APT攻击下的无线通信网络最优主动防御决策模型

孟勐; 王丹妮; 吕军; 张福良

doi:10.11959/j.issn.1000-0801.2024020

您当前的位置：

首页 >

文章列表页 >

APT攻击下的无线通信网络最优主动防御决策模型

研究与开发 | 更新时间：2024-06-05

- APT攻击下的无线通信网络最优主动防御决策模型
- Optimal active defense decision model of wireless communication network under APT attack
- 电信科学 2024年40卷第2期页码：47-55
- 作者机构：
- 作者简介：
  
  [ "孟勐（1991- ），男，国网辽宁省电力有限公司信息通信分公司工程师，主要研究方向为网络安全防御决策、漏洞挖掘等" ]
  [ "王丹妮（1986- ），女，国网辽宁省电力有限公司信息通信分公司高级工程师，主要研究方向为网络安全前沿技术、技防体系建设等" ]
  [ "吕军（1987- ），男，国网辽宁省电力有限公司信息通信分公司高级工程师，主要研究方向为网络与信息安全" ]
  [ "张福良（1989- ），男，国网辽宁省电力有限公司信息通信分公司高级工程师，主要研究方向为数据挖掘与分析" ]
- 基金信息：
  
  国网辽宁省电力有限公司科技项目Science and Technology Project of State Grid Liaoning Electric Power Co., Ltd.(2022YF-101)
- DOI：10.11959/j.issn.1000-0801.2024020
  中图分类号： TP393
- 网络出版日期：2024-02，
  
  纸质出版日期：2024-02-20
- 稿件说明：
移动端阅览
孟勐, 王丹妮, 吕军, 等. APT攻击下的无线通信网络最优主动防御决策模型[J]. 电信科学, 2024,40(2):47-55.

Meng MENG, Danni WANG, Jun LYU, et al. Optimal active defense decision model of wireless communication network under APT attack[J]. Telecommunications science, 2024, 40(2): 47-55.
孟勐, 王丹妮, 吕军, 等. APT攻击下的无线通信网络最优主动防御决策模型[J]. 电信科学, 2024,40(2):47-55. DOI： 10.11959/j.issn.1000-0801.2024020.

Meng MENG, Danni WANG, Jun LYU, et al. Optimal active defense decision model of wireless communication network under APT attack[J]. Telecommunications science, 2024, 40(2): 47-55. DOI： 10.11959/j.issn.1000-0801.2024020.

摘要

最优主动防御决策可以保障无线通信网络的安全稳定性，为了提高无线通信网络的防御效果，提出了APT攻击下的无线通信网络最优主动防御决策模型。关联无线通信网络日志，构建APT攻击对象集合，通过反馈相容系数计算APT攻击事件的绝对相容度，并预测APT攻击行为。基于APT攻击源对无线通信网络攻击的信道带宽，获取无线通信网络受到APT攻击的位置，利用无线通信网络节点的权值系数，提取无线通信网络的APT攻击特征。利用攻防图，计算得到APT攻击对无线通信网络的损害程度，通过定义无线通信网络的安全状态，构建了无线通信网络最优主动防御决策模型。实验结果表明，所提模型在防御无线通信网络的APT攻击时，可以将攻击数据包拒包率和吞吐量分别提高到90%以上和16 000 bit/s以上，并且时延较低，具有更好的防御效果。

Abstract

The optimal active defense decision can ensure the security and stability of wireless communication networks.In order to improve the defense effectiveness of wireless communication networks

an optimal active defense decision model for wireless communication networks under APT attacks was proposed.Wireless communication network logs were associated

a set of APT attack objects were constructed

the absolute compatibility of APT attack events was calculated through feedback compatibility coefficients

and APT attack behaviors were predicted.Based on the channel bandwidth of APT attack sources on wireless communication networks

the location of the wireless communication network being attacked by APT was obtained

and the weight coefficients of wireless communication network nodes were used to extract the APT attack characteristics of the wireless communication network.Using the attack and defense diagram

the degree of damage caused by APT attacks to wireless communication networks was calculated.By defining the security status of wireless communication networks

an optimal active defense decision model for wireless communication networks was constructed.The experimental results show that the proposed model can increase the packet rejection rate and throughput of attack packets to over 90% and 16 000 bit/s respectively when defending against APT attacks in wireless communication networks

with lower time delay and better defense effectiveness.

关键词

Keywords

references

胡永进 , 马骏 , 郭渊博 , 等 . 基于多阶段网络欺骗博弈的主动防御研究 [J ] . 通信学报 , 2020 , 41 ( 8 ): 32 - 42 .

HU Y J , MA J , GUO Y B , et al . Research on active defense based on multi-stage cyber deception game [J ] . Journal on Communications , 2020 , 41 ( 8 ): 32 - 42 .

HUANG Y , WANG W , JIANG T , et al . Detecting colluding sybil attackers in robotic networks using backscatters [J ] . IEEE/ACM Transactions on Networking , 2021 , 29 ( 2 ): 793 - 804 .

CHEN Z X , LU Y Q , QIN J C , et al . An optimal seed scheduling strategy algorithm applied to cyberspace mimic defense [J ] . IEEE Access , 2021 ( 9 ): 129032 - 129050 .

李静轩 , 朱俊虎 , 邱菡 , 等 . 基于非零和随机博弈的 APT 攻击主动防御策略选取 [J ] . 计算机应用研究 , 2020 , 37 ( 10 ): 3071 - 3076 , 3111 .

LI J X , ZHU J H , QIU H , et al . Active defense strategy selection for anti-APT attack based on non-zero-sum stochastic game [J ] . Application Research of Computers , 2020 , 37 ( 10 ): 3071 - 3076 , 3111 .

王增光 , 卢昱 , 李玺 . 基于不完全信息博弈的军事信息网络主动防御策略选取 [J ] . 兵工学报 , 2020 , 41 ( 3 ): 608 - 617 .

WANG Z G , LU Y , LI X . Active defense strategy selection of military information network based on incomplete information game [J ] . Acta Armamentarii , 2020 , 41 ( 3 ): 608 - 617 .

王小平 , 周问 , 刘博 . 三体对抗策略的预警机主动防御最优协同制导算法 [J ] . 空军工程大学学报(自然科学版) , 2020 , 21 ( 2 ): 16 - 23 .

WANG X P , ZHOU W , LIU B . A design of active defense optimal collaborative guidance algorithm for active defense of early warning aircraft based on three-body confrontation strategy [J ] . Journal of Air Force Engineering University (Natural Science Edition) , 2020 , 21 ( 2 ): 16 - 23 .

黄万伟 , 袁博 , 王苏南 , 等 . 基于非零和信号博弈的主动防御模型 [J ] . 郑州大学学报(工学版) , 2022 , 43 ( 1 ): 90 - 96 .

HUANG W W , YUAN B , WANG S N , et al . Proactive defense model based on non-zero-sum signal game [J ] . Journal of Zhengzhou University (Engineering Science) , 2022 , 43 ( 1 ): 90 - 96 .

田锋 , 周安民 , 刘亮 , 等 . ARS：基于文件行为的勒索软件主动防御技术研究 [J ] . 四川大学学报(自然科学版) , 2021 , 58 ( 2 ): 97 - 105 .

TIAN F , ZHOU A M , LIU L , et al . ARS:research on proactive defense technology of ransomware based on file behavior [J ] . Journal of Sichuan University (Natural Science Edition) , 2021 , 58 ( 2 ): 97 - 105 .

王丹妮 , 陈伟 , 羊洋 , 等 . 基于高斯增强和迭代攻击的对抗训练防御方法 [J ] . 计算机科学 , 2021 , 48 ( S1 ): 509 - 513 , 537 .

WANG D N , CHEN W , YANG Y , et al . Countermeasure training defense method based on Gaussian enhancement and iterative attack [J ] . Computer Science , 2021 , 48 ( S1 ): 509 - 513 , 537 .

尚立 , 陈明 , 张磊 , 等 . SDN中基于机器学习的DDoS攻击协同防御 [J ] . 电力系统保护与控制 , 2021 , 49 ( 16 ): 170 - 176 .

SHANG L , CHEN M , ZHANG L , et al . Cooperative defense of DDoS attack based on machine learning in SDN [J ] . Power System Protection and Control , 2021 , 49 ( 16 ): 170 - 176 .

谢升旭 , 魏伟 , 邢长友 , 等 . 面向 SDN 拓扑发现的 LDoS 攻击防御技术研究 [J ] . 计算机工程与应用 , 2020 , 56 ( 10 ): 88 - 93 .

XIE S X , WEI W , XING C Y , et al . Research on LDoS attack defense technology for SDN topology discovery [J ] . Computer Engineering and Applications , 2020 , 56 ( 10 ): 88 - 93 .

蒋跃宇 , 承昊新 , 王康 , 等 . PLC-RF 无线传输网络中的能效最优设计方法 [J ] . 电信科学 , 2023 , 39 ( 4 ): 111 - 119 .

JIANG Y Y , CHENG H X , WANG K , et al . Design method of energy efficiency optimization in PLC-RF wireless transmission networks [J ] . Telecommunications Science , 2023 , 39 ( 4 ): 111 - 119 .

顾泽宇 , 张兴明 , 魏帅 . 基于增强学习的自适应动态防御机制 [J ] . 小型微型计算机系统 , 2019 , 40 ( 2 ): 401 - 406 .

GU Z Y , ZHANG X M , WEI S . Adaptive dynamic defense mechanism based on reinforcement learning [J ] . Journal of Chinese Computer Systems , 2019 , 40 ( 2 ): 401 - 406 .

李元诚 , 杨珊珊 . 基于改进自注意力机制生成对抗网络的智能电网 GPS 欺骗攻击防御方法 [J ] . 电力自动化设备 , 2021 , 41 ( 11 ): 100 - 106 .

LI Y C , YANG S S . Defense method of smart grid GPS spoofing attack based on improved self-attention generative adversarial network [J ] . Electric Power Automation Equipment , 2021 , 41 ( 11 ): 100 - 106 .

王增光 , 卢昱 , 李玺 . 多阶段信号博弈的装备保障信息网络主动防御 [J ] . 火力与指挥控制 , 2020 , 45 ( 12 ): 142 - 148 .

WANG Z G , LU Y , LI X . Research on active defense of equipment support information network based on multi-stage signaling game [J ] . Fire Control ＆ Command Control , 2020 , 45 ( 12 ): 142 - 148 .

浏览量

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于深度学习的智能电网窃电检测混合模型研究

基于频谱形状的低复杂度雷达信号分类

基于吸引模式的局部二阶梯度轮廓人脸识别算法

基于大数据分析的安全威胁情报在电信运营商的落地应用

基于Bert模型的互联网不良信息检测