%0 Journal Article
%T Network Security Situation Awareness Approach Based on Markov Game Model<br>基于Markov 博弈模型的网络安全态势感知方法
%A ZHANG Yong
%A TAN Xiao-Bin
%A CUI Xiao-Lin
%A XI Hong-Sheng
%A <br>张勇
%A 谭小彬
%A 崔孝林
%A 奚宏生
%J 软件学报
%D 2011
%I 
%X To analyze the influence of propagation on a network system and accurately evaluate system security, this paper proposes an approach to improve the awareness of network security, based on the Markov Game Model (MGM). This approach gains a standard data of assets, threats, and vulnerabilities via fusing a variety of system security data collected by multi-sensors. For every threat, it analyzes the rule of propagation and builds a threat propagation network (TPN). By using the Game Theory to analyze the behaviors of threats, administrators, and ordinary users, it establishes a three player MGM. In order to make the evaluation process a real-time operation, it optimizes the related algorithm. The MGM can dynamically evaluate system security situation and provide the best reinforcement schema for the administrator. The evaluation of a specific network indicates that the approach is suitable for a real network environment, and the evaluation result is precise and efficient. The reinforcement schema can effectively curb the propagation of threats.
%K network security situation awareness
%K threat propagation network
%K Markov game model<br>网络安全态势感知
%K 威胁传播网络
%K Markov
%K 博弈模型
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=7735F413D429542E610B3D6AC0D5EC59&aid=42D228F89567AFE00A57F58CDAACB561&yid=9377ED8094509821&vid=BC12EA701C895178&iid=38B194292C032A66&sid=DDDA4F26E8AD3C0E&eid=37F781FD8E744761&journal_id=1000-9825&journal_name=软件学报&referenced_num=0&reference_num=22