Proceedings of the
The Nineteenth International Conference on Computational Intelligence and Security (CIS 2023)
December 1 – 4, 2023, Haikou, China
A Honeypot Deception Game Based on Vulnerability Signal Release
1Guangzhou Institue of Technology, Xidian University, China.
2National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences, China.
ABSTRACT
In a system environment with asymmetric attack and defense, honeypot deception techniques provide effective solutions for network administrators. In this paper, we propose a network deception scheme that combines honeypot and vulnerability signal release with the aim of misleading attackers to manipulate them to change their initial decision scheme. We construct a network attack and defense scenario based on the signaling game, where the defender decides whether to release the vulnerability signal based on the initial state of the node, and the attacker decides whether to attack based on the detected vulnerability information, and we analyze the PBNE of the model under different parameter conditions. In addition, we propose a method to measure the reward, loss and cost parameters in a quantitative way, which contains several core metrics that can provide guidance for the utility representation of the game parties. We simulate this game process in an experimental platform under a real scenario and provide network administrators with optimal defense strategies from an equilibrium point of view under different θ a priori conditions.
Keywords: Network deception, Honeypot, Vulnerability signal, Gaming, Modeling, Equilibrium.
Download PDF
1Guangzhou Institue of Technology, Xidian University, China.
2National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences, China.
ABSTRACT
In a system environment with asymmetric attack and defense, honeypot deception techniques provide effective solutions for network administrators. In this paper, we propose a network deception scheme that combines honeypot and vulnerability signal release with the aim of misleading attackers to manipulate them to change their initial decision scheme. We construct a network attack and defense scenario based on the signaling game, where the defender decides whether to release the vulnerability signal based on the initial state of the node, and the attacker decides whether to attack based on the detected vulnerability information, and we analyze the PBNE of the model under different parameter conditions. In addition, we propose a method to measure the reward, loss and cost parameters in a quantitative way, which contains several core metrics that can provide guidance for the utility representation of the game parties. We simulate this game process in an experimental platform under a real scenario and provide network administrators with optimal defense strategies from an equilibrium point of view under different θ a priori conditions.
Keywords: Network deception, Honeypot, Vulnerability signal, Gaming, Modeling, Equilibrium.
Download PDF