Abstract: To help network administrators to pre-identify potential vulnerabilities and security threats,an active response strategy selecting method based on attack graph was presented.In this method,the network attack graph model forecast aggressive behavior,and analysed attack path with quantitative metrics.The method used the observations during the attack process to match attack graph and updates the belief state.Finally,the partial observable Markov game(POMG) algorithm was used to choose optimal active response strategy.Experimental results show that the active response strategy selection method based on attack graph can improve the accuracy and effectiveness of the response.