Game Theoretic Model of Strategic Honeypot Selection in Computer Networks
نویسندگان
چکیده
A honeypot is a decoy computer system used in network security to waste the time and resources of attackers and to analyze their behaviors. While there has been significant research on how to design honeypot systems, less is known about how to use honeypots strategically in network defense. Based on formal deception games, we develop two game-theoretic models that provide insight into how valuable should honeypots look like to maximize the probability that a rational attacker will attack a honeypot. The first model captures a static situation and the second allows attackers to imperfectly probe some of the systems on the network to determine which ones are likely to be real systems (and not honeypots) before launching an attack. We formally analyze the properties of the optimal strategies in the games and provide linear programs for their computation. Finally, we present the optimal solutions for a set of instances of the games and evaluate their quality in comparison to several baselines.
منابع مشابه
Game-Theoretic Foundations for the Strategic Use of Honeypots in Network Security
An important element in the mathematical and scientific foundations for security is modeling the strategic use of deception and information manipulation. We argue that game theory provides an important theoretical framework for reasoning about information manipulation in adversarial settings, including deception and randomization strategies. In addition, game theory has practical uses in determ...
متن کاملCombination of real options and game-theoretic approach in investment analysis
Investments in technology create a large amount of capital investments by major companies. Assessing such investment projects is identified as critical to the efficient assignment of resources. Viewing investment projects as real options, this paper expands a method for assessing technology investment decisions in the linkage existence of uncertainty and competition. It combines the game-theore...
متن کاملAn Advanced Hybrid Honeypot for Providing Effective Resistance in Automatic Network Generation
Increasing usage of Internet and computer networks by individuals and organizations and also attackers’ usage of new methods and tools in an attempt to endanger network security, have led to the emergence of a wide range of threats to networks. A honeypot is one of the basic techniques employed for network security improvement. It is basically designed to be attacked so as to get the attackers’...
متن کاملModeling Cooperation between Nodes in Wireless Networks by APD Game
Cooperation is the foundation of many protocols in wireless networks. Without cooperation, the performance of a network significantly decreases. Hence, all nodes in traditional networks are required to cooperate with each other. In this paper, instead of traditional networks, a network of rational and autonomous nodes is considered, which means that each node itself can decide whe...
متن کاملModeling Cooperation between Nodes in Wireless Networks by APD Game
Cooperation is the foundation of many protocols in wireless networks. Without cooperation, the performance of a network significantly decreases. Hence, all nodes in traditional networks are required to cooperate with each other. In this paper, instead of traditional networks, a network of rational and autonomous nodes is considered, which means that each node itself can decide whe...
متن کامل