Abstract
Honeypots play a crucial role in implementing various cyber deception techniques as they possess the capability to divert attackers away from valuable assets. Careful strategic placement of honeypots in networks should consider not only network aspects but also attackers’ preferences. The allocation of honeypots in tactical networks under network mobility is of great interest. To achieve this objective, we present a game-theoretic approach that generates optimal honeypot allocation strategies within an attack/defense scenario. Our proposed approach takes into consideration the changes in network connectivity. In particular, we introduce a two-player dynamic game model that explicitly incorporates the future state evolution resulting from changes in network connectivity. The defender’s objective is twofold: to maximize the likelihood of the attacker hitting a honeypot and to minimize the cost associated with deception and reconfiguration due to changes in network topology. We present an iterative algorithm to find Nash equilibrium strategies and analyze the scalability of the algorithm. Finally, we validate our approach and present numerical results based on simulations, demonstrating that our game model successfully enhances network security. Additionally, we have proposed additional enhancements to improve the scalability of the proposed approach.
Distribution Statement A: Approved for public release. Distribution is unlimited. Research was sponsored by the DEVCOM Army Research Laboratory and was accomplished under Cooperative Agreement Numbers W911NF-23-2-0012 and W911NF-13-2-0045 (ARL Cyber Security CRA). The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of the Army Research Laboratory or the U.S. Government. The U.S. Government is authorized to reproduce and distribute reprints for Government purposes notwithstanding any copyright notation herein.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
Non-leaf nodes can be predecessor of at least one node.
References
Mandiant Intelligence Center. Apt1: Exposing one of China’s cyber espionage units. Mandian.com (2013)
Abuzainab, N., Saad, W.: Dynamic connectivity game for adversarial internet of battlefield things systems. IEEE Internet Things J. 5(1), 378–390 (2017)
Burbank, J.L., Chimento, P.F., Haberman, B.K., Kasch, W.T.: Key challenges of military tactical networking and the elusive promise of manet technology. IEEE Commun. Mag. 44(11), 39–45 (2006)
Jammal, M., Singh, T., Shami, A., Asal, R., Li, Y.: Software defined networking: state of the art and research challenges. Comput. Netw. 72, 74–98 (2014)
National Science Foundation. Advances in computer mobility, connectivity and networks. https://new.nsf.gov/news/advances-computer-mobility-connectivity-networks. Accessed Jan 2023
Wang, C., Zhuo, L.: Cyber deception: overview and the road ahead. IEEE Secur. Priv. 16(2), 80–85 (2018)
Mokube, I., Adams, M.: Honeypots: concepts, approaches, and challenges. In: Proceedings of the 45th Annual Southeast Regional Conference, pp. 321–326 (2007)
Littman, M.L.: Markov games as a framework for multi-agent reinforcement learning. In: Machine Learning Proceedings 1994, pp. 157–163. Elsevier (1994)
Lallie, H.S., Debattista, K., Bal, J.: A review of attack graph and attack tree visual syntax in cyber security. Comput. Sci. Rev. 35, 100219 (2020)
Ou, X., Boyer, W.F., McQueen, M.A.: A scalable approach to attack graph generation. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 336–345 (2006)
Schlenker, A., Thakoor, O., Xu, H., Fang, F., Tambe, M., Vayanos, P.: Game theoretic cyber deception to foil adversarial network reconnaissance. In: Jajodia, S., Cybenko, G., Subrahmanian, V.S., Swarup, V., Wang, C., Wellman, M. (eds.) Adaptive Autonomous Secure Cyber Systems, pp. 183–204. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-33432-1_9
Fraser, N.M., Hipel, K.W.: Conflict Analysis: Models and Resolutions. North-Holland (1984)
Wan, Z., Cho, J.-H., Zhu, M., Anwar, A.H., Kamhoua, C., Singh, M.P.: Foureye: defensive deception against advanced persistent threats via hypergame theory. IEEE Trans. Netw. Serv. Manag. 19(1), 112–129 (2021)
Sayed, M.A., Anwar, A.H., Kiekintveld, C., Bosansky, B., Kamhoua, C.: Cyber deception against zero-day attacks: a game theoretic approach. In: Fang, F., Xu, H., Hayel, Y. (eds.) GameSec 2022. LNCS, vol. 13727, pp. 44–63. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-26369-9_3
Zhu, M., Anwar, A.H., Wan, Z., Cho, J.-H., Kamhoua, C.A., Singh, M.P.: A survey of defensive deception: approaches using game theory and machine learning. IEEE Commun. Surv. Tutor. 23(4), 2460–2493 (2021)
Mahmud, S., et al.: Machine learning approaches for predicting suicidal behaviors among university students in Bangladesh during the COVID-19 pandemic: a cross-sectional study. Medicine 102(28), e34285 (2023)
Raju, M.A., Mia, M.S., Sayed, M.A., Uddin, M.R.: Predicting the outcome of English premier league matches using machine learning. In: 2020 2nd International Conference on Sustainable Technologies for Industry 4.0 (STI), pp. 1–6. IEEE (2020)
Lu, Z., Wang, C., Zhao, S.: Cyber deception for computer and network security: survey and challenges. ar**v preprint ar**v:2007.14497 (2020)
Chiang, C.-Y.J., et al.: On defensive cyber deception: a case study using SDN. In: MILCOM 2018–2018 IEEE Military Communications Conference (MILCOM), pp. 110–115. IEEE (2018)
Urias, V.E., Stout, W.M.S., Lin, H.W.: Gathering threat intelligence through computer network deception. In: 2016 IEEE Symposium on Technologies for Homeland Security (HST), pp. 1–6. IEEE (2016)
Sayed, M.A., Rahman, M.M., Zaber, M.I., Ali, A.A.: Understanding Dhaka city traffic intensity and traffic expansion using gravity model. In: 2017 20th International Conference of Computer and Information Technology (ICCIT), pp. 1–6. IEEE (2017)
Pirozmand, P., Guowei, W., Jedari, B., **a, F.: Human mobility in opportunistic networks: characteristics, models and prediction methods. J. Netw. Comput. Appl. 42, 45–58 (2014)
Abdulla, M., Simon, R.: Characteristics of common mobility models for opportunistic networks. In: Proceedings of the 2nd ACM Workshop on Performance Monitoring and Measurement of Heterogeneous Wireless and Wired Networks, pp. 105–109 (2007)
**uwen, F., Li, W., Yang, Y.: Exploring the impact of node mobility on cascading failures in spatial networks. Inf. Sci. 576, 140–156 (2021)
**a, Y., Yeo, C.K.: Mitigating the impact of node mobility using mobile backbone for heterogeneous MANETs. Comput. Commun. 35(10), 1217–1230 (2012)
Lin, Y., Wang, X., Zhang, L., Li, P., Zhang, D., Liu, S.: The impact of node velocity diversity on mobile opportunistic network performance. J. Netw. Comput. Appl. 55, 47–58 (2015)
Pala, Z., Bicakci, K., Turk, M.: Effects of node mobility on energy balancing in wireless networks. Comput. Electr. Eng. 41, 314–324 (2015)
Urias, V.E., Stout, W.M.S., Luc-Watson, J., Grim, C., Liebrock, L., Merza, M.: Technologies to enable cyber deception. In: 2017 International Carnahan Conference on Security Technology (ICCST), pp. 1–6. IEEE (2017)
Miehling, E., Rasouli, M., Teneketzis, D.: Optimal defense policies for partially observable spreading processes on Bayesian attack graphs. In: Proceedings of the Second ACM Workshop on Moving Target Defense, pp. 67–76 (2015)
Başar, T., Olsder, G.J.: Dynamic Noncooperative Game Theory. SIAM (1998)
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Sayed, M.A., Anwar, A.H., Kiekintveld, C., Kamhoua, C. (2023). Honeypot Allocation for Cyber Deception in Dynamic Tactical Networks: A Game Theoretic Approach. In: Fu, J., Kroupa, T., Hayel, Y. (eds) Decision and Game Theory for Security. GameSec 2023. Lecture Notes in Computer Science, vol 14167. Springer, Cham. https://doi.org/10.1007/978-3-031-50670-3_10
Download citation
DOI: https://doi.org/10.1007/978-3-031-50670-3_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-50669-7
Online ISBN: 978-3-031-50670-3
eBook Packages: Computer ScienceComputer Science (R0)