首页 | 本学科首页   官方微博 | 高级检索  
     

网络安全漏洞信息披露中多元参与主体行为策略演化博弈分析
引用本文:熊强,杨欣琦,李治文. 网络安全漏洞信息披露中多元参与主体行为策略演化博弈分析[J]. 运筹与管理, 2021, 30(7): 102-109. DOI: 10.12005/orms.2021.0221
作者姓名:熊强  杨欣琦  李治文
作者单位:江苏大学 管理学院,江苏 镇江 212013
基金项目:国家社会科学基金资助项目(19BGL236)
摘    要:全球网络威胁日趋严峻,作为网络安全事件产生的根源之一,网络安全漏洞越来越被重视,对漏洞的披露已是国家网络安全应急体系建设的重要内容之一。本文构建了网络安全漏洞共享平台、软件厂商及黑客之间的三方博弈模型,并从演化博弈角度对模型进行了分析和数值模拟,确立了稳定均衡点存在的条件。研究结果表明:不同参数初始值对三方博弈结果存在显著差异,软件质量越差,平台越倾向于“封闭披露”策略;对漏洞发现者的支付积极影响软件厂商“注册会员”倾向,对黑客的“努力攻击”倾向产生负面影响;随披露成本的上升,平台更倾向于采纳“封闭披露”策略;预期损失过大,软件厂商倾向于“注册会员”策略。

关 键 词:信息披露  网络安全漏洞  共享平台  演化博弈  
收稿时间:2019-04-10

Evolutionary Game Analysis of Multi Participant Behavior Strategy of Network Security Vulnerability Information Disclosure
XIONG Qiang,YANG Xin-qi,LI Zhi-wen. Evolutionary Game Analysis of Multi Participant Behavior Strategy of Network Security Vulnerability Information Disclosure[J]. Operations Research and Management Science, 2021, 30(7): 102-109. DOI: 10.12005/orms.2021.0221
Authors:XIONG Qiang  YANG Xin-qi  LI Zhi-wen
Affiliation:School of management, Jiangsu University, Zhenjiang 212013, China
Abstract:Nowadays, the global network threat is becoming more and more serious. As one of the essential reasons of network security incidents, network security vulnerabilities have been paid increasing attention. The disclosure of vulnerabilities has been set up into construction of the national network security emergency system. In this paper, we build a tripartite game model among network security vulnerability sharing platform, software manufacturers and hackers, analyze and simulate the model from the perspective of evolutionary game, and then establish the conditions for the existence of stable equilibrium point. The results of this study show that: there are significant differences between the initial values of different parameters on the results of the tripartite game, the worse the software quality is, the more inclined the platform is to the “closed disclosure” strategy; The payment of vulnerability discoverers has a positive impact on the tendency of software manufacturers to “register members”, and has a negative impact on the tendency of hackers to “strive to attack”; As an increasing disclosure costdisclosure cost, the platform tends to adopt the strategy of “closed disclosure”; The expected loss is too large, and software manufacturers tend to support the “register members” strategy.
Keywords:information disclosure  network security vulnerability  sharing platform  evolutionary game  
本文献已被 CNKI 等数据库收录!
点击此处可从《运筹与管理》浏览原始摘要信息
点击此处可从《运筹与管理》下载免费的PDF全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号