计算机科学
强化学习
人工智能
深度学习
人机交互
计算机安全
作者
Tao Zhang,Changqiao Xu,Jiahao Shen,Xiaohui Kuang,Luigi Alfredo Grieco
标识
DOI:10.1109/tifs.2023.3314219
摘要
With the explosive growth of Internet traffic, large sensitive and valuable information is at risk of cyber attacks, which are mostly preceded by network reconnaissance. A moving target defense technique called host address mutation (HAM) helps facing network reconnaissance. However, there still exist several fundamental problems in HAM: 1) current approaches cannot be self-adaptive to adversarial strategies; 2) network state is time-varying because each host decides whether to mutate IP address; and 3) most methods mainly focus on enhancing security, but ignore the survivability of existing connections. In this paper, an Intelligence-Driven Host Address Mutation (ID-HAM) scheme is proposed to address aforementioned challenges. We firstly model a Markov decision process (MDP) to describe the mutation process, and design a seamless mutation mechanism. Secondly, to remove infeasible actions from the action space of MDP, we formulate address-to-host assignments as a constrained satisfaction problem. Thirdly, we design an advantage actor-critic algorithm for HAM, which aims to learn from scanning behaviors. Finally, security analysis and extensive simulations highlight the effectiveness of ID-HAM. Compared with state-of-the-art solutions, ID-HAM can decrease maximum 25% times of scanning hits while only influencing communication slightly. We also implemented a proof-of-concept prototype system to conduct experiments with multiple scanning tools.
科研通智能强力驱动
Strongly Powered by AbleSci AI