Intrusion tolerance is a new mechanism used to build secure computer networks. Therefore, it’s very important to analyze and evaluate the security performance of intrusion tolerant networks before intrusion tolerance is absolutely adopted. Thus, a security analysis model of intrusion tolerant systems based on game theory is proposed in this paper. According to the analysis model, the processes between attacking and tolerating intrusions are considered as a two-player zero-sum stochastic game, in which the optimal action strategies and expected payoffs of the two parties are studied. By using the study results, this paper analyzes the availability, confidentiality and integrality of intrusion-tolerance systems from the perspective of mean time to failure. Meanwhile, it analyzes the factors that will affect the attackers’ choices about action strategies, and obtains the relationships between attack will, payoff and action strategy. The results present the underlying interconnections between intrusion tolerant systems and attackers, which will provide helpful references to withstand the network attacks and intrusions.% 入侵容忍是一种新的网络安全方法,在其被接受能为系统提供保护之前,分析和评估它的安全性能是非常重要的。该文提出基于博弈论的入侵容忍系统安全性分析模型,将网络攻击和入侵容忍之间的过程抽象为一个2人零和随机博弈。通过对博弈双方的最优行动策略和预期收益的研究,从安全属性平均失效时间的角度分析了入侵容忍系统的可用性、机密性和完整性,同时对影响攻击者选择行动策略的因素进行了分析,得出了攻击意愿、行动收益和行动策略之间的相互关系。研究结果揭示了入侵容忍系统与攻击者之间的内在联系,为更好地防御网络攻击和入侵提供了决策依据。
展开▼
