| 引用本文: |
-
王雨晴,范伟,彭诚,张珠君,朱大立.移动边缘计算下基于贝叶斯博弈的入侵响应决策模型[J].信息安全学报,已采用 [点击复制]
- Wang Yuqing,Fan Wei,彭诚,张珠君,朱大立.A Bayesian Game Approach for Intrusion Response Detection Model in Mobile Edge Computing[J].Journal of Cyber Security,Accept [点击复制]
|
|
| 摘要: |
| 5G移动网络技术的不断成熟和商业落地,使移动边缘计算(Mobile Edge Computing,MEC)技术得到了广泛的关注。MEC通过将计算存储能力与业务服务能力迁移到靠近数据源头的网络边缘,使得实时性和时延敏感的应用得以更好地实现,但也面临着新的安全挑战。本文针对边缘节点地理分布广泛、网络环境复杂、资源受限等特点,提出一种适合移动边缘计算环境的入侵响应决策模型。模型综合考虑系统的资源状态、入侵响应的成本以及防御系统的检测率和漏报率等因素对响应决策的影响,使MEC系统在面临外部入侵时遭受的损失最低,且对整个MEC网络的时延影响较小,满足MEC网络对实时性和可靠性的要求。文章首先分析了移动边缘计算环境下网络攻防的特点,并用基于动态贝叶斯博弈的数学模型对其进行模拟。之后根据模型的博弈结果,得出入侵者的最优入侵策略以及防御系统的最优响应策略,以使边缘节点能够有针对性地应对入侵者的入侵行为。然后又给出了模型的实际应用框架,该框架由观察节点行动的入侵检测系统与采取防御措施的入侵防御系统共同组成,可以有效的减轻网络负载并节省能耗成本。最后利用仿真实验验证了该模型可以为防御者产生更节能的防御策略,并提高系统的整体检测能力,对保障网络安全,推进移动边缘计算落地实施具有至关重要的作用。 |
| 关键词: 移动边缘计算 入侵响应决策 精炼贝叶斯均衡 攻击预测 |
| DOI:10.19363/J.cnki.cn10-1380/tn.2024.02.02 |
| 投稿时间:2021-10-29修订日期:2022-01-26 |
| 基金项目: |
|
| A Bayesian Game Approach for Intrusion Response Detection Model in Mobile Edge Computing |
|
Wang Yuqing, Fan Wei, 彭诚, 张珠君, 朱大立
|
| (Institute of Information Engineering,Chinese Academy of Sciences) |
| Abstract: |
| The technology of Mobile Edge Computing (MEC) has been paid more and more attention due to the maturity and commercial application of 5G mobile network. MEC can better realize real-time and delay-sensitive applications by migrating computing storage capacity and business service ca-pacity to network edge close to data source. However, it also faces new security challenges. This pa-per presents an intrusion response decision-making model for Mobile Edge Computing environment, based on the wide distribution, complex network environment and limited resources characteristics of edge nodes. In this model, the resource state of the system, the cost of intrusion response, the de-tection and false negative rates of the prevention system are considered synthetically, so that the loss of the MEC system is minimized while facing external intrusion, and the time delay of the whole MEC network is small, which can satisfy the requirements of the network for real-time performance and reliability. This paper first analyzes the characteristics of network attack and defense in Mobile Edge Computing environment, and simulates it with a mathematical model based on Dynamic Bayesian Game. Then, according to the results of the game model, the optimal invasion strategy for intruder and the optimal response strategy for defense system are obtained so that the edge nodes can make targeted response on intrusion behavior. Moreover, a practical application framework of the model is given, which is composed of an intrusion detection system that observes the actions of nodes and an intrusion prevention system that takes defense measures, which can effectively reduce network load and save energy cost. Finally, the simulation results show that the model can generate more energy-saving defense strategy for the defender, and improve the overall detection capability of the system, which plays a crucial role in ensuring network security and pushing forward the imple-mentation of Mobile Edge Computing. |
| Key words: Mobile Edge Computing Intrusion Response Decision Perfect Bayesian equilibrium attack prediction |
