Deception in Honeynets: A Game-Theoretic Analysis

Abstract

Recently, honeynets became one of the main tools for understanding the characteristics of malicious attacks and the behavior of the attackers. However the attackers may identify the honeypots and avoid attacking them. Thus the honeynet administrators must be able to deceive the attackers and induce them to attack the honeypots. In this paper we propose a game theoretic framework for modeling deception in honeynets. The framework is based on extensive games of imperfect information. We study the equilibrium solutions of these games and show how they are used to determine the strategies of the attacker and the honeynet system.