Virtualization plays an important role in the enterprise development. Through this technology, users can access computing power and storage resource flexibly without the limitation of hardware framework and geography. However, it also raises the complexity of information security in the virtualization environment. As a service provider, we serve numerous legitimate users and strive against the variety of attackers with the diversity of attack tactics simultaneously. Therefore, how to maximize the survivability of network system under malicious attack becomes an extremely notable subject. Since most attackers only have “incomplete information” of the targeted system in the real world and only have a little knowledge about defense mechanisms, the defender can distract attackers and waste their budget by deception techniques and dynamic topology reconfiguration. Moreover, the defender should decrease the compromised probability of core nodes and maintain the specific Quality of Service level at the same time. In this thesis, we model the attack-defense scenario as a mathematical programming problem that describes attackers’ success probability and propose a solution approach which combines the mathematical programming and simulation. Based on the concept of relaxation and Monte Carlo simulation, the scale of solvable problem is extended. In the process of simulation, we can gradually improve the quality of solution and conclude the most appropriate revised direction via the information gathered from each evaluation. Finally, the experiment result comprising the defense resource allocation and corresponding defense strategies for the defender to minimize the compromised probability of network system.