Defense timing selection for MTD in periodic satellite computing systems: A Markov game approach

IF 3.1 3区计算机科学 Q2 COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS

Journal of Computational Science Pub Date : 2025-04-04 DOI:10.1016/j.jocs.2025.102583

Lin Zhang , Yunchuan Guo , Siyuan Leng , Xiaogang Cao , Fenghua Li , Liang Fang

{"title":"Defense timing selection for MTD in periodic satellite computing systems: A Markov game approach","authors":"Lin Zhang , Yunchuan Guo , Siyuan Leng , Xiaogang Cao , Fenghua Li , Liang Fang","doi":"10.1016/j.jocs.2025.102583","DOIUrl":null,"url":null,"abstract":"<div><div>Satellite computing systems (SCSs), with their enormous economic value, are suffering from increasing attacks. Moving Target Defense (MTD), which changes the attack surface to create an asymmetric situation between attacks and defenses, can be used to improve the safety of the SCS. Defense timing selection is crucial for enhancing the defense capability of MTD and reducing its cost. However, existing MTD defense timing selection strategies do not consider limited defense resources and periodic user traffic in the SCS, which leads to significant resource consumption and impacts a large volume of traffic, making them unsuitable for the SCS. We propose a Markov Game-based Defense Timing Selection (MGDTS) approach to protect the SCS. We divide the orbital cycle of the SCS into several time periods with different traffic rates. For each period, we formulate the attack-defense adversarial relationship as a Markov game with incomplete information. In the game, we use explicit costs to define the resource consumption of a defender. Further, we employ Markov decision processes to construct the defense timing decision equation and use real-time dynamic programming to solve the equation. Experimental results show that compared with the existing MTDs, our scheme can enhance security while reducing resource consumption and the influence on user traffic. This work is an extended version of the ICCS-2024 conference paper (Lin Zhang et al., 2024).</div></div>","PeriodicalId":48907,"journal":{"name":"Journal of Computational Science","volume":"87 ","pages":"Article 102583"},"PeriodicalIF":3.1000,"publicationDate":"2025-04-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Computational Science","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1877750325000602","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS","Score":null,"Total":0}

引用次数: 0

Abstract

Satellite computing systems (SCSs), with their enormous economic value, are suffering from increasing attacks. Moving Target Defense (MTD), which changes the attack surface to create an asymmetric situation between attacks and defenses, can be used to improve the safety of the SCS. Defense timing selection is crucial for enhancing the defense capability of MTD and reducing its cost. However, existing MTD defense timing selection strategies do not consider limited defense resources and periodic user traffic in the SCS, which leads to significant resource consumption and impacts a large volume of traffic, making them unsuitable for the SCS. We propose a Markov Game-based Defense Timing Selection (MGDTS) approach to protect the SCS. We divide the orbital cycle of the SCS into several time periods with different traffic rates. For each period, we formulate the attack-defense adversarial relationship as a Markov game with incomplete information. In the game, we use explicit costs to define the resource consumption of a defender. Further, we employ Markov decision processes to construct the defense timing decision equation and use real-time dynamic programming to solve the equation. Experimental results show that compared with the existing MTDs, our scheme can enhance security while reducing resource consumption and the influence on user traffic. This work is an extended version of the ICCS-2024 conference paper (Lin Zhang et al., 2024).

查看原文本刊更多论文

周期性卫星计算系统中 MTD 的防御时机选择：马尔可夫博弈方法

具有巨大经济价值的卫星计算系统正遭受越来越多的攻击。移动目标防御（MTD）可以改变攻击面，使攻击和防御之间产生不对称的情况，可以用来提高SCS的安全性。防御时机的选择是提高MTD防御能力和降低MTD成本的关键。然而，现有的MTD防御时机选择策略没有考虑SCS有限的防御资源和周期性的用户流量，导致资源消耗显著，影响流量大，不适合SCS。我们提出了一种基于马尔可夫博弈的防御时机选择（MGDTS）方法来保护南海。我们将SCS的轨道周期划分为不同交通速率的几个时间段。对于每个时间段，我们将攻防对抗关系表述为具有不完全信息的马尔可夫博弈。在游戏中，我们使用显式成本来定义防御者的资源消耗。利用马尔可夫决策过程构造了防御时机决策方程，并利用实时动态规划方法求解了该方程。实验结果表明，与现有的MTDs相比，我们的方案在降低资源消耗和对用户流量影响的同时提高了安全性。本工作是ICCS-2024会议论文（Lin Zhang et al., 2024）的扩展版。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Computational Science COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS-COMPUTER SCIENCE, THEORY & METHODS

CiteScore

5.50

自引率

3.00%

发文量

227

审稿时长

41 days

期刊介绍： Computational Science is a rapidly growing multi- and interdisciplinary field that uses advanced computing and data analysis to understand and solve complex problems. It has reached a level of predictive capability that now firmly complements the traditional pillars of experimentation and theory. The recent advances in experimental techniques such as detectors, on-line sensor networks and high-resolution imaging techniques, have opened up new windows into physical and biological processes at many levels of detail. The resulting data explosion allows for detailed data driven modeling and simulation. This new discipline in science combines computational thinking, modern computational methods, devices and collateral technologies to address problems far beyond the scope of traditional numerical methods. Computational science typically unifies three distinct elements: • Modeling, Algorithms and Simulations (e.g. numerical and non-numerical, discrete and continuous); • Software developed to solve science (e.g., biological, physical, and social), engineering, medicine, and humanities problems; • Computer and information science that develops and optimizes the advanced system hardware, software, networking, and data management components (e.g. problem solving environments).