Honeypot game-theoretical model for defending against APT attacks with limited resources in cyber-physical systems |
Tian, Wen
(School of Automation, Nanjing University of Science and Technology)
Ji, Xiao-Peng (School of Automation, Nanjing University of Science and Technology) Liu, Weiwei (School of Automation, Nanjing University of Science and Technology) Zhai, Jiangtao (School of Electrics and Information Engineering, Jiangsu University of Science and Technology) Liu, Guangjie (School of Automation, Nanjing University of Science and Technology) Dai, Yuewei (School of Electrics and Information Engineering, Jiangsu University of Science and Technology) Huang, Shuhua (School of Automation, Nanjing University of Science and Technology) |
1 | Y.F. Li et al, Nonlane-discipline-based car-following model for electric vehicles in transportation-cyber-physical systems, IEEE Trans. Intell. Transp. Syst 19 (2017), no. 1, 38-47. DOI |
2 | O. Yagan et al, Optimal allocation of interconnecting links in cyber-physical systems: Interdependence, cascading failures, and robustness, IEEE Trans. Parallel. Distrib. Syst. 23 (2012), no. 9, 1708-1720. DOI |
3 | C. Tankard, Advanced persistent threats and how to monitor and deter them, Netw. Secur. 8 (2011), 16-19. DOI |
4 | P. Giura and W. Wang, A context-based detection framework for advanced persistent threats, in Int. Conf. CyberSecurity, Washington, DC, USA, 2012, pp. 69-74. |
5 | K. Wang et al, Game-theory-based active defense for intrusion detection in cyber-physical embedded systems, ACM Trans. Embed. Comput. Syst. 16 (2016), no. 1, 1-18. |
6 | A.J. Cao, B.X. Liu, and R.S. Xu, Summary of the honeynet and entrapment defense technology, Comput. Eng. 30 (2004), no. 9, 1-3. DOI |
7 | M.A. Faisal et al, Data-stream-based intrusion detection system for advanced metering infrastructure in smart grid: a feasibility study, IEEE Syst. J. 9 (2015), 31-44. DOI |
8 | F. Zhang et al, Honeypot: a supplemented active defense system for network security, in Int. Conf. Parallel Distrib. Comput., Chengdu, China, 2003, pp. 231-235. |
9 | G. Portokalidis and H. Bos, Sweetbait: zero-hour worm detection and containment using low-and high-interaction honeypots, Comput. Netw. 51 (2007), no. 5, 1256-1274. DOI |
10 | M. Nawrocki et al, A survey on honeypot software and data analysis, 2016, Available from: arXiv preprint arXiv:1608.06249. |
11 | G. Howser and B. McMillin, A modal model of stuxnet attacks on cyber-physical systems: A matter of trust, in Eighth Int. Conf. Softw. Security Reliability, San Francisco, USA, 2014, pp. 225-234. |
12 | S. Jajodia et al, Moving Target Defense II: Application of Game Theory and Adversarial Modeling, Springer, New York, 2012. |
13 | K. Sood and R.J. Enbody, Targeted cyberattacks: a superset of advanced persistent threats, IEEE Secur. Priv. 11 (2013), 54-61. DOI |
14 | J. Pawlick, S. Farhang, and Q. Zhu, Flip the cloud: cyber-physical signaling games in the presence of advanced persistent threats, in Int. Conf. Decision Game Theory Security, London, UK, Nov. 2015, pp. 289-308. |
15 | M.H. Min et al, Defense against advanced persistent threats in dynamic cloud storage: a colonel blotto game approach, IEEE Internet Things J. 5 (2018), no. 6, 4250-4261. DOI |
16 | Z. Xu and Q. Zhu, Secure and resilient control design for cloud enabled networked control systems, in Proc. ACM Workshop Cyber-Phys. Syst.-Security, Denver, CO, USA, Oct. 2015, pp. 31-42. |
17 | C. Stoll, The cuckoo's egg: tracking a spy through the maze of computer espionage, Simon and Schuster, New York, 1989. |
18 | N. Provos, A virtual honeypot framework, USENIX Secur. Symp. 173 (2004), 1-14. |
19 | S. Vetsch, Glastopfng: A web attack honeypot, VDM Verlag, New York, 2011. |
20 | L. Xiao et al, Cloud storage defense against advanced persistent threats: a prospect theoretic study, IEEE J. Sel. Areas Commun. 35 (2017), no. 3, 534-544. DOI |
21 | D. Fronimos, E. Magkos, and V. Chrissikopoulos, Evaluating low interaction honeypots and on their use against advanced persistent threats, in Proc. Panhellenic Conf. Inform., Athens, Greece, Oct. 2014, pp. 1-2. |
22 | R. Jasek, M. Kolarik, and T. Vymola, Apt detection system using honeypots, in Proc. Int. Conf. Appl. Inform. Commun., Valencia, Spain, Aug. 2013, pp. 25-29. |
23 | K. Wang et al, Strategic honeypot game model for distributed denial of service attacks in the smart grid, IEEE Trans. Smart Grid 8 (2017), no. 5, 2474-2482. DOI |
24 | M. Van Dijk et al, Flipit: the game of "stealthy takeover", J. Cryptol. 26 (2013), 655-713. DOI |
25 | Q. Zhu and T. Basar, Game-theoretic approach to feedback- driven multi-stage moving target defense, in Int. Conf. Decision Game Theory Security, Fort Worth, TX, USA, Nov. 2013, pp. 246-263. |
26 | N.S.V. Rao et al, Cyber-physical correlation effects in defense games for large discrete infrastructures, Games 9 (2018), no. 52, 1-24. DOI |
27 | J. Zhuang, V.M. Bier, and O. Alagoz, Modeling secrecy and deception in a multiple-period attacker-defender signaling game, Eur. J. Oper. Res. 202 (2010), no. 3, 409-418. |
28 | H. Ceker et al, Deception-based game theoretical approach to mitigate dos attacks, in Int. Conf. Decision Game Theory Security, New York, NY, USA, Nov. 2016, pp. 13-38. |
29 | N.S.V. Rao et al, Defense of cyber infrastructures against cyber-physical attacks using game-theoretic models, Risk Anal. 36 (2016), no. 4, 694-710. DOI |
30 | S. Saha, A. Vullikanti, and M. Halappanavar, Flipnet: Modeling covert and persistent attacks on networked resources, in IEEE Int. Conf. Distrib. Comput. Syst., Atlanta, GA, USA, June 2017, pp. 2444-2451. |
31 | J. Levine et al, The use of honeynets to detect exploited systems across large enterprise networks, IEEE Syst. Man Cybern. Soc., West Point, NY, USA, June 2003, pp. 92-99. |
32 | A. Sanjab, W. Saad, and T. Basar, Prospect theory for enhanced cyber-physical security of drone delivery systems: a network interdiction game, IEEE Int. Conf. Commun. (ICC), Paris, France, May 2017, pp. 1-6. |
33 | W. Tian et al, Defense strategies against network attacks in cyber-physical systems with analysis cost constraint based on honeypot game model, Comput. Mater. Continua 60 (2019), no. 1, 193-211. DOI |
![]() |