Strategic Cyber Camouflage

Kiekintveld, Christopher; Lászka, Áron; Miah, Mohammad Sujan; Roy, Shanto; Sharmin, Nazia

doi:10.1007/978-3-031-29269-9_9

Cited by 2 publications

(1 citation statement)

References 40 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In many ways, cyber deception shares similarities with non-cyber deception, encompassing comparable philosophical and psychological characteristics. Proactive measures can be employed to capture the attackers and closely monitor their actions (Kiekintveld et al 2023). Honeypots play a vital role in this process, acting as simulated entities within the system or network to deceive the attacker.…”

Section: Introductionmentioning

confidence: 99%

Strategic Honeypot Allocation in Dynamic Networks: A Game-Theoretic Approach for Enhanced Cybersecurity

Sayed,

Hemida,

Kiekintveld

et al. 2024

Preprint

Self Cite

View full text Add to dashboard Cite

Honeypots play a crucial role in implementing various cyber deception techniques as they can mislead attackers and divert them away from valuable assets. The topology of tactical networks changes over time due to the topographical environment and node mobility. An impactful strategic placement of honeypots in tactical networks should essentially consider not only network aspects but also attackers' preferences. To this end, we propose a game-theoretic approach that models an attack-defense scenario and develops an optimal honeypot allocation strategy for the defender. Our approach takes into consideration the changes in network connectivity and the specific features and criticality of different nodes. In particular, we introduce a two-player dynamic game model that explicitly incorporates the future state evolution resulting from changes in connectivity. The defender's objective is twofold: to maximize the likelihood of the attacker hitting a honeypot and to minimize the cost associated with deception in terms of the reconfiguration cost of honeypot re-allocation due to mobility. We present an iterative algorithm to find Nash equilibrium strategies. Unfortunately, this class of games suffers from the curse of dimensionality due to the size of the large state space. Therefore, we evaluate the scalability of our algorithm and provide a compact state space that shows a significant reduction in terms of runtime. Finally, we relax the assumption that the defender has full up-to-date knowledge of the network topology. We present a sensitivity-analysis-based approach to quantify the impact of imperfect information in terms of the defender reward. We validate our approach numerically via extensive simulations, demonstrating that our game model successfully enhances network security and is more scalable.

show abstract

Section: Introductionmentioning

confidence: 99%