Research Article Efficient Defense Decision-Making Approach for Multistep Attacks Based on the Attack Graph and Game Theory Jing Liu, Yuchen Zhang ,HaoHu , Jinglei Tan , Qiang Leng, and Chaowen Chang Zhengzhou Information Science and Technology Institute, Zhengzhou 450001, China Correspondence should be addressed to Yuchen Zhang; 2744190810@qq.com Received 19 August 2019; Revised 27 April 2020; Accepted 7 July 2020; Published 11 August 2020 Academic Editor: Francesca Vipiana Copyright © 2020 Jing Liu et al. is is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. In the multistep attack scenario, each rational attack-defense player tries to maximize his payoff, but the uncertainty about his adversary prevents him from taking the favorable actions. How to select the best strategy from the candidate strategies to maximize the defense payoff becomes the core issue. For this purpose, the paper innovatively designs a game theory model from the point of network survivability in combination with the attribute attack graph. e attack graph is created based on the network connectivity and known vulnerabilities using the MulVAL toolkit, which gives the full view of all the known vulnerabilities and their interdependence. en, we use the attack graph to extract attack-defense actions, candidate attack-defense strategies, attack- defense payoffs, and network states, as well as other game modeling elements. Afterwards, the payoffs of attack-defense strategies are quantified by integrating attack-defense strength and network survivability. In addition, we input the above elements into the game model. rough repeated learning, deduction, and improvement, we can optimize the layout of defense strategies. Finally, the efficient strategy selection approach is designed on the tradeoff between defense cost and benefit. e simulation of attack- defense confrontation in small-scale LAN shows that the proposed approach is reliable and effective. 1.Introduction With the expansion of network scale as well as the increase of complexity and the continuous development of attack technology, it is impossible to absolutely prevent the net- work from being attacked. A large number of network key service nodes may meet the network attack, and the defender should provide enough network services to meet the normal operation of the network through conducting defense strategies. erefore, the strategy selecting both sides of attack-defense starts around the survivability of the network. For the defender, the survivability of the network is the key to analyze the security and effectiveness of the defense strategy. e purpose of the attack graph [1–5] is to analyze the attack-defense actions of the network through nodes and edges in the graph. Attribute attack graph regards the condition or attribute of the network as a node in the attack graph. When studying network security, it can accurately depict an event as a node in the network. Attribute attack graph has become the main method of mitigating network security in recent years [6–8]. In this paper, we propose a selection approach of optimal strategy for multistep attacks using the attack graph and game theory. In detail, the related attack-defense elements are extracted and taken into the game model for defense strategy deduction. We mainly focus on the continuous decision-making in the process of attack-defense dynamic confrontation. With invasion going, the attacker masters more defense information and can find a better attack path. Accordingly, the defender can also adjust the related defense strategy based on the attack path predictions. In contrast to other models, the proposed model guides the generation and optimization of the defense strategy during attack-defense adversary. e main contributions are as follows: (1) e attack-defense model for defense decision- making using the dynamic game theory is con- structed. In the multistep attack scenario, attack- defense has the characteristics of collaborative Hindawi Mathematical Problems in Engineering Volume 2020, Article ID 9302619, 12 pages https://doi.org/10.1155/2020/9302619