[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to main content

Game Theoretic Model of Strategic Honeypot Selection in Computer Networks

  • Conference paper
Decision and Game Theory for Security (GameSec 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7638))

Included in the following conference series:

Abstract

A honeypot is a decoy computer system used in network security to waste the time and resources of attackers and to analyze their behaviors. While there has been significant research on how to design honeypot systems, less is known about how to use honeypots strategically in network defense. Based on formal deception games, we develop two game-theoretic models that provide insight into how valuable should honeypots look like to maximize the probability that a rational attacker will attack a honeypot. The first model captures a static situation and the second allows attackers to imperfectly probe some of the systems on the network to determine which ones are likely to be real systems (and not honeypots) before launching an attack. We formally analyze the properties of the optimal strategies in the games and provide linear programs for their computation. Finally, we present the optimal solutions for a set of instances of the games and evaluate their quality in comparison to several baselines.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
£29.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
GBP 19.95
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
GBP 35.99
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
GBP 44.99
Price includes VAT (United Kingdom)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Spitzner, L.: Honeypots: Tracking Hackers. Addison-Wesley Longman Publishing Co., Inc., Boston (2002)

    Google Scholar 

  2. Dornseif, M., Holz, T., Klein, C.N.: NoSEBrEaK - attacking honeynets. In: Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, pp. 123–129 (June 2004)

    Google Scholar 

  3. Garg, N., Grosu, D.: Deception in Honeynets: A Game-Theoretic Analysis. In: IEEE Information Assurance Workshop, pp. 107–113 (2007)

    Google Scholar 

  4. McKelvey, R.D., McLennan, A.M., Turocy, T.L.: Gambit: Software Tools for Game Theory. Technical report, Version 0.2010.09.01 (2010)

    Google Scholar 

  5. Wagener, G., State, R., Dulaunoy, A., Engel, T.: Self Adaptive High Interaction Honeypots Driven by Game Theory. In: Guerraoui, R., Petit, F. (eds.) SSS 2009. LNCS, vol. 5873, pp. 741–755. Springer, Heidelberg (2009), http://dx.doi.org/10.1007/978-3-642-05118-0_51

    Chapter  Google Scholar 

  6. Williamson, S.A., Varakantham, P., Hui, O.C., Gao, D.: Active Malware Analysis Using Stochastic Games. In: Proceedings of AAMAS, pp. 29–36 (2012)

    Google Scholar 

  7. Carroll, T.E., Grosu, D.: A game theoretic investigation of deception in network security. Security and Communication Networks 4(10), 1162–1172 (2011)

    Article  Google Scholar 

  8. Hausken, K., Levitin, G.: Protection vs. false targets in series systems. Reliability Engineering & System Safety 94(5), 973–981 (2009)

    Article  Google Scholar 

  9. Shoham, Y., Leyton-Brown, K.: Multiagent Systems: Algorithmic, Game-Theoretic, and Logical Foundations, pp. 130–144. Cambridge University Press (2009)

    Google Scholar 

  10. Paruchuri, P., Pearce, J., Marecki, J., Tambe, M., Ordonez, F., Kraus, S.: Playing games for security: an efficient exact algorithm for solving Bayesian Stackelberg games. In: Proceedings of AAMAS, pp. 895–902 (2008)

    Google Scholar 

  11. Spencer, J.: A deception game. American Mathematical Monthly, 416–417 (1973)

    Google Scholar 

  12. Lee, K.: On a deception game with three boxes. Int. Jour. of Game Theory 22(2), 89–95 (1993)

    Article  MATH  Google Scholar 

  13. Cohen, F.: A Mathematical Structure of Simple Defensive Network Deception. Computers & Security 19(6), 520–528 (2000)

    Article  Google Scholar 

  14. von Stengel, B.: Efficient Computation of Behavior Strategies. Games and Economic Behavior 14(2), 220–246 (1996)

    Article  MathSciNet  MATH  Google Scholar 

  15. Koller, D., Megiddo, N., von Stengel, B.: Efficient Computation of Equilibria for Extensive Two-Person Games. Games and Economic Behavior 14(2), 247–259 (1996)

    Article  MathSciNet  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Píbil, R., Lisý, V., Kiekintveld, C., Bošanský, B., Pěchouček, M. (2012). Game Theoretic Model of Strategic Honeypot Selection in Computer Networks. In: Grossklags, J., Walrand, J. (eds) Decision and Game Theory for Security. GameSec 2012. Lecture Notes in Computer Science, vol 7638. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34266-0_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-34266-0_12

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-34265-3

  • Online ISBN: 978-3-642-34266-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics