Jisuanji kexue (Oct 2021)

Multi-stage Game Based Dynamic Deployment Mechanism of Virtualized Honeypots

  • GAO Ya-zhuo, LIU Ya-qun, ZHANG Guo-min, XING Chang-you, WANG Xiu-lei

DOI
https://doi.org/10.11896/jsjkx.210500071
Journal volume & issue
Vol. 48, no. 10
pp. 294 – 300

Abstract

Read online

As an important deception defense method,honeypot is of great significance to enhance the network active defense capability.However,most of the existing honeypots adopt the static deployment method,which is difficult to deal with the strategic attacks effectively.Therefore,by combining the complete information static game with Markov decision process,we propose a multi-stage stochastic game based dynamic deployment mechanism HoneyVDep.By taking the resource constrained maximum comprehensive gain of the defensive side as the goal,HoneyVDep establishes a multi-stage random game based honeypot deployment optimization model.Besides,we also implement a Q_Learning based solution algorithm,which can deal with the attacker's strategic detection attack behavior quickly.Finally,based on software defined network and virtualization containers,we implement an extensible prototype system.The experimental results show that HoneyVDep can effectively generate honeypot deployment strategy according to the characteristics of the attacker's attack behavior,improve the trapping rate of the attackers,and reduce the deployment cost.

Keywords