[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to main content
Springer Nature Link
Log in

Self Adaptive High Interaction Honeypots Driven by Game Theory

  • Conference paper
Stabilization, Safety, and Security of Distributed Systems (SSS 2009)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 5873))

Included in the following conference series:

Abstract

High-interaction honeypots are relevant to provide rich and useful information obtained from attackers. Honeypots come in different flavors with respect to their interaction potential. A honeypot can be very restrictive, but then only a few interactions can be observed. If a honeypot is very tolerant though, attackers can quickly achieve their goal. Having the best trade-off between attacker freedom and honeypot restrictions is challenging. In this paper, we address the issue of self adaptive honeypots, that can change their behavior and lure attackers into revealing as much information as possible about themselves. The key idea is to leverage game-theoretic concepts for the configuration and reciprocal actions of high-interaction honeypots.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
£29.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
GBP 19.95
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
GBP 71.50
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
GBP 89.99
Price includes VAT (United Kingdom)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Cheswick, B.: An evening with Berferd in which a cracker is lured, endured, and studied. In: Proc. Winter USENIX Conference, pp. 163–174 (1992)

    Google Scholar 

  2. Spitzner, L.: Honeypots: Tracking Hackers. Addison-Wesley Longman Publishing Co., Inc., Boston (2002)

    Google Scholar 

  3. Ramsbrock, D., Berthier, R., Cukier, M.: Profiling attacker behavior following SSH compromises. In: DSN 2007: Proceedings of the 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, Washington, DC, USA, pp. 119–124. IEEE Computer Society, Los Alamitos (2007)

    Chapter  Google Scholar 

  4. Alata, E., Nicomette, V., Kaaniche, M., Dacier, M., Herrb, M.: Lessons learned from the deployment of a high-interaction honeypot. In: Sixth European Dependable Computing Conference, EDCC 2006, pp. 39–46 (2006)

    Google Scholar 

  5. Vidal, E., Thollard, F., de la Higuera, C., Casacuberta, F., Carrasco, R.: Probabilistic finite-state machines-part I. IEEE Trans. Pattern Anal. Mach. Intell. 27(7), 1013–1025 (2005)

    Article  Google Scholar 

  6. Mitchell, M., Samuel, A.: Advanced Linux Programming. New Riders Publishing, Thousand Oaks (2001)

    Google Scholar 

  7. Love, R.: Linux Kernel Development, 2nd edn. Novell Press (2005)

    Google Scholar 

  8. Provos, N., Friedl, M., Honeyman, P.: Preventing privilege escalation. In: SSYM 2003: Proceedings of the 12th conference on USENIX Security Symposium, Berkeley, CA, USA, p. 16. USENIX Association (2003)

    Google Scholar 

  9. Greenwald, A.: Matrix games and nash equilibrium, Lecture (2007)

    Google Scholar 

  10. McCarty, B.: The honeynet arms race. IEEE Security and Privacy 1(6), 79–82 (2003)

    Article  Google Scholar 

  11. Bellard, F.: Qemu, a fast and portable dynamic translator. In: ATEC 2005: Proceedings of the annual conference on USENIX Annual Technical Conference, Berkeley, CA, USA, p. 41–46. USENIX Association (2005)

    Google Scholar 

  12. Newham, C., Vossen, J., Albing, C., Vossen, J.: Bash Cookbook: Solutions and Examples for Bash Users. O’Reilly Media, Inc., Sebastopol (2007)

    Google Scholar 

  13. Turocy, T.: Gambit (2007), http://gambit.sourceforge.net/

  14. Dinaburg, A., Royal, P., Sharif, M., Lee, W.: Ether: malware analysis via hardware virtualization extensions. In: CCS 2008: Proceedings of the 15th ACM conference on Computer and communications security, pp. 51–62. ACM, New York (2008)

    Chapter  Google Scholar 

  15. Garg, N., Grosu, D.: Deception in honeynets: A game-theoretic analysis. In: Information Assurance and Security Workshop, 2007. IAW 2007. IEEE SMC, pp. 107–113 (2007)

    Google Scholar 

  16. Bistarelli, S., Dall’Aglio, M., Peretti, P.: Strategic games on defense trees. In: Dimitrakos, T., Martinelli, F., Ryan, P.Y.A., Schneider, S. (eds.) FAST 2006. LNCS, vol. 4691, pp. 1–15. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  17. Sallhammar, K., Helvik, B.E., Knapskog, S.J.: A framework for predicting security and dependability measures in real-time. International Journal of Computer Science and Network Security 7(3) (2007)

    Google Scholar 

  18. Lye, K.W., Wing, J.M.: Game strategies in network security. International Journal of Information Security 4(1), 71–86 (2005)

    Article  Google Scholar 

  19. Nagaraja, S., Anderson, R.: The topology of covert conflict. Technical report, University of Cambridge (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Luxembourg,  

    Gérard Wagener, Radu State & Thomas Engel

  2. SES S.A.,  

    Gérard Wagener & Alexandre Dulaunoy

Authors
  1. Gérard Wagener
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Radu State
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Alexandre Dulaunoy
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Thomas Engel
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Ecole Polytechnique Fédérale de Lausanne, CH 1015, Lausanne, Switzerland

    Rachid Guerraoui

  2. LIP, ENS Lyon, 46 allée d’Italie, 69236, Lyon cedex 07, France

    Franck Petit

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Wagener, G., State, R., Dulaunoy, A., Engel, T. (2009). Self Adaptive High Interaction Honeypots Driven by Game Theory. In: Guerraoui, R., Petit, F. (eds) Stabilization, Safety, and Security of Distributed Systems. SSS 2009. Lecture Notes in Computer Science, vol 5873. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-05118-0_51

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-05118-0_51

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-05117-3

  • Online ISBN: 978-3-642-05118-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation