Honeypot Based Industrial Threat Detection Using Game Theory in Cyber-Physical System

Cyber threats are clearly understood across the security landscape using honeypot technologies across industrial cyber-physical systems (ICPS). Specifically, Distributed Denial of Service (DDoS) and Man in the Middle (MITM) attacks are the significant malicious threats in ICPS. This paper's anti-honeypot-enabled attack detection system for ICPS is developed using the Stakerlberg dynamic game (SDG) theory and Reinforcement learning (RL) models. The interactions between the ICPS defender and the attackers are captured through BSDG model. RL state and rewards functions exhibit various possible ICPS defenses and offensive attackers. It will capture the attack sequences in the ICPS and identify the attackers efficiently. The simulation and numerical evaluation of two malicious attacks DDoS and MITM, using the proposed strategy, is efficient in detecting malicious activities. This model obtained improved detection rate, time, and accuracy by comparing existing approaches.