Computer Science

Computer Science ›› 2021, Vol. 48 ›› Issue (10): 294-300.doi: 10.11896/jsjkx.210500071

• Information Security • Previous Articles     Next Articles

Multi-stage Game Based Dynamic Deployment Mechanism of Virtualized Honeypots

GAO Ya-zhuo, LIU Ya-qun, ZHANG Guo-min, XING Chang-you, WANG Xiu-lei   

  1. College of Command & Control Engineering,Army Engineering University of PLA,Nanjing 210007,China
  • Received:2021-05-12 Revised:2021-08-12 Online:2021-10-15 Published:2021-10-18
  • About author:GAO Ya-zhuo,born in 1998,master's degree.Her main research interests include cyberspace security,and so on.
    XING Chang-you,born in 1982,Ph.D,associate professor.His main research interests include software defined network,network measurement.
  • Supported by:
    Natural Science Foundation of China(61379149,61772271) and Natural Science Foundation of Jiangsu Province(SBK2020043435).

PDF (PC)

792

Abstract: As an important deception defense method,honeypot is of great significance to enhance the network active defense capability.However,most of the existing honeypots adopt the static deployment method,which is difficult to deal with the strategic attacks effectively.Therefore,by combining the complete information static game with Markov decision process,we propose a multi-stage stochastic game based dynamic deployment mechanism HoneyVDep.By taking the resource constrained maximum comprehensive gain of the defensive side as the goal,HoneyVDep establishes a multi-stage random game based honeypot deployment optimization model.Besides,we also implement a Q_Learning based solution algorithm,which can deal with the attacker's strategic detection attack behavior quickly.Finally,based on software defined network and virtualization containers,we implement an extensible prototype system.The experimental results show that HoneyVDep can effectively generate honeypot deployment strategy according to the characteristics of the attacker's attack behavior,improve the trapping rate of the attackers,and reduce the deployment cost.

Key words: Container, Deep reinforcement learning, Multi stage game, Software defined network, Virtual honeypot

CLC Number: 

  • TP393.00
[1]STOLL C.The cuckoo's egg:Tracking a spy through the maze of computer espionage [M].London:The Bodley Head Ltd,1989.
[2]SHI L,LI Y,MA M.Latest Research Progress of HonepotTechnolog[J].Journal of Electronics & Information Technology,2019,41(2):498-508.
[3]SPITZNER L.Honeypots:Tracking hackers [M].Addison-Wesley Reading,2003.
[4]KAMEL N E,EDDABBAH M,LMOUMEN Y,et al.A smart agent design for cyber security based on honeypot and machine learning[J].Security and Communication Networks,2020,9(8):1-9.
[5]WAGENER G,STATE R,DULAUNOY A,et al.Heliza:Tal-king dirty to the attackers[J].Journal in Computer Virology,2011,7:221-232.
[6]PAUNA A,IACOB A C,BICA I.Qrassh-a self-adaptive ssh honeypot driven by q-learning[C]//2018 International Conference on Communications (COMM).2018:441-446.
[7]HUANG L,ZHU Q.Adaptive Honeypot Engagement Through Reinforcement Learning of Semi-Markov Decision Processes[C]//Decision and Game Theory for Security(GameSec 2019).2019:196-216.
[8]BOUMKHELD N,PANDA S,RASS S,et al.Honeypot type selection games for smart grid networks[C]//Conference on Decision & Game Theory for Security.Vienna,Austria:Springer International Publishing,2019:85-96.
[9]SARR A B,ANWAR A H,KAMHOUA C,et al.Software diversity for cyber deception[C]//IEEE Global Communications Conference.2020:1-6.
[10]ATTIAH A,CHATTERJEE M,ZOU C C.A game theoretic approach to model cyber attack and defense strategies[C]//2018 IEEE International Conference on Communications (ICC).2018:1-7.
[11]ANWAR A H,KAMHOUA C A,LESLIE N.Honeypot allocation over attack graphs in cyber deception games[C]//ICNC,USA.IEEE,2020.
[12]FILAR J,VRIEZE K.Competitive markov decision processes[M].Competitive Markov Decision Processes,1996.
[13]ZHANG H,YANG J,ZHANG C.Defense decision-makingmethod based on incomplete information stochastic game and Q-learning[J].Journal on Cmmunications,2018,39(8):56-68.
[14]WATKINS C J C H,DAYAN P.Technical note:Q-learning[J].Machine Learning,1992,8(3/4):279-292.
[15]SOLTESZ S,PÖTZL H,FIUCZYNSKI M E,et al.Container-based operating system virtualization:A scalable,high-perfor-mance alternative to hypervisors[J].ACM SIGOPS Operating Systems Review,2007,41:275-287.
[16]MERKEL D.Docker:Lightweight linux containers for consis-tent development and deployment[J].Linux Journal,2014.https://dl.acm.org/doi/10.5555/2600239.2600241.
[17]NICK F,JENNIFER R,ELLEN Z.The road to SDN:An intel-lectual history of programmable networks [C]//ACM SIGCOMM Computer Communication Review.2014:87-98.
[18]ZHANG W,ZHANG B,ZHOU Y,et al.An iot honeynet based on multiport honeypots for capturing iot attacks[J].IEEE Internet of Things Journal,2020,7(5):3991-3999.
[19]WANG J,YANG H,FAN C.A SDN Dynamic Honeypot with Multi-phase Attack Response[J].Netinfo Security,2021,21(1):27-40.
[20]FAN W,DU Z,SMITH-CREASEY M,et al.Honeydoc:An efficient honeypot architecture enabling all-round design[J].IEEE Journal on Selected Areas in Communications,2019,37(3):683-697.
[21]XING J,YANG M,ZHOU H,et al.Hiding and trapping:A deceptive approach for defending against network reconnaissance with software-defined network[C]//2019 IEEE 38th International Performance Computing and Communications Conference (IPCCC).London,United Kingdom:IEEE,2019:1-8.
[22]GUTIERREZ M,KIEKINTVELD C.Online learning methodsfor controlling dynamic cyber deception strategies [C]//Adaptive Autonomous Secure Cyber Systems.2020:231-251.
[1] LENG Dian-dian, DU Peng, CHEN Jian-ting, XIANG Yang. Automated Container Terminal Oriented Travel Time Estimation of AGV [J]. Computer Science, 2022, 49(9): 208-214.
[2] YU Bin, LI Xue-hua, PAN Chun-yu, LI Na. Edge-Cloud Collaborative Resource Allocation Algorithm Based on Deep Reinforcement Learning [J]. Computer Science, 2022, 49(7): 248-253.
[3] LI Meng-fei, MAO Ying-chi, TU Zi-jian, WANG Xuan, XU Shu-fang. Server-reliability Task Offloading Strategy Based on Deep Deterministic Policy Gradient [J]. Computer Science, 2022, 49(7): 271-279.
[4] XIE Wan-cheng, LI Bin, DAI Yue-yue. PPO Based Task Offloading Scheme in Aerial Reconfigurable Intelligent Surface-assisted Edge Computing [J]. Computer Science, 2022, 49(6): 3-11.
[5] HONG Zhi-li, LAI Jun, CAO Lei, CHEN Xi-liang, XU Zhi-xiong. Study on Intelligent Recommendation Method of Dueling Network Reinforcement Learning Based on Regret Exploration [J]. Computer Science, 2022, 49(6): 149-157.
[6] LI Peng, YI Xiu-wen, QI De-kang, DUAN Zhe-wen, LI Tian-rui. Heating Strategy Optimization Method Based on Deep Learning [J]. Computer Science, 2022, 49(4): 263-268.
[7] OUYANG Zhuo, ZHOU Si-yuan, LYU Yong, TAN Guo-ping, ZHANG Yue, XIANG Liang-liang. DRL-based Vehicle Control Strategy for Signal-free Intersections [J]. Computer Science, 2022, 49(3): 46-51.
[8] GENG Hai-jun, WANG Wei, YIN Xia. Single Node Failure Routing Protection Algorithm Based on Hybrid Software Defined Networks [J]. Computer Science, 2022, 49(2): 329-335.
[9] ZHANG Geng-qiang, XIE Jun, YANG Zhang-lin. Accelerating Forwarding Rules Issuance with Fast-Deployed-Segment-Routing(FDSR) in SD-MANET [J]. Computer Science, 2022, 49(2): 377-382.
[10] DAI Shan-shan, LIU Quan. Action Constrained Deep Reinforcement Learning Based Safe Automatic Driving Method [J]. Computer Science, 2021, 48(9): 235-243.
[11] CHENG Zhao-wei, SHEN Hang, WANG Yue, WANG Min, BAI Guang-wei. Deep Reinforcement Learning Based UAV Assisted SVC Video Multicast [J]. Computer Science, 2021, 48(9): 271-277.
[12] ZHOU Shi-cheng, LIU Jing-ju, ZHONG Xiao-feng, LU Can-ju. Intelligent Penetration Testing Path Discovery Based on Deep Reinforcement Learning [J]. Computer Science, 2021, 48(7): 40-46.
[13] LI Bei-bei, SONG Jia-rui, DU Qing-yun, HE Jun-jiang. DRL-IDS:Deep Reinforcement Learning Based Intrusion Detection System for Industrial Internet of Things [J]. Computer Science, 2021, 48(7): 47-54.
[14] LIANG Jun-bin, ZHANG Hai-han, JIANG Chan, WANG Tian-shu. Research Progress of Task Offloading Based on Deep Reinforcement Learning in Mobile Edge Computing [J]. Computer Science, 2021, 48(7): 316-323.
[15] WANG Ying-kai, WANG Qing-shan. Reinforcement Learning Based Energy Allocation Strategy for Multi-access Wireless Communications with Energy Harvesting [J]. Computer Science, 2021, 48(7): 333-339.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.