In the field of information security, it is worth mentioning that a single security technology cannot resist myriad kinds of risks at all times. Therefore, how to create multi-technology security architecture has become a hot issue. In this paper we study the configuration of and interaction between firewall, IDS and vulnerability scan. It shows that different configuration parameters affect hackers' decision on intrusion. Then we get the complementary condition and conflicting condition of the three technologies by solving the mixed strategy Nash equilibrium, thus guiding the configuration strategy for the firm. In particular, although the vulnerability scan does not prevent the invasion for information security system, based on the interaction analysis of technology combinations, it can also bring positive effects in certain condition if information security system configures the vulnerability scan.

• 出版日期2015
• 单位南京工业大学; 东南大学