The interactions between attackers and network administrator are modeled as a non-zero-sum dynamic game with incomplete information. Strategies taken by offenders and defenders are dynamic game processes which are mutually dependable and constantly repeated. This paper uses game theory to analyze the model and process of offense and defense counterwork, and suggests that information security problems can be studied from game theory's point of view.