Download This PaperTowards a Moving Target Defense Based on Stochastic Games and Honeypots
18 Pages Posted: 26 Apr 2025
Abstract
Honeypots, which serve as active defense mechanisms, have historically played pivotal roles in network attack and defense scenarios. However, with the advancement of honeypot recognition technologies, their effectiveness in real-world network defense has gradually diminished. In response, mobile target defense (MTD) has recently emerged as a promising active defense paradigm and a focal point of research. MTD leverages heterogeneous, redundant deployments of service resources and randomization techniques to disrupt attack methods. However, despite their advantages, MTD systems face challenges related to high resource consumption.To address these limitations, we propose a moving target defense based on stochastic games and honeypots (GH-MTD) framework. This framework consists of four key modules: traffic detection, gaming, MTD, and honeynet. By integrating honeynet probes with real services and employing attack behavior analysis alongside internet protocol (IP) address redirection techniques, the GH-MTD system achieves a defense response that is both cost efficient and highly effective.In our experiments, we evaluate the architecture's performance against various attack methods, including automated scripts, manual attacks, and assaults by high-level penetration testers. The results demonstrate that the GH-MTD architecture performs exceptionally well, particularly in mitigating and countering advanced, sophisticated attacks, thereby demonstrating its effectiveness in modern network defense strategies.
Keywords: Honeynet, Moving Target Defense, Stochastic Game, Cyber Security
Suggested Citation: Suggested Citation