Honeypot Allocation for Cyber Deception in Dynamic Tactical Networks: A Game Theoretic Approach

TL;DR

This paper introduces a game-theoretic model for optimal honeypot placement in dynamic tactical networks, considering network mobility and attacker preferences to improve cybersecurity deception strategies.

Contribution

It presents a novel two-player dynamic game model that accounts for network changes and proposes an iterative algorithm to find Nash equilibria for honeypot allocation.

Findings

The model effectively increases attacker hit rates on honeypots.

The approach adapts to network topology changes.

Numerical simulations validate improved security performance.

Abstract

Honeypots play a crucial role in implementing various cyber deception techniques as they possess the capability to divert attackers away from valuable assets. Careful strategic placement of honeypots in networks should consider not only network aspects but also attackers' preferences. The allocation of honeypots in tactical networks under network mobility is of great interest. To achieve this objective, we present a game-theoretic approach that generates optimal honeypot allocation strategies within an attack/defense scenario. Our proposed approach takes into consideration the changes in network connectivity. In particular, we introduce a two-player dynamic game model that explicitly incorporates the future state evolution resulting from changes in network connectivity. The defender's objective is twofold: to maximize the likelihood of the attacker hitting a honeypot and to minimize the cost associated with deception and reconfiguration due to changes in network topology. We present an iterative algorithm to find Nash equilibrium strategies and analyze the scalability of the algorithm. Finally, we validate our approach and present numerical results based on simulations, demonstrating that our game model successfully enhances network security. Additionally, we have proposed additional enhancements to improve the scalability of the proposed approach.