1. Honeypot Detection Strategy Against Advanced Persistent Threats in Industrial Internet of Things: A Prospect Theoretic Game
- Author
-
Zhu Han, Guangjie Liu, Xiaopeng Ji, Yuewei Dai, Miao Du, and Wen Tian
- Subjects
Honeypot ,Computer Networks and Communications ,Computer science ,Process (engineering) ,media_common.quotation_subject ,Computer security ,computer.software_genre ,Bounded rationality ,Computer Science Applications ,Core (game theory) ,Hardware and Architecture ,Prospect theory ,Bellman equation ,Bounded function ,Signal Processing ,Function (engineering) ,computer ,Information Systems ,media_common - Abstract
Software-defined networking (SDN) has become a promising trend for managing the industrial Internet of Things (IIoT) devices. As the core of sensitive data storage and business interaction, the SDN is vulnerable to advanced persistent threats (APT) attacks, while honeypots have shown great promise against APT attacks. In this paper, we propose a new SDN-based dynamic bounded rational honeypot-APT game model in IIoT. Specifically, the defender maximizes the utility by chossing the period strategy of honeypot collecting and analyzing the data, while the attacker maximizes utility by choosing the period strategy of its latency and attack. To describe the bounded rationality, we model the simultaneous dynamic attack and defense process through the prospect theory, in which the Prelec function and the value function are both introduced. Experiment results show that bounded rationality affects strategy selection and reduces defender and attacker’s utilities. Furthermore, our strategy outperforms the existing work in defensive performance.
- Published
- 2021