Honeypots have been widely used in the security community to understand the cyber threat landscape, for example to study unauthorized penetration attempts targeting industrial cyber-physical systems (ICPS) and observing the behaviors in such activities. However, some better-resourced cyber attackers may attempt to identify honeypots and develop strategies to compromise them, aka anti-honeypot. In this paper, we present an anti-honeypot enabled optimal attack strategy for ICPS, by employing a novel game-theoretical approach. Specifically, the interactions between the attacker and ICPS defender are captured with a proposed hybrid signaling and repeated game, i.e., a non-cooperative two-player one-shot game with incomplete information. By taking into account both various possible defenses of an ICPS and diverse offensive acts of attackers, a Nash equilibrium is derived, which exhibits an optimal attack strategy for attackers with varying technical sophistication. Extensive simulation experiments on multiple test cases demonstrate that, the derived strategy offers the attackers an optimal tactic to compromise the target ICPS protected by honeypots, while having only incomplete knowledge of the defensive mechanisms.
CITATION STYLE
Li, B., Xiao, Y., Shi, Y., Kong, Q., Wu, Y., & Bao, H. (2020). Anti-Honeypot Enabled Optimal Attack Strategy for Industrial Cyber-Physical Systems. IEEE Open Journal of the Computer Society, 1, 250–261. https://doi.org/10.1109/OJCS.2020.3030825
Mendeley helps you to discover research relevant for your work.