计算机应用 ›› 2015, Vol. 35 ›› Issue (4): 968-971.DOI: 10.11772/j.issn.1001-9081.2015.04.0968

• 信息安全 • 上一篇    下一篇

基于博弈论的网络服务提供商出口检测策略分析

卜俊蓉1, 冯丽萍2, 石琼1, 宋礼鹏1   

  1. 1. 中北大学 计算机与控制工程学院, 太原 030051;
    2. 忻州师范学院 计算机系, 山西 忻州 034000
  • 收稿日期:2014-10-25 修回日期:2014-12-30 出版日期:2015-04-10 发布日期:2015-04-08
  • 通讯作者: 卜俊蓉
  • 作者简介:卜俊蓉(1990-),女,山西灵石人,硕士研究生,主要研究方向:网络病毒建模与防御; 冯丽萍(1976-),女,山西宁武人,副教授,博士,CCF会员,主要研究方向:网络安全、复杂网络、动力系统; 石琼(1979-),女,山西太原人,讲师,主要研究方向:无线传感器网络安全; 宋礼鹏(1975-),男,山西文水人,副教授,博士,CCF会员,主要研究方向:网络安全、社会网络分析及计算。
  • 基金资助:

    国家自然科学基金资助项目(61379125);山西省自然科学基金资助项目(2012011015-3);山西省高校科技创新项目(2013148, 2014143)。

Analysis of egress detection strategy of Internet service provider based on game theory

BU Junrong1, FENG Liping2, SHI Qiong1, SONG Lipeng1   

  1. 1. School of Computer and Control Engineering, North University of China, Taiyuan Shanxi 030051, China;
    2. Department of Computer Science, Xinzhou Normal University, Xinzhou Shanxi 034000, China
  • Received:2014-10-25 Revised:2014-12-30 Online:2015-04-10 Published:2015-04-08

摘要:

网络服务提供商(ISP)作为网络信息的汇聚者和分发者是最佳的网络病毒防御方。但ISP出于对成本和代价的考虑,通常只检测流入信息而忽略流出信息。为此,对ISP在整个网络中所采取的安全措施进行了分析,提出了出口检测策略,以期对ISP进行策略选择提供参考。该方法的主要思路为:首先,建立了ISP与攻击者之间的博弈模型和网络病毒传播模型;其次,在考虑网络病毒动态传播的情况下,分析了ISP的出口检测策略变化对病毒传播的影响。理论分析表明:当不采取出口检测时,ISP自身被入侵的风险会增大;当采取出口检测时,不仅ISP自身的收益会提高,而且有助于提高整个网络的安全性。通过Matlab仿真实验验证了理论分析的正确性。

关键词: 网络服务提供商, 网络病毒, 博弈模型, 病毒传播模型, 出口检测

Abstract:

Internet Service Provider (ISP), as the convergers and distributors of network information, is the best network virus defender. However, ISP usually would like to detect the ingress information while ignoring the egress information according to the cost. The security measures for ISP in the whole network were analyzed and the strategy of egress detection was presented to provide reference for ISP's selection of strategies. First, the game model between ISP and attackers and the spreading model of network virus were proposed. Secondly, the impacts of the strategies selected by ISP on the spreading of virus were analyzed when the dynamical spreading of network virus was considered. The results show that ISP will face an increase in invasion risk when it does not take egress detection, however the adoption of egress detection can improve not only the ISP's own utility, but also the security of the whole network. The validity of the theoretical results was verified by Matlab simulation.

Key words: Internet Service Provider (ISP), network virus, game model, virus spreading model, egress detection

中图分类号: