# Game Theoretic Honeypot Deployment in Smart Grid

^{1}

^{2}

^{3}

^{*}

## Abstract

**:**

## 1. Introduction

#### 1.1. Related Works & Motivation

#### 1.2. Contribution

#### 1.3. Structure

## 2. System Model

## 3. One-Shot Game

#### 3.1. Game Formulation

- The set of players $\mathcal{S}$, which includes the attacker and the defender, i.e., $\mathcal{S}=\{A,D\}$
- The set of actions for each player, i.e, ${\mathcal{A}}_{D}=\{\theta \in [0,1],N\in [0,{N}_{\mathrm{max}}]\}$ for the defender and ${\mathcal{A}}_{A}=\varphi \in [0,{\varphi}_{\mathrm{m}}]$ for the attacker.
- The payoff functions for each player, i.e., ${U}_{\mathrm{A}}$ and ${U}_{\mathrm{D}}$.

#### 3.2. Solution of Game 1

**Definition**

**1.**

**Lemma**

**1.**

**Proof.**

**Theorem**

**1.**

**Proof.**

**Theorem**

**2.**

**Proof.**

#### 3.3. Strategy Selection When NE Does Not Exist

## 4. Repeated Game with Uncertainty about the Type of Attacker

#### 4.1. Game Formulation

- (i)
- The set of players $\mathcal{S}$ that includes the attacker and the defender, i.e., $\mathcal{S}=\{A,D\}$.
- (ii)
- The set of states of nature, denoted by $\mathsf{\Omega}$.
- (iii)
- The types of the attacker, i.e., the set $(a,b)$.
- (iv)
- The set of actions for each player, i.e, ${\mathcal{A}}_{D}=\{\theta ,N\}$ for the defender and $({\mathcal{A}}_{{A}_{a}},{\mathcal{A}}_{{A}_{a}})=({\varphi}_{a},{\varphi}_{b})$ for the attacker of type a and b, respectively.
- (v)
- The expected payoff functions for each player, i.e., $\mathbb{E}\left[{U}_{\mathrm{A}}\right]$ and $\mathbb{E}\left[{U}_{\mathrm{A}}\right]$.
- (vi)
- The belief $\mu $ about the type of the attacker.
- (vii)
- The history ${h}^{t}$ of the game at the t-th round.

#### 4.2. Solution of Game 2 Given Updated Beliefs

**Lemma**

**2.**

**Proof.**

**Theorem**

**3.**

**Proof.**

**Theorem**

**4.**

**Proof.**

#### 4.3. Update of Belief

## 5. Simulation Results & Discussion

#### 5.1. One-Shot Game

#### 5.2. Max-Min Solution in the One-Shot Game

#### 5.3. Repeated Game

## 6. Conclusions

## Author Contributions

## Funding

## Conflicts of Interest

## References

- Cisco Annual Internet Report (2018–2023). White Paper. Available online: https://www.cisco.com/c/en/us/solutions/collateral/executive-perspectives/annual-internet-report/white-paper-c11-741490.html (accessed on 13 June 2020).
- Littlefield, M. Putting Industrial Cyber Security at the Top of the CEO Agenda; LNS Research Library: Cambridge, MA, USA, 2017. [Google Scholar]
- Global Risks 2018: Insight Report; World Economic Forum: Geneva, Switzerland, 2018. Available online: http://www3.weforum.org/docs/WEF_GRR18_Report.pdf (accessed on 13 June 2020).
- The SPEAR Project. Available online: https://www.spear2020.eu/ (accessed on 13 June 2020).
- Spitzner, L. The Honeynet Project: Trapping the hackers. IEEE Secur. Priv.
**2003**, 1, 15–23. [Google Scholar] [CrossRef][Green Version] - Spitzner, L. The Value of Honeypots, Part One: Definitions and Values of Honeypots. Available online: http://www.symantec.com/connect/articles/value-honeypots-part-one-definitions-and-values-honeypots (accessed on 13 June 2020).
- Scott, C.; Carbone, R. Designing and Implementing a Honeypot for a SCADA Network; SANS Institute Reading Room: Singapore, 2014; p. 39. [Google Scholar]
- Wei, L.; Sarwat, A.I.; Saad, W.; Biswas, S. Stochastic Games for Power Grid Protection Against Coordinated Cyber-Physical Attacks. IEEE Trans. Smart Grid
**2018**, 9, 684–694. [Google Scholar] [CrossRef] - Pawlick, J.; Colbert, E.; Zhu, Q. A Game-theoretic Taxonomy and Survey of Defensive Deception for Cybersecurity and Privacy. ACM Comput. Surv.
**2019**, 52, 1–28. [Google Scholar] [CrossRef][Green Version] - Tian, W.; Ji, X.; Liu, W.; Liu, G.; Zhai, J.; Dai, Y.; Huang, S. Prospect Theoretic Study of Honeypot Defense Against Advanced Persistent Threats in Power Grid. IEEE Access
**2020**, 8, 64075–64085. [Google Scholar] [CrossRef] - Kumar, B.; Bhuyan, B. Using game theory to model DoS attack and defence. Sādhanā
**2019**, 44, 245. [Google Scholar] [CrossRef][Green Version] - Çeker, H.; Zhuang, J.; Upadhyaya, S.; La, Q.D.; Soong, B.H. Deception-Based Game Theoretical Approach to Mitigate DoS Attacks. In Lecture Notes in Computer Science; Springer International Publishing: Berlin/Heidelberg, Germany, 2016; pp. 18–38. [Google Scholar]
- Wang, K.; Du, M.; Maharjan, S.; Sun, Y. Strategic Honeypot Game Model for Distributed Denial of Service Attacks in the Smart Grid. IEEE Trans. Smart Grid
**2017**, 8, 2474–2482. [Google Scholar] [CrossRef] - Du, M.; Wang, K. An SDN-Enabled Pseudo-Honeypot Strategy for Distributed Denial of Service Attacks in Industrial Internet of Things. IEEE Trans. Ind. Inform.
**2020**, 16, 648–657. [Google Scholar] [CrossRef] - Cho, J.H.; Zhu, M.; Singh, M. Modeling and Analysis of Deception Games Based on Hypergame Theory. In Auton. Cyber Decept.; Springer International Publishing: Berlin/Heidelberg, Germany, 2019; pp. 49–74. [Google Scholar]
- Horák, K.; Bošanský, B.; Tomášek, P.; Kiekintveld, C.; Kamhoua, C. Optimizing honeypot strategies against dynamic lateral movement using partially observable stochastic games. Comput. Secur.
**2019**, 87, 101579. [Google Scholar] [CrossRef] - Tian, W.; Ji, X.; Liu, W.; Liu, G.; Lin, R.; Zhai, J.; Dai, Y. Defense Strategies Against Network Attacks in Cyber-Physical Systems with Analysis Cost Constraint Based on Honeypot Game Model. Comput. Mater. Contin.
**2019**, 60, 193–211. [Google Scholar] [CrossRef] - Tian, W.; Ji, X.P.; Liu, W.; Zhai, J.; Liu, G.; Dai, Y.; Huang, S. Honeypot game-theoretical model for defending against APT attacks with limited resources in cyber-physical systems. ETRI J.
**2019**, 41, 585–598. [Google Scholar] [CrossRef] - La, Q.D.; Quek, T.Q.S.; Lee, J.; Jin, S.; Zhu, H. Deceptive Attack and Defense Game in Honeypot-Enabled Networks for the Internet of Things. IEEE Int. Things J.
**2016**, 3, 1025–1035. [Google Scholar] [CrossRef] - La, Q.D.; Quek, T.Q.S.; Lee, J. A game theoretic model for enabling honeypots in IoT networks. In Proceedings of the 2016 IEEE International Conference on Communications (ICC), Kuala Lumpur, Malaysia, 22–27 May 2016; pp. 1–6. [Google Scholar]
- Bilinski, M.; Gabrys, R.; Mauger, J. Optimal Placement of Honeypots for Network Defense. In Lecture Notes in Computer Science; Springer International Publishing: Berlin/Heidelberg, Germany, 2018; pp. 115–126. [Google Scholar]
- Fraunholz, D.; Schotten, H.D. Strategic defense and attack in deception based network security. In Proceedings of the 2018 International Conference on Information Networking (ICOIN), Chiang Mai, Thailand, 10–12 January 2018; pp. 156–161. [Google Scholar]
- Jicha, A.; Patton, M.; Chen, H. SCADA honeypots: An in-depth analysis of Conpot. In Proceedings of the 2016 IEEE Conference on Intelligence and Security Informatics (ISI), Tucson, AZ, USA, 28–30 September 2016. [Google Scholar]
- Dalamagkas, C.; Sarigiannidis, P.; Ioannidis, D.; Iturbe, E.; Nikolis, O.; Ramos, F.; Rios, E.; Sarigiannidis, A.; Tzovaras, D. A Survey On Honeypots, Honeynets and Their Applications On Smart Grid. In Proceedings of the 2019 IEEE Conference on Network Softwarization (NetSoft), Paris, France, 24–28 June 2019. [Google Scholar]
- Islam, S.N.; Mahmud, M.; Oo, A. Impact of optimal false data injection attacks on local energy trading in a residential microgrid. ICT Express
**2018**, 4, 30–34. [Google Scholar] [CrossRef] - Diamantoulakis, P.D.; Kapinas, V.M.; Karagiannidis, G.K. Big data analytics for dynamic energy management in smart grids. Big Data Res.
**2015**, 2, 94–101. [Google Scholar] [CrossRef][Green Version] - Shafie, A.E.; Chihaoui, H.; Hamila, R.; Al-Dhahir, N.; Gastli, A.; Ben-Brahim, L. Impact of Passive and Active Security Attacks on MIMO Smart Grid Communications. IEEE Syst. J.
**2019**, 13, 2873–2876. [Google Scholar] [CrossRef] - El Shafie, A.; Niyato, D.; Hamila, R.; Al-Dhahir, N. Impact of the Wireless Network’s PHY Security and Reliability on Demand-Side Management Cost in the Smart Grid. IEEE Access
**2017**, 5, 5678–5689. [Google Scholar] [CrossRef] - Niyato, D.; Wang, P.; Hossain, E. Reliability analysis and redundancy design of smart grid wireless communications system for demand side management. IEEE Wirel. Commun.
**2012**, 19, 38–46. [Google Scholar] [CrossRef] - Mohsenian-Rad, A.; Wong, V.W.S.; Jatskevich, J.; Schober, R.; Leon-Garcia, A. Autonomous Demand-Side Management Based on Game-Theoretic Energy Consumption Scheduling for the Future Smart Grid. IEEE Trans. Smart Grid
**2010**, 1, 320–331. [Google Scholar] [CrossRef][Green Version] - Iqbal, A.; Gunn, L.J.; Guo, M.; Ali Babar, M.; Abbott, D. Game Theoretical Modelling of Network/Cybersecurity. IEEE Access
**2019**, 7, 154167–154179. [Google Scholar] [CrossRef] - Garg, N.; Grosu, D. Deception in Honeynets: A Game-Theoretic Analysis. In Proceedings of the 2007 IEEE SMC Information Assurance and Security Workshop, West Point, NY, USA, 20–22 June 2007; pp. 107–113. [Google Scholar]
- Liang, X.; Xiao, Y. Game Theory for Network Security. IEEE Commun. Surv. Tutor.
**2013**, 15, 472–486. [Google Scholar] [CrossRef][Green Version] - Chamberlain, G. Econometric applications of maxmin expected utility. J. Appl. Econom.
**2000**, 15, 625–644. [Google Scholar] [CrossRef] - Liu, Y.; Comaniciu, C.; Man, H. A Bayesian game approach for intrusion detection in wireless ad hoc networks. In Proceedings of the 2006 Workshop on Game Theory for Communications and Networks; Association for Computing Machinery: New York, NY, USA, 2006. [Google Scholar] [CrossRef]
- Diamond, S.; Boyd, S. CVXPY: A Python-embedded modeling language for convex optimization. J. Mach. Learn. Res.
**2016**, 17, 1–5. [Google Scholar] - Agrawal, A.; Verschueren, R.; Diamond, S.; Boyd, S. A rewriting system for convex optimization problems. J. Control Decis.
**2018**, 5, 42–60. [Google Scholar] [CrossRef]

Parameter | Definition |
---|---|

A | attacker |

D | defender |

${s}_{\mathrm{A},i}$ | strategy of the attacker for the i-th host |

${s}_{\mathrm{D},i}$ | strategy of the defender for the i-th host |

${N}_{\mathrm{r}}$ | number of real devices |

${N}_{\mathrm{max}}$ | total number of available hosts |

N | sum of connected real devices and honeypots |

${a}_{i}$ | different terms’ weights of attacker’s payoffs |

${d}_{i}$ | different terms’ weights of defender’s payoffs |

$\theta $ | portion of the number of hosts (N) that are honeypots |

$\varphi $ | portion of the number of hosts (N) that are attacked |

${\varphi}_{\mathrm{m}}$ | the maximum portion of the number of hosts (N) that are attacked |

${U}_{\mathrm{i}}$ | payoff of player i |

$f(\xb7)$,$g(\xb7)$,$\tilde{f}(\xb7)$,$\tilde{g}(\xb7)$ | functions of $(\xb7)$ |

$\mathcal{S}$ | set of players |

${\mathcal{A}}_{i}$ | set of actions for player i |

y, ${N}_{1}$, ${N}_{2}$ | auxiliary variables |

$\mathbb{E}[\xb7]$ | expected value of $[\xb7]$ |

$\mathbb{P}[\xb7]$ | probability of the event $[\xb7]$ |

a, b | the two types of attacker |

${A}_{j}$ | attacker of type j |

${a}_{i,j}$ | weight’s of attacker’s payoff when he is of type $j\in \{a,b\}$ |

${d}_{j}$ | weight’s of attacker’s payoff when he is of type $j\in \{a,b\}$ |

$\mu $ | belief that the attacker is of type a |

${\varphi}_{i}$ | probability of attacking each host for the attacker of type i. |

${\varphi}_{i,\mathrm{m}}$ | maximum value of the probability of attacking each host for the attacker of type i |

$\mathsf{\Omega}$ | states of the nature |

t | round of the game in a repeated game |

${G}_{i}$ | game i |

${h}^{t}$ | history of the game after t-th play |

${(\xb7)}^{*}$ | $(\xb7)$ belongs to the NE |

${C}_{i}$ | cost of under or over estimating the demand of the i-th device |

${f}_{\mathrm{R},i}$ | the probability density function of the actual energy consumption |

${\delta}_{i}$ | the mean energy demand of the i-th device |

${E}_{\mathrm{max}}$ | the maximum energy consumption |

${p}_{\mathrm{uc}}$ | energy price in the unit commitment stage |

${p}_{\mathrm{ed}}$ | energy price in the economic-dispatch stage |

Parameter | Value |
---|---|

${N}_{r}$ | 3 |

${N}_{\mathrm{max}}$ | 10 |

${\varphi}_{\mathrm{max}}$ | 1 |

${a}_{\{1,2,3\}}$ | $[0.76,0.01,0.10]$ |

${d}_{\{1,2,3,4\}}$ | $[0.03,0.40,0.45,0.01]$ |

Random solutions for $\theta $ | 2000 |

Random solutions for $\varphi $ | 2000 |

Parameter | Value |
---|---|

${N}_{r}$ | 3 |

${N}_{\mathrm{max}}$ | 10 |

${\varphi}_{\mathrm{max}}$ | 1 |

${a}_{\{1,2,3\}}$ | $[0.81,0.01,0.06]$ |

${d}_{\{1,2,3,4\}}$ | $[0.31,0.24,0.81,0.14]$ |

Random solutions for $\theta $ | 2000 |

Parameter | Value |
---|---|

Number of rounds | 50 |

${N}_{r}$ | 6 |

${N}_{\mathrm{max}}$ | 8 |

${\varphi}_{a,\mathrm{max}}$ | $0.6$ |

${\varphi}_{b,\mathrm{max}}$ | $0.2$ |

${a}_{a\{1,2,3\}}$ | $[0.48,0.46,0.10]$ |

${a}_{b\{1,2,3\}}$ | $[0.39,0.48,0.02]$ |

${d}_{a\{1,2\}}$ | $[0.70,0.04]$ |

${d}_{b\{1,2\}}$ | $[0.04,0.68]$ |

${d}_{3},{d}_{4}$ | $0.77,0.006$ |

© 2020 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).

## Share and Cite

**MDPI and ACS Style**

Diamantoulakis, P.; Dalamagkas, C.; Radoglou-Grammatikis, P.; Sarigiannidis, P.; Karagiannidis, G.
Game Theoretic Honeypot Deployment in Smart Grid. *Sensors* **2020**, *20*, 4199.
https://doi.org/10.3390/s20154199

**AMA Style**

Diamantoulakis P, Dalamagkas C, Radoglou-Grammatikis P, Sarigiannidis P, Karagiannidis G.
Game Theoretic Honeypot Deployment in Smart Grid. *Sensors*. 2020; 20(15):4199.
https://doi.org/10.3390/s20154199

**Chicago/Turabian Style**

Diamantoulakis, Panagiotis, Christos Dalamagkas, Panagiotis Radoglou-Grammatikis, Panagiotis Sarigiannidis, and George Karagiannidis.
2020. "Game Theoretic Honeypot Deployment in Smart Grid" *Sensors* 20, no. 15: 4199.
https://doi.org/10.3390/s20154199