Security and Communication Networks

Security and Communication Networks / 2020 / Article

Research Article | Open Access

Volume 2020 |Article ID 6515328 | https://doi.org/10.1155/2020/6515328

Pan Jun Sun, "Research on the Optimization Management of Cloud Privacy Strategy Based on Evolution Game", Security and Communication Networks, vol. 2020, Article ID 6515328, 18 pages, 2020. https://doi.org/10.1155/2020/6515328

Research on the Optimization Management of Cloud Privacy Strategy Based on Evolution Game

Academic Editor: Leandros Maglaras
Received05 Dec 2019
Revised19 Feb 2020
Accepted20 Jun 2020
Published11 Aug 2020

Abstract

Cloud computing services have great convenience, but privacy security is a big obstacle of popularity. In the process result of privacy protection of cloud computing, it is difficult to choose the optimal strategy. In order to solve this problem, we propose a quantitative weight model of privacy information, use evolutionary game theory to establish a game model of attack protection, design the optimal protection strategy selection algorithm, and make the evolutionary stable equilibrium solution method from the limited rational constraint. In order to study the strategic dependence of the same game group, the classical dynamic replication equation is improved by using the incentive coefficient, an improved evolutionary game model of attack protection is constructed, the stability of equilibrium point is further analyzed by Jacobian matrix method, and the optimal selection strategy is obtained under different conditions. Finally, the correctness and validity of the model are verified by experiments, different strategies of the same group have the dual effects of promotion and inhibition, and the advantages of this paper are shown by comparing with other articles.

1. Introduction

With the development of information technology, the scale of the network is becoming more and more complex, and the serious privacy leak events cause tremendous harm to cloud computing [1]. To protect privacy of network service, firewalls, intrusion detection, and antivirus software technologies have been widely used. However, invaders can only be detected after the event, which often causes serious losses.

Advanced persistent threat attackers use a variety of complex methods to steal information continuously and secretly from the cloud storage system, such as spear phishing and waterhole attack. They can even induce the cloud storage system to apply specific defense strategies and attack them, which is a great threat to cloud computing. Therefore, it is necessary to research the new privacy protection technologies [2].

An ideal protection system should protect all weak points or attacks. However, considering the limitation of organizational resources, we must consider the concept of “moderate security” to find a balance between information privacy security risk and investment and make the most reasonable decision with limited resources. Whether the strategy of protector is effective should depend not only on its own behavior, but also on the strategies of the attacker and the system. Therefore, the game theory can be used to study the information security problems such as the conflict of attack and protect and the optimal protection decision.

The basic characteristics of game theory are the opposition of objectives; both the dependence of strategies and the noncooperation of relationships are in the process of privacy protection. In the process of the game, because of the learning mechanism, low-payoff participants constantly learn the strategies of high-payoff participants and improve their behaviors [3].

Based on bounded rationality, the evolutionary game continuously improves the intrinsic driving force of behavior strategy through learning mechanism, which can effectively enhance the accuracy and reliability of the game model [3, 4]. This paper constructs an evolutionary game model of attack and protect and analyzes the rules of stability and equilibrium evolution. So, the main contributions of our paper are as follows:(i)We propose a quantitative weight model of privacy information, construct an evolutionary game model of attack-protect, make an evolutionary stable strategy solution method, achieve the optimal privacy strategy selection, and analyze the different evolutionary stable equilibrium(ii)To express the strategic dependence, we propose improving the accuracy of the replication dynamic equation by incentive coefficients, construct an improved evolutionary game model of cloud computing privacy protection, and give the detailed process of equilibrium solution(iii)We use the Jacobian matrix method to analyze the stability of the game equilibrium point and the evolutionary trend of the game and obtain the optimal protect strategy

The structure of this paper is as follows. In Section 2, the related research work is introduced. In Section 3, this paper constructs an evolutionary game model of attack and protect and analyzes the different evolutionary equilibrium. In Section 4, this paper proposes an improved evolutionary game model by incentive coefficients and analyzes the stability of the evolutionary game. In Section 5, this paper designs relevant experiments. In Section 6, this paper summarizes the work and future research directions. To understand this article, a framework is given in Figure 1.

The main security privacy strategy technologies for cloud system can be classified into three categories: attack defense game, evolution game, and strategy selection.

2.1. Attack Defense Game Approach

Neupane et al. [5] proposed a new defense system based on the camouflage theory, which can prevent the attackers from the analysis of attack characteristics and can reduce the impact of the target attack on the high-value services hosted in the cloud platform by “isolating virtual machine” and strategy coordination. Xiao et al. [6, 7] described the interaction between defenders and attackers in the cloud storage system, studied a mixed strategy in storage defense game, and proved that the view of the attackers can improve the effectiveness of defenders. Li et al. [8] proposed an attack-defend game model, which was a two-person zero-sum static game with complete information. When the price parameter exceeded the threshold, the defender will switch to the protection mode. Lv et al. [9] proposed a dynamic defense model based on the mixed strategy game, which optimized the allocation of the limited security resources of the target network, and allocated the dynamic optimal defense strategy for each node at different times. Based on the game between the data owner and data requester, Sfar et al. [10] proposed a solution to protect privacy in the context, which used incentives for privacy concessions or active attacks to describe game elements and found a balance between privacy concessions and incentives. Min et al. [11] derived the Nash equilibrium of symmetric and asymmetric allocation game between the attacker and the defender, initialized the quality value by using the experience in similar scenarios, and obtained the optimal defense performance. Hota and Sundaram [12] studied the influence of node’s behavior probability weight and the distribution of security risk and described the graph topology of the average attack probability under the Nash equilibrium in the weakest game.

Stackelberg games are very useful for decision making in attack and defense scenario. Xiao et al. [6] deduced the Nash equilibrium of detection game and proposed a detection scheme based on strategy hill-climbing, which increased the uncertainty of strategy to deceive attacker in dynamic game. So Jakóbik et al. [13] defined a Stackelberg game model, which allowed the automatic selection of provider level security decisions and maximized the benefits of defenders. Wahab et al. [14] proposed a repeated Bayesian Stackelberg game, which provided the optimal distribution of detection for virtual machines, increased the detection ability of attack, and greatly reduced the number of attacks.

2.2. Evolutionary Game Approach

Khalifa et al. [15] proposed a new tool to simulate the evolution of several populations, defined three different stable levels, strong, weak, and medium, which improved the accuracy and adaptability of the evolutionary game. Jiang et al. [16] studied the information reliability of a series of cooperative networks and proposed an evolutionary game model based on closed expression and reinforcement assistant method. Tan et al. [17] studied the strategy selection problem of evolutionary game dynamics with group interaction and obtained the cooperative conditions of public goods game and volunteer dilemma game. Based on the bounded rationality of the players, Hu et al. [18] established a game model of attack and defense under incomplete information, which extended the game strategy in the game structure. Du et al. [19] used the evolutionary game theory framework of community to analyze the privacy protection behavior of the social network and designed incentives based on cost performance. Based on the analytic hierarchy process, Zhang et al. [20] comprehensively analyzed the impact of mobile target defense technology, proposed an effective strategy selection algorithm based on joint defense, and selected many variation elements to defend different attack.

2.3. Game Strategy Selection Approach

Various game methods have been developed to study the privacy strategy selection between proctors and adversaries. Kamhoua et al. [21] studied the security of cloud computing participants and internal interdependence, analyzed many possible Nash equilibria, and described the adversary’s motivation more accurately. In order to study heterogeneous network system and provide the optimal security detection strategy, Wu et al. [22] gave the analysis of Bayesian equilibrium and robust Nash equilibrium with incomplete information and proposed a verification and calculation method for continuous kernels.

Tan et al. [17] studied the strategy selection problem of evolutionary game dynamics with group interaction and obtained the cooperative conditions of public goods game and volunteer dilemma game. Cheng et al. [23] established a mobile target defense game model based on incomplete information and designed an optimal strategy algorithm to prevent the selection strategy from deviating from the actual network conditions.

After synthetically analyzing the influence of defense cost and benefit on strategy selection, Cheng et al. [24] designed an optimal strategy selection algorithm, which corrected the deviation between the selected strategy and the actual network conditions, thus ensuring the correctness of the optimal strategy selection. Zhang et al. [25] emphasized the applicability and advantages of multiobjective in network security, proposed a multiobjective game model, and introduced and demonstrated the set strategy selection technology. Armstrong et al. [26] proposed a threat specific risk assessment method, which allowed administrators to make fine-grained decisions for the selection of mitigation strategies.

2.4. Discussion and Features of Our Research

In the attack defense game approach, the existing research is mainly to explore deterministic strategies, so we need to study the application of stochastic strategies in practice. In the evolutionary game behavior, the current research is mainly to calculate the equilibrium through the income matrix and focuses on the optimization of the calculation process, rarely summarizing the dynamic process of strategic evolution. In terms of application scenarios, both the behavior analysis of cloud computing networks and the dynamic research of privacy security are based on strategy selection, which makes the research on strategy selection more universal. The game is a continuous process, different strategies in the same group have a great impact on the game results, but there are few researches in these above articles.

Our research is more general in network security protection, because the strategy set of our model can be extended to , and both attackers and defenders can choose any strategy, which can be applied to general protection strategy choice. On the basis of bounded rationality, we consider and quantitatively describe the influence of similar strategies, introduce the influence factors, establish the evolutionary game model of attack and protect based on the improved dynamic replication equation, provide the detailed stability analysis, and improve the accuracy of the model.

3. A Game Model of Attack-Protect

In this section, we propose a quantitative weight model of privacy information, construct a game model of privacy protection, and analyze the evolution of the strategy selection mechanism to realize the optimal protect strategy. To read this article, some parameters are given in Table 1.


ParametersMeanings

Privacy information set
Evolutionary game model
and Protector and adversary
Strategy set for protector
Strategy set for adversary
Game beliefs
Probability of strategy
Probability of strategy
Payoff of adversary adopt
Payoff of protector adopt
Expected payoff of protector
Expected payoff of adversary
Average payoff of protector
An attack-protect payoff of adversary
Number of players choosing
Protect strategy influence factor
Number of players choosing
Attack strategy influence factor
Protect strategy incentive coefficient
Attack strategy incentive coefficient

3.1. Privacy Metric Space

To make the expression of privacy information, this paper proposes a measurement model and proposes the distance between any elements in the metric space.

Definition 1. Suppose that is a nonempty set metric space; for two elements , in the , represents the distance between two elements, which has two characters:(1), , and (2)If , is the distance between two points , . is called as metric space according to the distance.
According to the definition of metric space, the following properties can be obtained:Norm is a basic concept in performance analysis, which is often used to measure the length or size of each element in the metric space.
Let be a vector, and is a matrix.
Vector 1-norm isVector 2-norm isMatrix F-norm isIn this paper, the privacy vector is considered as an index in the measurement space, 2-norm is used to represent the size of the privacy value.
Assuming that a piece of privacy information is , represents the privacy factor related to the user’s privacy; then the privacy value of can be expressed as is the weight coefficient of the influence factor .
The correlation coefficient is an objective weight method to eliminate the influence of duplicate information on the comprehensive evaluation results. Calculate the correlation coefficient matrix; the original data contains factors. Then the correlation coefficient matrix isAfter standardization, it can be simplified asCalculate the sum value of in the column as follows:The result of row vector is larger, the influence in the comprehensive evaluation system is greater, and the weight is more. Both privacy variability and conflict factor need to be considered in weight. In the paper, the objective weight method is adopted, and factor variability is represented by the standard deviation to show the difference between evaluation schemes of a factor. The larger the standard deviation is, the larger the value is.
Assume that is the information quantity of factor; the various results of indicators can be considered by selecting the standard deviation . The conflict characteristics between the standard and other standards are measured by . represents the correlation coefficient between the and the factors, and can be expressed as follows:The result of is larger, the amount of data in the criterion is larger, and the importance is more. Therefore, the weight of the factor is as follows:

3.2. Attack-Protect Evolutionary Game Model

In order to protect privacy information , we propose an attack-protect game model (Figure 2).

Definition 2. An attack-protect evolutionary game model can be defined as a 4-tuple .
is the participant space of evolutionary game, is the protector, and is the adversary.
is game action strategy space, represents an optional strategy set for the protector, and represents an optional strategy set for the adversary. Both adversary and protector have multiple strategies.
is a set of game beliefs, represents the probability set that the protector chooses a strategy , and represents the probability set that the adversaries choose a strategy .
is a set of game payoff functions, represents the game payoffs of protectors, and expresses the game payoffs of adversaries.
In the game, both protector and adversary have and , respectively, , . When different strategies are used in the attack-protect game, both and represent the payoffs of adversary and protector when they adopt and . We can get the following formula:In the , the player chooses with , and . Similarly, in the , adversary selects with , . Further, we can get the expected payoff and average payoff of different protection strategies:In strategy set , because of the learning mechanism, we use to show the proportion of people who choose a strategy with time, and .
is a time constant, for the first derivation, and the dynamic replication rate can be expressed as the following formula:Similarly, the expected payoff and average payoff of different protect strategy are calculated:In the strategy set , is the proportion of people who choose the attack strategy , and .
For a strategy , is a time constant, according to the expected payoff and average payoff , and we can get the dynamic replication equation of attack strategy:By combining formulas (14) and (17), we can get the following formula:When , we can get the equilibrium point of evolutionary game and thus realize the analysis and prediction of strategy selection.
According to the basic theory of game theory, pure strategy can be regarded as the mixed strategy with the choice probability 1 and the choice probability 0 of other strategies. Because the attack and protect game of cloud network system is a limited game, there must be a mixed strategy to form the Nash equilibrium, and meets the following conditions:

3.3. Protect Strategy Selection Algorithm

Both adversary and protector choose different strategy with different probabilities. We design an optimal privacy strategy selection algorithm (Algorithm 1).

Input: cloud computing attack-protect game tree.
Output: optimal privacy protect strategy.
(1)Initialization
(2)Constructing protector’s space set
(3)Constructing an optional strategy space set for protectors
(4)According to the strategy selection of the adversary, a reasonable protect strategy is selected by probability , and
(5)For attack –protect strategy , we get the payoff value of protect strategy.
(6)Calculating of the protect strategy.
(7)Calculating the average payoffs of the protector .
(8)Establishing protector’s dynamic replication equation .
(9)Computing equilibrium solution of .
(10)Output privacy protect strategy.

From the analysis of Section 3, the time complexity of the algorithm is , and the storage space complexity is . According to this algorithm, not only the payoff value of each strategy can be obtained, but also the state change rate of strategy selection can be obtained.

4. Improvement of the Game Model

The evolutionary game originates from the idea of biological evolution, and replication dynamic application is the most widely used in many ways. However, in the actual process of network attack and protection, not only the strategy groups of the attacker and the protector are dependent on each other, but also the protect strategy and the attack strategy are dependent on each other. Therefore, it is necessary to study the interaction among the same strategy group. In this section, we introduce the relation function to express the strategy dependence to improve the traditional replication dynamic equation and the accuracy of the replication dynamic rate.

4.1. Improvement of the Replication Dynamic Model

Based on Section 3, in the strategy , assume that the number of strategy is at ; the proportion of the number of protect strategy is , and we can get the following formula:

With the advance of the game process, the number of players selecting strategy changes with time, and the replication dynamic rate is proportional to the number of selection strategy , which is related to the adaptability of strategy . The expected payoff of protect strategy is , and the average payoff of protect strategy is . We can construct the following formula: is the influence factor, which indicates the impact of protect strategy . The greater the value of , the stronger the influence of on the other protect strategy. Based on formula (21), we can obtain formula (22) of :

Similarly, assume that the number of is at time . The proportion of the number of adversary is , the expected payoff is , and the average payoff is . We can get the following formula to express the :

With the advance of the attack-protect game, the number of adversary who chooses the strategy changes with time, and the dynamic replication rate is proportional to the number of players, so we can get the following formula:

is the strategy influence factor, which is determined by the strategy . The larger the value of , the stronger the influence of on other attack strategies.

Furthermore, we can get the replication dynamics of :

By combining formulas (22) and (25), we obtain an improved replicated dynamic differential equation:

When and , we can obtain the following dynamic replication equations:

We define an incentive coefficient to represent incentive relationship between and , indicates that protect strategy can promote , and indicates that protect strategy can suppress .

Similarly, we define an incentive coefficient to represent incentive relationship between and . Through further deduction, we can get the following formula:

When , we can get the equilibrium solution of attack-protect evolutionary game to realize the analysis and prediction of strategy selection.

4.2. Evolutionary Game Description

Assume that the protector has an optional strategy set , where represents investment privacy protection and represents noninvestment privacy protection. Similarly, an adversary has an optional strategy set , where represents that the adversary implements attack and represents the idea that the adversary does not implement an attack. denotes the selection probability of attack strategy , denotes the selection probability of attack strategy , and ; denotes the selection probability of strategy and denotes the selection probability of strategy , and .

4.3. Evolutionary Game Solution of Attack-Protect

Based on the attack-protect model of Section 3, similarly, we can construct the following formula:

According to , , by first derivative of time , we can get the following formula:

According to formulas (28) and (30), we can further obtain the dynamic replication equation of and :

When , we can get five solutions: , , , , and .

4.4. Dynamic Analysis of Attack-Protect Evolution

According to the above improved evolutionary game model, we use the Jacobian matrix method to analyze the evolutionary stability of these above five equilibrium points, and get formula (32). Both determinant and trace of the Jacobian matrix can be expressed as in formulas (33) and (34):

When and , the equilibrium point is unstable; when and is an arbitrary value, the equilibrium point is a saddle point.

Condition 1. ; the game system has four equilibrium points: , , , . By the four points of formulas (32) and (33), we get the expressions of Table 2, and discuss several cases by determinant and trace of the Jacobian matrix:Case 1: when , , is a stable point, both and are saddle points, is an unstable point, and (no protect, no attack) is the stable strategyCase 2: when , , is a stable point, both and are saddle points, is an unstable point, and (no protect, no attack) is the stable strategyCase 3: when , , is a stable point, both and are saddle points, is an unstable point, at this time, and (protect, no attack) is the stable strategyCase 4: when , , is a stable point, both and are saddle points, is an unstable point, (protect, attack) is the stable strategy, and privacy protect is the optimal selection of protector


EquilibriumDetTr


Condition 2. When , there are four equilibrium points: , , , and ; there are eight cases as follows:Case 1: , , , is a stable point, both and are saddle points, and is an unstable pointCase 2: , , , is a stable point, both and are saddle points, and is an unstable pointCase 3: , , , is a stable point, and ,, and are saddle pointsCase 4: , , , is an unstable point, both and are saddle points, and is a stable pointCase 5: , , , , , and are saddle points, and is an unstable pointCase 6: , , , is a stable point, both and are saddle points, and is an unstable pointCase 7: , , , is a stable point, both and are saddle points, and is an unstable pointCase 8: , , , is a stable point, both and are saddle points, and is an unstable point

Condition 3. When , there are four equilibrium points; , , , , which can be divided into the following eight cases. Case 1: , , , is a stable point, both and are saddle points, and is an unstable pointCase 2: , , , is a stable point, both and are saddle points, and is an unstable pointCase 3: , , , is a stable point, and , , and are saddle pointsCase 4: , , , is a stable point, is a saddle point, and both and are unstable pointsCase 5: , , , is a stable point, both and are saddle points, is an unstable pointCase 6: , , , is an unstable point, both and are saddle points, and is a unstable pointCase 7: , , , is a stable point, both and are saddle points, is an unstable pointCase 8: , , , is a stable point, both and are saddle points, and is an unstable point

Condition 4. When , there are five equilibrium points; , , , , .
Because the value of cannot be determined, we give several discussion of different values of and :(1); there are four cases:Case 1: , is a stable point, , , and are saddle points, and is an unstable pointCase 2: , is an unstable point, , , and are saddle points, and is a stable pointCase 3: , is an unstable point, both and are saddle points, is a stable point, and is a center pointCase 4: , is a stable point, both and are saddle points, is an unstable point, and is a center point(2); there are four cases:Case 1: