HoneyCar: a framework to configure honeypot vulnerabilities on the internet of vehicles
Panda, Sakshyam, Rass, Stefan, Moschoyiannis, Sotiris, Liang, Kaitai, Loukas, George ORCID: https://orcid.org/0000-0003-3559-5182 and Panaousis, Emmanouil ORCID: https://orcid.org/0000-0001-7306-4062 (2022) HoneyCar: a framework to configure honeypot vulnerabilities on the internet of vehicles. IEEE Access, 10. pp. 104671-104685. ISSN 2169-3536 (Online) (doi:10.1109/ACCESS.2022.3210117)
Preview |
PDF (Publisher VoR)
37798_PANAOUSIS_HoneyCar_a_framework_to_configure_honeypot.pdf - Published Version Available under License Creative Commons Attribution. Download (1MB) | Preview |
Abstract
The Internet of Vehicles (IoV), whereby interconnected vehicles that communicate with each other and with road infrastructure on a common network, has promising socio-economic benefits but also poses new cyber-physical threats. To protect these entities and learn about adversaries, data on attackers can be realistically gathered using decoy systems like honeypots. Admittedly, honeypots introduces a trade-off between the level of honeypot-attacker interactions and incurred overheads and costs for implementing and monitoring these systems. Deception through honeypots can be achieved by strategically configuring the honeypots to represent components of the IoV to engage attackers and collect cyber threat intelligence. Here, we present HoneyCar, a novel decision support framework for honeypot deception in IoV. HoneyCar benefits from the repository of known vulnerabilities of the autonomous and connected vehicles found in the Common Vulnerabilities and Exposure (CVE) database to compute optimal honeypot configuration strategies. The adversarial interaction is modelled as a repeated imperfect-information zero-sum game where the IoV network administrator strategically chooses a set of vulnerabilities to offer in a honeypot and a strategic attacker chooses a vulnerability to exploit under uncertainty. Our investigation examines two different versions of the game, with and without the re-configuration cost, to empower the network administrator to determine optimal honeypot investment strategies given a budget. We show the feasibility of this approach in a case study that consists of the vulnerabilities in autonomous and connected vehicles gathered from the CVE database and data extracted from the Common Vulnerability Scoring System (CVSS).
Item Type: | Article |
---|---|
Uncontrolled Keywords: | Honeypots; cyber deception; internet of vehicles; cybersecurity investment; game theory; optimisation; computer security; optimization; Internet of vehicles; investment; connected vehicles; privacy |
Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science |
Faculty / School / Research Centre / Research Group: | Faculty of Engineering & Science Faculty of Engineering & Science > School of Computing & Mathematical Sciences (CMS) |
Last Modified: | 09 Nov 2022 10:21 |
URI: | http://gala.gre.ac.uk/id/eprint/37798 |
Actions (login required)
View Item |
Downloads
Downloads per month over past year