TY  - EJOU
AU  - Pavendan, R. T. 
AU  - Sankar, K. 
AU  - Kumar, K. A. Varun 

TI  - A Graph Theory Based Self-Learning Honeypot to Detect Persistent Threats
T2  - Intelligent Automation \& Soft Computing

PY  - 2023
VL  - 35
IS  - 3
SN  - 2326-005X

AB  - Attacks on the cyber space is getting exponential in recent times. Illegal penetrations and breaches are real threats to the individuals and organizations. Conventional security systems are good enough to detect the known threats but when it comes to Advanced Persistent Threats (APTs) they fails. These APTs are targeted, more sophisticated and very persistent and incorporates lot of evasive techniques to bypass the existing defenses. Hence, there is a need for an effective defense system that can achieve a complete reliance of security. To address the above-mentioned issues, this paper proposes a novel honeypot system that tracks the anonymous behavior of the APT threats. The key idea of honeypot leverages the concepts of graph theory to detect such targeted attacks. The proposed honeypot is self-realizing, strategic assisted which withholds the APTs actionable techniques and observes the behavior for analysis and modelling. The proposed graph theory based self learning honeypot using the results γ(C(n,1)),γ<sub>c</sub> (C(n,1)), γ<sub>sc</sub> (C(n,1)) outperforms traditional techniques by detecting APTs behavioral with detection rate of 96%.
KW  - Graph theory; Domination; Connected Domination; Secure Connected Domination; honeypot; self learning; ransomware

DO  - 10.32604/iasc.2023.028029