HoneyCar: A Framework to Configure Honeypot Vulnerabilities on the Internet of Vehicles

The Internet of Vehicles (IoV), whereby interconnected vehicles that communicate with each other and road infrastructure on a common network, has promising socio-economic benefits but also poses new cyber-physical threats. To protect these entities learn about adversaries, data attackers can be realistically gathered using decoy systems like honeypots. Admittedly, honeypots introduces trade-off between the level honeypot-attacker interactions incurred overheads costs for implementing monitoring systems. Deception through achieved by strategically configuring to represent components IoV engage collect cyber threat intelligence. Here, we present HoneyCar, novel decision support framework honeypot deception in IoV. HoneyCar from repository known vulnerabilities autonomous connected found Common Vulnerabilities Exposure (CVE) database compute optimal configuration strategies. adversarial interaction is modelled as repeated imperfect-information zero-sum game where network administrator chooses set offer strategic attacker vulnerability exploit under uncertainty. Our investigation examines two different versions game, without re-configuration cost, empower determine investment strategies given budget. We show feasibility this approach case study consists CVE extracted Vulnerability Scoring System (CVSS).