Honeypots, mobile apps and risk theory
by Felisa Vazquez-Abad
Abstract: You are talking to someone on your mobile phone. Simultaneously, a widget in your device is downloading data periodically from some server, continuously synchronizing with some cloud and many more applications may be running asynchronously. In a modern mobile network, communication does not mean only voice or simple data communication.
The conventional spectrum allocation policy may lead to over-utilization in some bands and under-utilization in others. The new (IEEE 802.22) standards allow the unused, licensed frequency spectrum to be used by unlicensed users on a non-interfering basis. In wireless networks (WLAN) Primary Users (PU) are the licensed owners of radio frequencies used for transmitting data. Secondary Users (SU) can transmit packets through those channels, but they must refrain from transmitting when the PU resumes its transmission. A collection of SU's that share access to a WLAN forms a cognitive radio network. Cognitive Radio Networks (CRN's) aim to provide a good solution of the conflict between spectrum scarcity and under-utilization.
The ``open" philosophy of the CRN's makes them susceptible to attacks by smart malicious user(s) that could even render the legitimate cognitive radios spectrum-less. Among these, the most common are jamming-based denial of service (DoS) attacks, which result in packet loss. In cybercrime, a ``Honeypot" is defined as ``a security resource who's value lies in being probed, attacked or compromised''.
In this paper we study dynamic allocation of honeypot nodes in a CRN. We study a queueing model for the random allocation policy and verify its accuracy via simulation experiments. For the state dependent policies, we use criteria that can be expressed as a finite horizon ruin probability.
On-going research focuses on learning mechanisms that aim to increase the attractiveness of the honeypots.