Panda, Sakshyam, Rass, Stefan, Moschoyiannis, Sotiris, Liang, Kaitai, Loukas, George ORCID: 0000-0003-3559-5182 and Panaousis, Emmanouil ORCID: 0000-0001-7306-4062 (2022) HoneyCar: a framework to configure honeypot vulnerabilities on the internet of vehicles. IEEE Access, 10. pp. 104671-104685. ISSN 2169-3536 (Online) (doi:https://doi.org/10.1109/ACCESS.2022.3210117)

Preview

PDF (Publisher VoR) 37798_PANAOUSIS_HoneyCar_a_framework_to_configure_honeypot.pdf - Published Version Available under License Creative Commons Attribution. Download (1MB) | Preview

Abstract

The Internet of Vehicles (IoV), whereby interconnected vehicles that communicate with each other and with road infrastructure on a common network, has promising socio-economic benefits but also poses new cyber-physical threats. To protect these entities and learn about adversaries, data on attackers can be realistically gathered using decoy systems like honeypots. Admittedly, honeypots introduces a trade-off between the level of honeypot-attacker interactions and incurred overheads and costs for implementing and monitoring these systems. Deception through honeypots can be achieved by strategically configuring the honeypots to represent components of the IoV to engage attackers and collect cyber threat intelligence. Here, we present HoneyCar, a novel decision support framework for honeypot deception in IoV. HoneyCar benefits from the repository of known vulnerabilities of the autonomous and connected vehicles found in the Common Vulnerabilities and Exposure (CVE) database to compute optimal honeypot configuration strategies. The adversarial interaction is modelled as a repeated imperfect-information zero-sum game where the IoV network administrator strategically chooses a set of vulnerabilities to offer in a honeypot and a strategic attacker chooses a vulnerability to exploit under uncertainty. Our investigation examines two different versions of the game, with and without the re-configuration cost, to empower the network administrator to determine optimal honeypot investment strategies given a budget. We show the feasibility of this approach in a case study that consists of the vulnerabilities in autonomous and connected vehicles gathered from the CVE database and data extracted from the Common Vulnerability Scoring System (CVSS).

Item Type:	Article
Uncontrolled Keywords:	Honeypots; cyber deception; internet of vehicles; cybersecurity investment; game theory; optimisation; computer security; optimization; Internet of vehicles; investment; connected vehicles; privacy
Subjects:	Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Faculty / School / Research Centre / Research Group:	Faculty of Engineering & Science Faculty of Engineering & Science > School of Computing & Mathematical Sciences (CMS)
Last Modified:	09 Nov 2022 10:21
URI:	http://gala.gre.ac.uk/id/eprint/37798

Actions (login required)

View Item

Downloads