Skip navigation

HoneyCar: a framework to configure honeypot vulnerabilities on the internet of vehicles

HoneyCar: a framework to configure honeypot vulnerabilities on the internet of vehicles

Panda, Sakshyam, Rass, Stefan, Moschoyiannis, Sotiris, Liang, Kaitai, Loukas, George ORCID logoORCID: https://orcid.org/0000-0003-3559-5182 and Panaousis, Emmanouil ORCID logoORCID: https://orcid.org/0000-0001-7306-4062 (2022) HoneyCar: a framework to configure honeypot vulnerabilities on the internet of vehicles. IEEE Access, 10. pp. 104671-104685. ISSN 2169-3536 (Online) (doi:10.1109/ACCESS.2022.3210117)

[thumbnail of Publisher VoR]
Preview
PDF (Publisher VoR)
37798_PANAOUSIS_HoneyCar_a_framework_to_configure_honeypot.pdf - Published Version
Available under License Creative Commons Attribution.

Download (1MB) | Preview

Abstract

The Internet of Vehicles (IoV), whereby interconnected vehicles that communicate with each other and with road infrastructure on a common network, has promising socio-economic benefits but also poses new cyber-physical threats. To protect these entities and learn about adversaries, data on attackers can be realistically gathered using decoy systems like honeypots. Admittedly, honeypots introduces a trade-off between the level of honeypot-attacker interactions and incurred overheads and costs for implementing and monitoring these systems. Deception through honeypots can be achieved by strategically configuring the honeypots to represent components of the IoV to engage attackers and collect cyber threat intelligence. Here, we present HoneyCar, a novel decision support framework for honeypot deception in IoV. HoneyCar benefits from the repository of known vulnerabilities of the autonomous and connected vehicles found in the Common Vulnerabilities and Exposure (CVE) database to compute optimal honeypot configuration strategies. The adversarial interaction is modelled as a repeated imperfect-information zero-sum game where the IoV network administrator strategically chooses a set of vulnerabilities to offer in a honeypot and a strategic attacker chooses a vulnerability to exploit under uncertainty. Our investigation examines two different versions of the game, with and without the re-configuration cost, to empower the network administrator to determine optimal honeypot investment strategies given a budget. We show the feasibility of this approach in a case study that consists of the vulnerabilities in autonomous and connected vehicles gathered from the CVE database and data extracted from the Common Vulnerability Scoring System (CVSS).

Item Type: Article
Uncontrolled Keywords: Honeypots; cyber deception; internet of vehicles; cybersecurity investment; game theory; optimisation; computer security; optimization; Internet of vehicles; investment; connected vehicles; privacy
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Faculty / School / Research Centre / Research Group: Faculty of Engineering & Science
Faculty of Engineering & Science > School of Computing & Mathematical Sciences (CMS)
Last Modified: 09 Nov 2022 10:21
URI: http://gala.gre.ac.uk/id/eprint/37798

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics