) defines a common XML format for document exchange, and Real-time Inter-Network Defense (RID) defines extensions to IODEF intended for the cooperative handling of security incidents within consortia of Network operators and enterprises. This document specifies a transport protocol for RID based upon the passing of RID messages over HTTP/TLS (Transport Layer Security). This document is not an Internet Standards Track specification; it is published for informational purposes.
