Skip to main content
SpringerLink
Log in

Honeypot Type Selection Games for Smart Grid Networks

  • Conference paper
  • First Online:
Decision and Game Theory for Security (GameSec 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11836))

Included in the following conference series:

Abstract

In this paper, we define a cyber deception game between the Advanced Metering Infrastructure (AMI) network administrator (henceforth, defender) and attacker. The defender decides to install between a low-interaction honeypot, high-interaction honeypot, and a real system with no honeypot. The attacker decides on whether or not to attack the system given her belief about the type of device she is facing. We model this interaction as a Bayesian game with complete but imperfect information. The choice of honeypot type is private information and characterizes the essence and objective of the defender i.e., the degree of deception and amount of threat intelligence. We study the players’ equilibrium strategies and provide numerical illustrations. The work presented in this paper has been motivated by the H2020 SPEAR project which investigates the implementation of honeypots in smart grid infrastructures to: (i) contribute towards creating attack data sets for training a SIEM (Security Information and Event Management) and (ii) to support post-incident forensics analysis by having recorded a collection of evidence regarding an attacker’s actions.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Li, X., Liang, X., Lu, R., Shen, X., Lin, X., Zhu, H.: Securing smart grid: cyber attacks, countermeasures, and challenges. IEEE Commun. Mag. 50(8), 38–45 (2012)

    Article  Google Scholar 

  2. Petrovic, T., Echigo, K., Morikawa, H.: Detecting presence from a WiFi router’s electric power consumption by machine learning. IEEE Access 6, 9679–9689 (2018)

    Article  Google Scholar 

  3. Barnum, S.: Standardizing cyber threat intelligence information with the structured threat information expression (STIX). Mitre Corp. 11, 1–22 (2012)

    Google Scholar 

  4. Pawlick, J., Colbert, E., Zhu, Q.: A game-theoretic taxonomy and survey of defensive deception for cybersecurity and privacy. arXiv preprint arXiv:1712.05441 (2017)

  5. Jicha, A., Patton, M., Chen, H.: SCADA honeypots: an in-depth analysis of Conpot. In: 2016 IEEE Conference on Intelligence and Security Informatics (ISI), pp. 196–198. IEEE (2016)

    Google Scholar 

  6. Mairh, A., Barik, D., Verma, K., Jena, D.: Honeypot in network security: a survey. In: Proceedings of the 2011 International Conference on Communication, Computing and Security, pp. 600–605. ACM (2011)

    Google Scholar 

  7. Nawrocki, M., Wählisch, M., Schmidt, T.C., Keil, C., Schönfelder, J.: A survey on honeypot software and data analysis. arXiv preprint arXiv:1608.06249 (2016)

  8. La, Q.D., Quek, T.Q., Lee, J., Jin, S., Zhu, H.: Deceptive attack and defense game in honeypot-enabled networks for the internet of things. IEEE Internet Things J. 3(6), 1025–1035 (2016)

    Article  Google Scholar 

  9. Williamson, S.A., Varakantham, P., Hui, O.C., Gao, D.: Active malware analysis using stochastic games. In: Proceedings of the 11th International Conference on Autonomous Agents and Multiagent Systems, vol. 1, pp. 29–36. International Foundation for Autonomous Agents and Multiagent Systems (2012)

    Google Scholar 

  10. Wagener, G., State, R., Dulaunoy, A., Engel, T.: Self adaptive high interaction honeypots driven by game theory. In: Guerraoui, R., Petit, F. (eds.) SSS 2009. LNCS, vol. 5873, pp. 741–755. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-05118-0_51

    Chapter  Google Scholar 

  11. Rowe, N.C., Custy, E.J., Duong, B.T.: Defending cyberspace with fake honeypots. JCP 2(2), 25–36 (2007)

    Google Scholar 

  12. Píbil, R., Lisý, V., Kiekintveld, C., Bošanský, B., Pěchouček, M.: Game theoretic model of strategic honeypot selection in computer networks. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 201–220. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34266-0_12

    Chapter  MATH  Google Scholar 

  13. Garg, N., Grosu, D.: Deception in honeynets: a game-theoretic analysis. In: 2007 IEEE SMC Information Assurance and Security Workshop, pp. 107–113. IEEE (2007)

    Google Scholar 

  14. Çeker, H., Zhuang, J., Upadhyaya, S., La, Q.D., Soong, B.-H.: Deception-based game theoretical approach to mitigate DoS attacks. In: Zhu, Q., Alpcan, T., Panaousis, E., Tambe, M., Casey, W. (eds.) GameSec 2016. LNCS, vol. 9996, pp. 18–38. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-47413-7_2

    Chapter  MATH  Google Scholar 

  15. Wang, K., Du, M., Maharjan, S., Sun, Y.: Strategic honeypot game model for distributed denial of service attacks in the smart grid. IEEE Trans. Smart Grid 8(5), 2474–2482 (2017)

    Article  Google Scholar 

  16. Wagener, G., State, R., Engel, T., Dulaunoy, A.: Adaptive and self-configurable honeypots. In: 12th IFIP/IEEE International Symposium on Integrated Network Management (IM 2011) and Workshops, pp. 345–352. IEEE (2011)

    Google Scholar 

  17. Hayatle, O., Otrok, H., Youssef, A.: A game theoretic investigation for high interaction honeypots. In: 2012 IEEE International Conference on Communications (ICC), pp. 6662–6667. IEEE (2012)

    Google Scholar 

  18. Carroll, T.E., Grosu, D.: A game theoretic investigation of deception in network security. Secur. Commun. Netw. 4(10), 1162–1172 (2011)

    Article  Google Scholar 

  19. Pawlick, J., Zhu, Q.: Deception by design: evidence-based signaling games for network defense. arXiv preprint arXiv:1503.05458 (2015)

  20. Li, H., Yang, X., Qu, L.: On the offense and defense game in the network honeypot. In: Lee, G. (ed.) Advances in Automation and Robotics, Vol. 2. LNEE, vol. 123, pp. 239–246. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25646-2_33

    Chapter  Google Scholar 

  21. Li, Y., Shi, L., Feng, H.: A game-theoretic analysis for distributed honeypots. Future Internet 11(3), 65 (2019)

    Article  Google Scholar 

  22. Mokube, I., Adams, M.: Honeypots: concepts, approaches, and challenges. In: Proceedings of the 45th Annual Southeast Regional Conference, pp. 321–326. ACM (2007)

    Google Scholar 

  23. Jasek, R., Kolarik, M., Vymola, T.: APT detection system using honeypots. In: Proceedings of the 13th International Conference on Applied Informatics and Communications (AIC 2013), pp. 25–29. WSEAS Press (2013)

    Google Scholar 

  24. Weiler, N.: Honeypots for distributed denial-of-service attacks. In: Proceedings. Eleventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, pp. 109–114. IEEE (2002)

    Google Scholar 

  25. Kelly, G., Gan, D.: Analysis of attacks using a honeypot. In: International Cybercrime, Security and Digital Forensics Conference (2011)

    Google Scholar 

  26. Fudenberg, D., Tirole, J.: Perfect Bayesian equilibrium and sequential equilibrium. J. Econ. Theory 53(2), 236–260 (1991)

    Article  MathSciNet  Google Scholar 

  27. Gibbons, R.: A Primer in Game Theory. Harvester Wheatsheaf, New York (1992)

    MATH  Google Scholar 

Download references

Acknowledgement

We thank the anonymous reviewers for their comments.

Nadia Boumkheld and Emmanouil Panaousis are supported by the H2020 SPEAR grant agreement, no 787011.

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Surrey, Guildford, UK

    Nadia Boumkheld, Sakshyam Panda & Emmanouil Panaousis

  2. Institute of Applied Informatics, Universität Klagenfurt, Klagenfurt, Austria

    Stefan Rass

Authors
  1. Nadia Boumkheld
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sakshyam Panda
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Stefan Rass
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Emmanouil Panaousis
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Emmanouil Panaousis .

Editor information

Editors and Affiliations

  1. University of Melbourne, Melbourne, VIC, Australia

    Tansu Alpcan

  2. Washington University in St. Louis, St. Louis, MO, USA

    Yevgeniy Vorobeychik

  3. University of Maryland, College Park, College Park, MD, USA

    John S. Baras

  4. KTH Royal Institute of Technology, Stockholm, Sweden

    György Dán

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Boumkheld, N., Panda, S., Rass, S., Panaousis, E. (2019). Honeypot Type Selection Games for Smart Grid Networks. In: Alpcan, T., Vorobeychik, Y., Baras, J., Dán, G. (eds) Decision and Game Theory for Security. GameSec 2019. Lecture Notes in Computer Science(), vol 11836. Springer, Cham. https://doi.org/10.1007/978-3-030-32430-8_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-32430-8_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-32429-2

  • Online ISBN: 978-3-030-32430-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation