Research on Optimization of Array Honeypot Defense Strategies Based on Evolutionary Game Theory

Abstract

Honeypot has been regarded as an active defense technology that can deceive attackers by simulating real systems. However, honeypot is actually a static network trap with fixed disposition, which is easily identified by anti-honeypot technology. Thus, honeypot is a “passive” active defense technology. Dynamic honeypot makes up for the shortcomings of honeypot, which dynamically adjusts defense strategies with the attack of hackers. Therefore, the confrontation between defenders and attackers is a strategic game. This paper focuses on the non-cooperative evolutionary game mechanism of bounded rationality, aiming to improve the security of the array honeypot system through the evolutionarily stable strategies derived from the evolutionary game model. First, we construct a three-party evolutionary game model of array honeypot, which is composed of defenders, attackers and legitimate users. Secondly, we formally describe the strategies and revenues of players in the game, and build the three-party game payoff matrices. Then the evolutionarily stable strategy is obtained by analyzing the Replicator Dynamics of various parties. In addition, we discuss the equilibrium condition to get the influence of the number of servers N on the stability of strategy evolution. MATLAB and Gambit simulation experiment results show that deduced evolutionarily stable strategies are valid in resisting attackers.