Strategic Honeypot Allocation in Dynamic Networks: A Game-Theoretic Approach for Enhanced Cybersecurity | Research Square window.SnipcartSettings = { analytics: { enabled: false } }; (function() { var accessVector = localStorage.getItem('access_vector') || ''; window.dataLayer = window.dataLayer || []; if (accessVector) { window.dataLayer.push({ user: { profile: { profileInfo: { snid: accessVector } } } }); } })(); (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','GTM-K279D39R'); Browse Preprints In Review Journals COVID-19 Preprints AJE Video Bytes Research Tools Research Promotion AJE Professional Editing AJE Rubriq About Preprint Platform In Review Editorial Policies Our Team Advisory Board Help Center Sign In Submit a Preprint Cite Share Download PDF Research Article Strategic Honeypot Allocation in Dynamic Networks: A Game-Theoretic Approach for Enhanced Cybersecurity Md Abu Sayed, Ahmed Hemida, Christopher Kiekintveld, Charles Kamhoua This is a preprint; it has not been peer reviewed by a journal. https://doi.org/ 10.21203/rs.3.rs-3960163/v1 This work is licensed under a CC BY 4.0 License Status: Posted Version 1 posted You are reading this latest preprint version Abstract Honeypots play a crucial role in implementing various cyber deception techniques as they can mislead attackers and divert them away from valuable assets. The topology of tactical networks changes over time due to the topographical environment and node mobility. An impactful strategic placement of honeypots in tactical networks should essentially consider not only network aspects but also attackers' preferences. To this end, we propose a game-theoretic approach that models an attack-defense scenario and develops an optimal honeypot allocation strategy for the defender. Our approach takes into consideration the changes in network connectivity and the specific features and criticality of different nodes. In particular, we introduce a two-player dynamic game model that explicitly incorporates the future state evolution resulting from changes in connectivity. The defender's objective is twofold: to maximize the likelihood of the attacker hitting a honeypot and to minimize the cost associated with deception in terms of the reconfiguration cost of honeypot re-allocation due to mobility. We present an iterative algorithm to find Nash equilibrium strategies. Unfortunately, this class of games suffers from the curse of dimensionality due to the size of the large state space. Therefore, we evaluate the scalability of our algorithm and provide a compact state space that shows a significant reduction in terms of runtime. Finally, we relax the assumption that the defender has full up-to-date knowledge of the network topology. We present a sensitivity-analysis-based approach to quantify the impact of imperfect information in terms of the defender reward. We validate our approach numerically via extensive simulations, demonstrating that our game model successfully enhances network security and is more scalable. Dynamic Games Game Theory Cyber Deception Honeypots Noise Full Text Additional Declarations No competing interests reported. Cite Share Download PDF Status: Posted Version 1 posted You are reading this latest preprint version Research Square lets you share your work early, gain feedback from the community, and start making changes to your manuscript prior to peer review in a journal. As a division of Research Square Company, we’re committed to making research communication faster, fairer, and more useful. We do this by developing innovative software and high quality services for the global research community. Our growing team is made up of researchers and industry professionals working together to solve the most critical problems facing scientific publishing. Also discoverable on Platform About Our Team In Review Editorial Policies Advisory Board Help Center Resources Author Services Accessibility API Access RSS feed Manage Cookie Preferences © Research Square 2026 | ISSN 2693-5015 (online) Privacy Policy Terms of Service Do Not Sell My Personal Information {"props":{"pageProps":{"initialData":{"identity":"rs-3960163","acceptedTermsAndConditions":true,"allowDirectSubmit":true,"archivedVersions":[],"articleType":"Research Article","associatedPublications":[],"authors":[{"id":274293917,"identity":"04219b15-c908-4ca1-a9fb-d4c10dcbd09e","order_by":0,"name":"Md Abu Sayed","email":"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAZAAAAAyAQMAAABI0h/eAAAABlBMVEX///8AAABVwtN+AAAACXBIWXMAAA7EAAAOxAGVKw4bAAAA8UlEQVRIiWNgGAWjYNACNhsGNhQBHsJa0uBaJIjVchjOJKxFt//wM4kPZeej+aSbj338wXC4jl+6gfHB2zbcWsxupJlJzjh3O7dN5ljybB6GwxKScw4wG87Fq4XBTJq3DahFIseYmQGoxeBGAhtQBI+W88e/Sf9tOwfUkv+ZEegwCfsbCey/8Wo5kGMmzdh2AGQLMwPIYQYSCWzMeLXcyCm27DmXDNSSZszMY5AuOePOwWbJOefwOmzjjR9ldrnzZyQ/ZvxRYc3PP7v54Ic3Zbi1AAGLBIJtAMQSjA141QMB8wdUvgR2ZaNgFIyCUTByAQCjVk3r1ExZ+QAAAABJRU5ErkJggg==","orcid":"","institution":"The University of Texas at El Paso","correspondingAuthor":true,"prefix":"","firstName":"Md","middleName":"Abu","lastName":"Sayed","suffix":""},{"id":274293918,"identity":"446cac4e-8577-4ef6-8f15-bebe8453431c","order_by":1,"name":"Ahmed Hemida","email":"","orcid":"","institution":"DEVCOM Army Research Laboratory","correspondingAuthor":false,"prefix":"","firstName":"Ahmed","middleName":"","lastName":"Hemida","suffix":""},{"id":274293919,"identity":"1c59059d-c6b4-4bfc-80d5-cdf0dc02a9bb","order_by":2,"name":"Christopher Kiekintveld","email":"","orcid":"","institution":"The University of Texas at El Paso","correspondingAuthor":false,"prefix":"","firstName":"Christopher","middleName":"","lastName":"Kiekintveld","suffix":""},{"id":274293920,"identity":"e3c126f6-a889-48ba-9aa9-c3cba8e50883","order_by":3,"name":"Charles Kamhoua","email":"","orcid":"","institution":"DEVCOM Army Research Laboratory","correspondingAuthor":false,"prefix":"","firstName":"Charles","middleName":"","lastName":"Kamhoua","suffix":""}],"badges":[],"createdAt":"2024-02-16 02:50:09","currentVersionCode":1,"declarations":"","doi":"10.21203/rs.3.rs-3960163/v1","doiUrl":"https://doi.org/10.21203/rs.3.rs-3960163/v1","draftVersion":[],"editorialEvents":[],"editorialNote":"","failedWorkflow":false,"files":[{"id":59022567,"identity":"4865a8ca-5734-44b7-861a-5a2b63c4b559","added_by":"auto","created_at":"2024-06-25 12:17:28","extension":"pdf","order_by":1,"title":"","display":"","copyAsset":false,"role":"manuscript-pdf","size":661617,"visible":true,"origin":"","legend":"","description":"","filename":"StrategicHoneypotAllocationinDynamicNetworksAGameTheoreticApproachforEnhancedCybersecurityupdated1.pdf","url":"https://assets-eu.researchsquare.com/files/rs-3960163/v1_covered_5b739042-0562-4c7a-bff9-3e6cfc7a343a.pdf"}],"financialInterests":"No competing interests reported.","formattedTitle":"Strategic Honeypot Allocation in Dynamic Networks: A Game-Theoretic Approach for Enhanced Cybersecurity","fulltext":[],"fulltextSource":"","fullText":"","funders":[],"hasAdminPriorityOnWorkflow":false,"hasManuscriptDocX":false,"hasOptedInToPreprint":true,"hasPassedJournalQc":"","hasAnyPriority":false,"hideJournal":true,"highlight":"","institution":"","isAcceptedByJournal":false,"isAuthorSuppliedPdf":true,"isDeskRejected":"","isHiddenFromSearch":false,"isInQc":false,"isInWorkflow":false,"isPdf":true,"isPdfUpToDate":true,"isWithdrawnOrRetracted":false,"journal":{"display":true,"email":"
[email protected]","identity":"researchsquare","isNatureJournal":false,"hasQc":true,"allowDirectSubmit":true,"externalIdentity":"","sideBox":"","snPcode":"","submissionUrl":"/submission","title":"Research Square","twitterHandle":"researchsquare","acdcEnabled":true,"dfaEnabled":false,"editorialSystem":"","reportingPortfolio":"","inReviewEnabled":false,"inReviewRevisionsEnabled":true},"keywords":"Dynamic Games, Game Theory, Cyber Deception, Honeypots, Noise","lastPublishedDoi":"10.21203/rs.3.rs-3960163/v1","lastPublishedDoiUrl":"https://doi.org/10.21203/rs.3.rs-3960163/v1","license":{"name":"CC BY 4.0","url":"https://creativecommons.org/licenses/by/4.0/"},"manuscriptAbstract":"Honeypots play a crucial role in implementing various cyber deception techniques as they can mislead attackers and divert them away from valuable assets. The topology of tactical networks changes over time due to the topographical environment and node mobility. An impactful strategic placement of honeypots in tactical networks should essentially consider not only network aspects but also attackers' preferences. To this end, we propose a game-theoretic approach that models an attack-defense scenario and develops an optimal honeypot allocation strategy for the defender. Our approach takes into consideration the changes in network connectivity and the specific features and criticality of different nodes. In particular, we introduce a two-player dynamic game model that explicitly incorporates the future state evolution resulting from changes in connectivity. The defender's objective is twofold: to maximize the likelihood of the attacker hitting a honeypot and to minimize the cost associated with deception in terms of the reconfiguration cost of honeypot re-allocation due to mobility. We present an iterative algorithm to find Nash equilibrium strategies. Unfortunately, this class of games suffers from the curse of dimensionality due to the size of the large state space. Therefore, we evaluate the scalability of our algorithm and provide a compact state space that shows a significant reduction in terms of runtime. Finally, we relax the assumption that the defender has full up-to-date knowledge of the network topology. We present a sensitivity-analysis-based approach to quantify the impact of imperfect information in terms of the defender reward. We validate our approach numerically via extensive simulations, demonstrating that our game model successfully enhances network security and is more scalable.","manuscriptTitle":"Strategic Honeypot Allocation in Dynamic Networks: A Game-Theoretic Approach for Enhanced Cybersecurity","msid":"","msnumber":"","nonDraftVersions":[{"code":1,"date":"2024-02-26 07:56:23","doi":"10.21203/rs.3.rs-3960163/v1","editorialEvents":[{"type":"communityComments","content":0}],"status":"published","journal":{"display":true,"email":"
[email protected]","identity":"researchsquare","isNatureJournal":false,"hasQc":true,"allowDirectSubmit":true,"externalIdentity":"","sideBox":"","snPcode":"","submissionUrl":"/submission","title":"Research Square","twitterHandle":"researchsquare","acdcEnabled":true,"dfaEnabled":false,"editorialSystem":"","reportingPortfolio":"","inReviewEnabled":false,"inReviewRevisionsEnabled":true}}],"origin":"","ownerIdentity":"eb1b1927-369f-4122-bf35-c1b49735aee8","owner":[],"postedDate":"February 26th, 2024","published":true,"recentEditorialEvents":[],"rejectedJournal":[],"revision":"","amendment":"","status":"posted","subjectAreas":[],"tags":[],"updatedAt":"2024-06-25T12:09:20+00:00","versionOfRecord":[],"versionCreatedAt":"2024-02-26 07:56:23","video":"","vorDoi":"","vorDoiUrl":"","workflowStages":[]},"version":"v1","identity":"rs-3960163","journalConfig":"researchsquare"},"__N_SSP":true},"page":"/article/[identity]/[[...version]]","query":{"redirect":"/article/rs-3960163","identity":"rs-3960163","version":["v1"]},"buildId":"8U1c8b4HqxoKbykW_rLl7","isFallback":false,"isExperimentalCompile":false,"dynamicIds":[84888],"gssp":true,"scriptLoader":[]}
Text is read by the "Ask this paper" AI Q&A widget below.
Extraction quality varies by source — PMC NXML preserves structure
cleanly, OA-HTML may include some navigation residue, and OA-PDF can
have broken hyphenation. The publisher copy
(via DOI)
is the canonical version.