Enterprise information security attack and defense strategy under ATP environment

2014 ◽  
Author(s):  
Jun-xi Liu
Keyword(s):  
Information Security ◽  
Enterprise Information ◽  
Defense Strategy ◽  
Security Attack ◽  
Attack And Defense

scholarly journals MAIAD: A Multistage Asymmetric Information Attack and Defense Model Based on Evolutionary Game Theory

Symmetry ◽  
2019 ◽  
Vol 11 (2) ◽  
pp. 215 ◽  
Author(s):  
Yu Yang ◽  
Bichen Che ◽  
Yang Zeng ◽  
Yang Cheng ◽  
Chenyang Li
Keyword(s):  
Game Theory ◽  
Asymmetric Information ◽  
Evolutionary Game Theory ◽  
Rapid Development ◽  
Evolutionary Game ◽  
Defense Strategy ◽  
Security Issues ◽  
Defense Model ◽  
Attack And Defense ◽  
Systems Simulation

With the rapid development and widespread applications of Internet of Things (IoT) systems, the corresponding security issues are getting more and more serious. This paper proposes a multistage asymmetric information attack and defense model (MAIAD) for IoT systems. Under the premise of asymmetric information, MAIAD extends the single-stage game model with dynamic and evolutionary game theory. By quantifying the benefits for both the attack and defense, MAIAD can determine the optimal defense strategy for IoT systems. Simulation results show that the model can select the optimal security defense strategy for various IoT systems.

Generation Method of Power Network Security Defense Strategy Based on Markov Decision Process

2021 ◽  
Author(s):  
Wang Yang ◽  
Liu Dong ◽  
Wang Dong ◽  
Xu Chun
Keyword(s):  
Network Security ◽  
Response Time ◽  
Markov Decision Process ◽  
Decision Process ◽  
Evolutionary Game ◽  
Power Network ◽  
Network Attack ◽  
Defense Strategy ◽  
Markov Decision ◽  
Attack And Defense

Aiming at the problem that the current generation method of power network security defense strategy ignores the dependency relationship between nodes, resulting in closed-loop attack graph, which makes the defense strategy not generate attack path, resulting in poor defense effect and long generation response time of power network security defense strategy, a generation method of power network security defense strategy based on Markov decision process is proposed. Based on the generation of network attack and defense diagram, the paper describes the state change of attack network by using Markov decision-making process correlation principle, introduces discount factor, calculates the income value of attack and defense game process, constructs the evolutionary game model of attack and defense, solves the objective function according to the dynamic programming theory, obtains the optimal strategy set and outputs the final results, and generates the power network security defense strategy. The experimental results show that the proposed method has good defense effect and can effectively shorten the generation response time of power network security defense strategy.

scholarly journals SELECTING SAFETY PACKAGE COMPONENTS OF ENTERPRISE INFORMATION SYSTEM FOLLOWING REQUIREMENTS OF STANDARD LEGAL DOCUMENTS

2018 ◽  
Vol 18 (3) ◽  
pp. 333-338
Author(s):  
E. A. Vitenburg ◽  
A. A. Levtsova
Keyword(s):  
Information System ◽  
Information Security ◽  
International Standards ◽  
Protection System ◽  
Enterprise Information System ◽  
Enterprise Information ◽  
Research Results ◽  
Legal Documents ◽  
The Russian Federation ◽  
Selection Of

Introduction. Production processes quality depends largely on the management infrastructure, in particular, on the information system (IS) effectiveness. Company management pays increasingly greater attention to the safety protection of this sphere. Financial, material and other resources are regularly channeled to its support. In the presented paper, some issues on the development of a safety enterprise information system are considered.Materials and Methods. Protection of the enterprise IS considers some specific aspects of the object, and immediate threats to IT security. Within the framework of this study, it is accepted that IS are a complex of data resources. A special analysis is resulted in determining categories of threats to the enterprise information security: hacking; leakage; distortion; loss; blocking; abuse. The connection of these threats, IS components and elements of the protection system is identified.  The requirements of normative legal acts of the Russian Federation and international standards regulating this sphere are considered. It is shown how the analysis results enable to validate the selection of the elements of the IS protection system.Research Results. A comparative analysis of the regulatory literature pertinent to this issue highlights the following. Different documents offer a different set of elements (subsystems) of the enterprise IS protection system. To develop an IS protection program, you should be guided by the FSTEC Order No. 239 and 800-82 Revision 2 Guide to ICS Security.Discussion and Conclusions. The presented research results are the basis for the formation of the software package of intellectual support for decision-making under designing an enterprise information security system. In particular, it is possible to develop flexible systems that allow expanding the composition  of the components (subsystems).

Sign in / Sign up

Export Citation Format

Share Document