IEEE Open Journal of the Computer Society (Jan 2020)

Anti-Honeypot Enabled Optimal Attack Strategy for Industrial Cyber-Physical Systems

  • Beibei Li,
  • Yue Xiao,
  • Yaxin Shi,
  • Qinglei Kong,
  • Yuhao Wu,
  • Haiyong Bao

DOI
https://doi.org/10.1109/OJCS.2020.3030825
Journal volume & issue
Vol. 1
pp. 250 – 261

Abstract

Read online

Honeypots have been widely used in the security community to understand the cyber threat landscape, for example to study unauthorized penetration attempts targeting industrial cyber-physical systems (ICPS) and observing the behaviors in such activities. However, some better-resourced cyber attackers may attempt to identify honeypots and develop strategies to compromise them, aka anti-honeypot. In this paper, we present an anti-honeypot enabled optimal attack strategy for ICPS, by employing a novel game-theoretical approach. Specifically, the interactions between the attacker and ICPS defender are captured with a proposed hybrid signaling and repeated game, i.e., a non-cooperative two-player one-shot game with incomplete information. By taking into account both various possible defenses of an ICPS and diverse offensive acts of attackers, a Nash equilibrium is derived, which exhibits an optimal attack strategy for attackers with varying technical sophistication. Extensive simulation experiments on multiple test cases demonstrate that, the derived strategy offers the attackers an optimal tactic to compromise the target ICPS protected by honeypots, while having only incomplete knowledge of the defensive mechanisms.

Keywords