Honeypot Game Theory against DoS Attack in UAV Cyber

Shangting Miao ,Yang Li and Quan Pan

1School of Cybersecurity,Northwestern Polytechnical University,Xi’an,710129,China

2School of Automation,Northwestern Polytechnical University,Xi’an,710129,China

ABSTRACT A space called Unmanned Aerial Vehicle(UAV)cyber is a new environment where UAV,Ground Control Station(GCS)and business processes are integrated.Denial of service(DoS)attack is a standard network attack method,especially suitable for attacking the UAV cyber.It is a robust security risk for UAV cyber and has recently become an active research area.Game theory is typically used to simulate the existing offensive and defensive mechanisms for DoS attacks in a traditional network.In addition,the honeypot,an effective security vulnerability defense mechanism,has not been widely adopted or modeled for defense against DoS attack UAV cyber.With this motivation,the current research paper presents a honeypot game theory model that considers GCS and DoS attacks,which is used to study the interaction between attack and defense to optimize defense strategies.The GCS and honeypot act as defenses against DoS attacks in this model,and both players select their appropriate methods and build their benefit function models.On this basis,a hierarchical honeypot and G2A network delay reward strategy are introduced so that the defender and the attacker can adjust their respective strategies dynamically.Finally,by adjusting the degree of camouflage of the honeypot for UAV network services,the overall revenue of the defender can be effectively improved.The proposed method proves the existence of a mixed strategy Nash equilibrium and compares it with the existing research on no delay rewards and no honeypot defense scheme.In addition,this method realizes that the UAV cyber still guarantees a network delay of about ten milliseconds in the presence of a DoS attack.The results demonstrate that our methodology is superior to that of previous studies.

KEYWORDS UAV cyber security;honeypot game-theoretical model;DoS attack

1 Introduction

UAVs differ from conventional information infrastructure because they have more application scenarios and can be used for military and civil purposes.Among them,military applications are primarily shown as decoy and fire guidance,as well as reconnaissance and surveillance.Civil use,notably for the creation of movies and television programs,navigation,traffic monitoring,protection of agricultural plants,mobile communications,fire detection,and human search and rescue.UAVs are also utilized in the fight against the new crown epidemic.UAVs are given more critical tasks,playing a bigger and bigger role as their use increases [1].With the production scale application of modern information technology in manufacturing UAVs,UAV cyber security has emerged as a crucial area for research and development.

Cyber security is constantly evolving in response to increasingly sophisticated cyber attacks,so it is necessary to develop new ways to enhance the protection of UAVs.DoS attacks are now the leading cyber security issue for UAVs,gradually providing ineffective passive defense methods like firewalls,virus protection,and security scans.Their distinctive features are as follows.First,malicious code could be hidden in installed software,waiting for an opportunity to launch an attack.Second,because UAVs are not connected to public cyberspace,they can still be attacked.Third,it is tenacious and covert to avoid being discovered.The DoS attack is complicated to defend against because it can be launched to interfere with UAV service by inserting specific false information.

As an active defense technology [2],honeypot is suitable for solving UAV cyber security issues such as various communication protocols,seriously lacking or conveying security authentication mechanisms,and other related problems.Therefore,the honeypot effectively complements UAV cyber security against DoS attacks[3].Unlike traditional security tools like firewalls and intrusion detection,honeypots could use GCS,UAV network services,or information as bait to detect and analyze the attacks.As we all know,there is almost no research on the use of honeypots in the UAV DoS attack and defense game.This study is motivated by the fact that the honeypot has not yet been applied to UAV cyber security.

This paper introduces a honeypot game theory to lessen the possibility of maliciously stopping UAVs for DoS attacks.The attack-defense game theory is implemented to study the information security transmission problem of GCS in UAV cyber,specifically for DoS attacks,to reduce the risk of malicious interference in the information transmission process between UAV and GCS.Therefore,this paper proposes a honeypot game model against DoS attacks in UAV cyber.The GCS and honeypot are regarded as the defense.By employing a deception strategy,the honeypot could confuse the attackers and increases the attack’s cost.This paper uses the UAV network transmission delay as a reward evaluation to dynamically adjust the deception strategy of the honeypot.Concerning the UAV communication network,we also want to maintain low transmission delay while enhancing the payoff of GCS.The main contributions are summarized below.

1.In this article,it incorporates an attack-defense game model into the UAV cyber to study the respective benefit functions of the defender and the attacker,and it utilizes mixed Nash equilibrium strategy analysis to show that Nash equilibrium may be obtained when the predicted benefits of the attacker and the defender are equal.

2.This article also proposes using honeypots in the attack-defense game model to bait attackers,decrease the security impact of UAVs on cyberspace,and improve the security of data transmission in the G2A network.

3.This article uses the network delay generated after GCS or honeypot,is attacked by DoS as a reward evaluation value to adjust the deception strategy of the hierarchical honeypot dynamically and comprehensively consider the network delay and the security of UAV information transmission.Under the condition of ensuring lower network delay,the security performance of information transmission in UAV cyber is improved.

The rest of this paper is organized as follows:Section 2 provides a summary of the related work.Section 3 describes the network model of the UAV range,the model of the UAV network data link,and the reward model based on a DoS attack are all described.Section 4 describes the honeypot offensedefense game problem and proves the existence of the Nash equilibrium solution.Section 5,this paper conducts extensive numerical simulations using an OPNET-based UAV network co-simulation with MATLAB to evaluate the proposed approach.Finally,Section 6 concludes the paper.

2 Related Work

In this section,this paper briefly summarizes related work on UAV cyber security issues,a honeypot for DoS attacks,and modeling attack and defense processes using game theory.

2.1 Security Issues in UAV Cyber

This study is related to the recent global increase in malicious UAV activities,including the filming of the White House in the United States by an illegally controlled DJI UAV[4],the filming of Kuala Lumpur Airport in Malaysia by an illegally controlled UAV[5],and the illegal intrusion of the Japanese Prime Minister’s residence by a UAV carrying radioactive materials[6].

Existing studies focus on UAV penetration.For example,Watkins et al.[7] discussed vulnerabilities in UAV components,including vulnerabilities in wireless cyber,GPS,embedded systems,and navigation systems.In their study of three typical UAVs attacks,Liu et al.[8]examined wireless signal spoofing,GPS spoofing,and an assault on wireless sensor hacking.Trust in the GCS is key to the attack’s success.

This paper compares UAVs with traditional infrastructure in terms of security threat,security protection,and security management,as shown in Table 1.Several possible security threats related to UAV cyber security are summarized as follows:(i)The variety of UAV software may lead to unknown vulnerabilities;(ii)UAV communication protocols lack encryption,and attackers capture control data and commands sent from the GCS to the UAV for replay or data forgery attack;(iii)As the wireless environment is open,a malicious attacker can send a false wireless control command to take over the UAV illegally.

Table 1:Comparison between UAV and traditional infrastructure

2.2 Honeypot for Denial of Service Attack

Existing studies focus on the discovery of security threats and attacks in UAV cyber,as well as the use of different security protection mechanisms for tampering with physical layer DoS attacks and the resource consumption of link layer DoS attack.Anti-UAV security research schemes include Wi-Fi jamming and cracking[9–11],replay[12,13],buffer overflow[14,15],ARP cache poisoning[16,17],injection and modification[18],and civilian GPS spoofing[19–22].In addition,honeypot solutions for DoS attacks have been studied in[23].The study suggests a method for simulating a product network in order to set up a honeypot,record an attack,and capture it.Although the honeypot can detect the attack early,the honeypot is not set according to the essential characteristics of the system,resulting in a low imitation degree.Therefore,the honeypot may effectively defend against DoS attacks in UAV cyber as an active defense technology.

The developer tool kit(DTK)[24],launched on UNIX platforms by Cohen in 1997,was the most influential early honeypot software tool.It records the behavior of tool vulnerabilities by simulating many vulnerabilities on the system.Up to now,various honeypots have appeared in the fields of industrial control systems,IP voice and other fields in terms of simulation level and captured data quality,such as MiniCPS [25],IoTPOT [26],Iotcandyjar [27],Artemisa [28] and many innovative honeypot products.In addition,the creation technique of the deception simulation environment determines the veracity of the honeypot.It should be mentioned that the honeypot study of UAVs has not received enough attention.

To the best of our knowledge,most research on DoS attacks is based on the energy-sensitive and resource-constrained characteristics of UAV networks.Wood et al.[29]studied various DoS attacks that may occur at various layers in sensor networks.Simple DoS attack attempts to deplete the available resources of the victim node by sending many unnecessary packets,thereby preventing legitimate network users from accessing services or resources to which they are entitled.Therefore,methods to protect local devices from DoS attacks at the source include source-based DWARD[30],traceback[31],path identification [32],etc.Raymond et al.[33] also explored defense mechanisms in wireless networks.However,the traditional method of defending against DoS attacks requires constant system traffic monitoring,which consumes resources and is unsuitable for UAVs.It should be mentioned that as an effective security vulnerability defense tool,it seems that there is no honeypot supports UAVspecific protocols.The use of honeypot as defense against UVA-based DoS attacks may have gone unnoticed in earlier research.

2.3 Game Theory for Modeling

The application of game theory in DoS modeling is studied in[34]and[35].In[36],La et al.introduced a two-player zero-sum game to deal with DoS traffic injection.In [37],Liu et al.proposed a dynamic attack-based game model to compute Nash equilibrium to solve the attack detection problem.Neither study could balance the energy consumption rate and attack detection rate.Therefore,the honeypot can consume fewer resources while protecting the UAV network.The attacker’s choice can be influenced or interfered with by it,and the intent also can be detected by it.However,the current study on the honeypot attack and defense game focuses on smart grids,intelligent transportation,and cloud computing.Ashok et al.[38] discussed cyber-physical security from the perspective of coordinated cyber attacks.They introduced a game-theoretic approach to improving the cyber defense performance of intelligent grids,aiming at the problem that the national grid and other critical infrastructures face the threat of cyber attack.Koutsoukos et al.[39]proposed a traffic signal detection model based on game theory to protect the traffic network from cyber threats.The model obtains the optimal defense strategy under high computational load through a heuristic algorithm.Xiao et al.[40] proposed a bounded rational game model based on prospect theory,which uses prospect theory to describe the bounded rational game process between the defender and the attacker of the cloud storage system.The simulation results show that exploiting the attacker’s bounded rational behavior can improve the defender’s profit.Compared with the above studies,this study is oriented towards the field of UAV and introduces honeypot technology as an active defense mechanism to trap DoS attacks.

There is currently little research on the implementation of a honeypot to enhance the security of UAV cyber,and the majority of studies in the field of UAV cyber security mainly address the issue of attack detection.Then this paper considers applying the honeypot to the game model to deceive the attacker and increase the cost.

3 Game Model for UAV Range

In this section,the UAV range is a virtual simulation environment for simulating UAV cyber.Next,this paper describes its network model,and network data link model,and finally introduces the reward model for the DoS attack.This paper places the relevant symbol definitions in Table 2.

Table 2:List of symbols

3.1 Network Model

Fig.1 depicts the four components of this game model: GCS,honeypot,malicious GCS,and UAV.Among them,the GCS is deployed by the service provider within the operating range of the UAV to provide efficient computing caching services for the UAV,such as UAV navigation and route conditions information sharing,which is essential for flight.This paper defines GCS in the same area asQ={1,2,3,...,Q}.Each GCS in the network is equipped with a cache server to provide cache services for the UAV network.

This paper considers that the attacker can gain control of GCS through vulnerabilities and implement a DoS attack.At the same time,the UAV receives a large amount of garbage data,causing network interruption and security incidents.This paper defines the malicious GCS asA={1,2,3,...,A}.It affects the network transmission quality by interfering with the downlink.

Figure 1:Game model of UAV range

Generally speaking,UAVs need to obtain some services in real-time during the navigation process,such as map navigation,airborne missions,collision warning,etc.Then,this paper defines UAV asU={1,2,3,...,U},assuming that each UAV can obtain cache services from multiple GCS,and attackers may have hacked some.Then,this paper feeds back the network delay of the UAV to the GCS,and it judges whether it is under DoS attack according to the network delay.

This paper deploys the honeypot near the GCS to hide the identity and define the honeypot as H={1,2,3,...,H}.When the UAV sends a request to the GCS,the honeypot and the GCS respond to the network request of the UAV at the same time,and the honeypot can transmit some information that hackers are interested in,such as the location information of the UAV user,or the UAV management background.Once the honeypot is successfully trapped,then this paper considers it to increase the attack cost.

3.2 UAV Network Data Link Model

In this section,this paper assumes that the UAV is waiting to take off,and the network data transmission model is the line of sight (LOS) wireless transmission model.This paper applies it to network communication between UAV and GCS[41].First of all,this paper makes a relevant definition of the defender.At a particular time,the position of UAV is defined as(xu,yu,zu),wherezu=0,qis a fixed position,which is defined as（xq,yq）,and the distance between GCS and UAV isdq,u(t)=.The honeypot is also a fixed location,and its location is defined as(xh,yh).This paper defines the confounding deception quality of a hierarchical honeypot asηh∈[0,10]and believes thatηh,between 7 and 10,represents the selection of a highly interactive honeypot.It makes the attacker easy to believe honeypot and attack.

Then this paper defines the attacker.Attack is assumed to be(xa,ya),the initial position at the time.The hacker obtains permission to control the GCS by attacking.Thereby they can send a large amount of junk information to UAV,causing it to failure to receive average data.The distance betweenaanduisda,u(t)=.

This paper defines the channel gain betweenqanduasαq,u(t),and the calculation formula is shown in(3-1).

whereλrepresents the channel power gain,εis the path loss exponent,andε >1.

Similarly,this paper defines the channel gain betweenaanduasβa,u(t),and the calculation formula is shown in(3-2).The channel gain betweenhanduis defined asγh,u(t),and the calculation formula is shown in(3-3).

wherema={0,1},0 means no DoS attack,and 1 means DoS attack.This paper defines the power of network transmission betweenqanduaspq,q∈(1,2,3,...,Q),the power of network transmission betweenhanduasph,h∈(1,2,3,...,H),and the power of network transmission betweenaanduaspa,a∈(1,2,3,...,A).From the point of view of the signal noise ratio(SNR),this paper defines the background noise asN,assuming that the DoS attack will occur between 1qand 1a,affecting the data link layer of the wireless network.This paper defines the SNR ofuat the time as.Then its calculation formula is as follows:

The attacker has attackedhwith a DoS without interfering with regular network communication if the data connection layer of the interaction betweenqanduis standard.Then,this paper definesqand SNR as,and its calculation formula is as follows:

whereψ{-q,u}(t)represents the channel interference generated by otherqexcept the currentq,since there is no other redundantqinterference at present,here isψ{-q,u}(t)=0.

In addition,from the point of view of the transmission rate of the data link layer,if the data link layer ofqinteracting withuis abnormal,it means thatqmay be DoS attacked.That is,there is real noise.According to Shannon’s theorem,this paper can define the transmission rate of the data link layer betweenqanduas,and its calculation formula is as follows:

Analogously,if the network data link layer ofqis normal,this paper defines the data transmission rate of interaction betweenqanduas,and its calculation formula is as follows:

3.3 Reward Strategy Based on Network Delay

This paper also needs to consider the delay of the communication network after the DoS attackqas a reward signal.When initiates a DoS attack and affects data transmission,qandhneed to consider how to adjust the transmission strategy to obtain adequate data transmission.This paper wantsqto transmit as much information as possible touin a time period,butacan affect the quality of network information transmission.Therefore,this paper defines the computational data sent byqtourequest asV={1,2,3,...,V},and the data size asKv.

When this paper assumes the first case,qis under DoS attack,the network transmission delay is,and its calculation formula is as follows:

This paper also assumes the second case,whenqis not under DoS attack,the network transmission delay is,and its calculation formula is as follows:

In addition,this paper uses the network transmission delay value as a reward.When the network transmission delay value is significant,the reward value is small,indicating that the trapping effect ofhis not good.At this time,the defense parameters ofhare evaluated.When the network transmission delay is slight,the reward value is enormous,indicating that the trapping effect ofhis good.Then,this paper defines the reward value asτ,and its calculation formula is as follows:

whereσrepresents the parameters ofhto adjust the defense,σ=tu-t0,t0=,andturepresents the actual transmission delay of the UAV receiving the requested network data.The following table provides the honeypot deception quality update calculation formula:(3-11)[41].

This paper analyzes the above formula.If the actual network transmission delay of the environment is much smaller than the specified,then the possibility of a DoS attack on the network communication is less.It means that thehadjustment parameter is more extensive now,indicating that the reward value is higher,Δη <0 and the updatedηhis lower.Vice versa,this paper needs to go through multiple rounds of iterations,and both the offensive and defensive sides constantly adjust their strategies to achieve a more stable balance.

4 Optimal Defensive Strategy of Honeypot in UAV Cyber

This section describes how to model the network interaction problem betweenq,handain the UAV range as an attack and defense game model and build a benefit function model for both parties.This section also sets up the rules of network delay reward evaluation.The defender and attacker can dynamically adjust their strategies and use the mixed strategy Nash equilibrium theory to obtain the optimal solution.The specific analysis is as follows.At the same time,this paper puts the definitions of symbols in Table 3 for easy reading.

Table 3:List of symbols

4.1 Problem Description of Honeypot Game for UAV Cyber

Above all,this paper takesaas the attacker,qandhas the defender.At the same time,it introduces a honeypot trapping strategy.Hence,this paper wants to find their optimal Nash equilibrium through the benefit function of the offense and defense and the reward strategy of network delay.

Then this paper establishes the game model.As far as the defender is concerned,this paper defines the transmission cost per unit of data link layer asπq,πq=πh.Therefore,when the transmission power of each unit network ispq,the total transmission cost ofqisφq=pqπq,and the total transmission cost of the attacker can also be calculated asφa=paπa.Similarly,this paper usesgq={0,1} to indicate whetherqcommunicates with the network.Whengq=1,it means thatqtransmits data tou.Whengq=0,it means that no data is transmitted.At the same time,ga={0,1}is used to indicate whether a DoS attack is performed.Whenga=1,it means thataconducts a DoS attack on the UAV.Whenga=0,it means there is no DoS attack.

where this paper definesκas the adjustment parameter of the honeypot trapping rate,ηh∈[1,100]represents the decoy quality of the honeypot,and its calculation formula is as follows:

Specifically,when the network data transmission delay is high,happropriately improves the interactivity and IP address emulation,and increases the attack cost by deceiving the DoS attacker.In addition,this paper also defines the benefit function ofaas{Ra}a∈A,and its calculation formula is as follows:

In summary,Since the two sides are antagonistic,any one of them changing its strategy will change the benefits of both parties involved in the game.The advantage of using a zero-sum game to model this attack-defense interaction is that one party’s gain is the other’s loss,which better reflects the degree of opposition.Therefore,the zero-sum game can better reflect the confrontation betweenqandaso that both parties can maximize their utility.

4.2 Offensive and Defensive Utility Function Matrix

In the process of analyzing the offensive and defensive game of the UAV range,qandahave their strategies.Since both sides have two strategies to choose from,there are four strategies after the combination.The details of these four strategies are as follows.

In the first strategyS1,qtransmits network data tou,andainitiates a DoS attack.This paper defines the benefit function ofqasRq,q∈Q,and its calculation formula is shown in (4-4).The benefit function ofais defined asRa,a∈A,and its calculation formula is shown in(4-5).

In the second strategyS2,qdoes not transmit network data tou,andainitiates a DoS attack.This paper defines the benefit function ofqasRq,q∈Q,its calculation formula is shown in(4-6).The benefit function ofais defined asRa,a∈A,and its calculation formula is shown in(4-7).

In the third strategyS3,qtransmits network data tou,andadoes not initiate a DoS attack.This paper defines the benefit function ofqasRq,q∈Q,and its calculation formula is shown in (4-8).The benefit function ofais defined asRa,a∈A,and its calculation formula is shown in(4-9).

In the fourth strategyS4,qdoes not transmit network data tou,andadoes not initiate a DoS attack.This paper defines the benefit function ofqasRq,q∈Q=0,and the benefit function ofais defined asRa,a∈A=0.

Then,this paper assumes that in one case,the transmission benefits of GCS and honeypot outweigh the cost of maintaining security,and GCS has reason to have network interactions with UAV.Finally,this paper shows the payoff function matrix of the offensive and defensive sides under different strategies in Table 4.

Table 4:Attack and defense payoff function matrix

4.3 Mixed Strategy Nash Equilibrium Analysis

In the last subsection,this paper regards UAV cyber’s offensive and defensive game as a zerosum game.Both offensive and defensive sides have their strategies combined into four situations.Meanwhile,this paper assumes that the hackers and honeypot deployers in the game are rational,and they have to consider the cost.With the same benefits,participants need to consider lower-cost attack and defense methods.As a result,both players in the game must select an effective tactic to maximize their gains.Because both sides have their optimal strategies,this paper needs to use mixed strategy Nash equilibrium analysis to solve the problem.

To evaluate the UAV range honeypot game,this paper defines the probability distribution of the participants onχasf,f=(f1,f2,f3,...fr)∈R≥0,where=1.Then,this paper defines the probability of safe network transmission asFTand the probability of unsafe transmission asFNT.Analogously,we define the probability ofalaunching a DoS attack asFAand the probability of not launching a DoS attack asFNA,as shown in Table 5.

Table 5:Benefit function matrix of offensive and defensive strategies

Specifically,according to the definition of mixed Nash equilibrium,when the expected benefits of the defender and the attacker are equal,the players no longer care about the choice of strategy.Therefore,in the honeypot game model of the UAV range,the mixed strategy gives the attacker the same expected benefit when generating a DoS attack or not generating a DoS attack.

When this paper setsE(FA)-E(FNA)=0 andE(FT)-E(FNT)=0,the mixed Nash equilibrium strategies of both sides of the game are obtained,and their calculation formulas are as follows:

In summary,this paper obtains the probability of each strategy by calculating and getting the mixed Nash equilibrium,that is,the obtained probability set,in the process of the offensive and defensive game of the UAV range.In this probability set,the benefits of both parties can reach the optimal situation simultaneously.Assuming that both parties abide by the regulations,neither party will change the strategy to break the balance,that is,to achieve the mixed Nash equilibrium of the honeypot attack and defense game in the UAV range.

5 Numerical Results

In this section,this paper mainly introduces the experimental simulation environment and the result analysis.This paper uses Matlab R2016a to conduct the simulation environment of the UAV cyber evolutionary game experiment.The test running environment is Intel(R)Xeon(R)CPU E5-1603@2.80 GHz processor,the running memory is 8 GB,and the operating system is Windows 10 64-bit.In addition,the scene of the UAV range consists of GCS,honeypot,malicious ground station and UAV.Where GCS provides network data transmission services for UAV,the honeypot is responsible for disguising as GCS to trick attackers into conducting DoS attacks.Expressly,the number of GCSs,UAVs,and malicious GCSs is set to 1,whereas the number of honeypots is set to 3.

To investigate the advantages of GCS during a DoS assault,this paper adopted the honeypot defense strategy (UDRH) proposed in this paper and compared it with the no honeypot defense scheme(NHDS)in[42].As shown in Fig.2.This paper can see that the change range is relatively gentle in the early stage of the iteration,and the attacker and defender continue to interact and play the game.In the case of a DoS attack,the benefits of GCS tend to be those without a DoS attack,indicating that the honeypot defense strategy can resist to a certain extent.DoS attacks improve the defense’s effectiveness.In the absence of DoS attacks,the benefits of GCS are higher overall.By contrast,the overall benefit of GCS in the UDRH strategy was higher than that of the NHDS strategy.

Figure 2:GCS benefit in the case of a DoS attack

In particular,this paper divides the hierarchical honeypot into three types:high,middle and low,and their deception quality is 1–10.To this end,this paper can analyze the cyber security probability and DoS attack probability from Fig.3.In general,this paper equates the degree of emulation of a honeypot with its trapping quality,which is mainly determined by its interactivity.When the deception quality is between 7–10,it is a highly interactive honeypot,and the probability of the UAV communication network being attacked by DoS is reduced.In addition,as the degree of honeypot camouflage has increased,network transmission security has improved,significantly reducing the probability of a DoS attack.The honeypot protects the security of UAV cyber,making it difficult for the attacker to conduct a DoS attack effectively.

In Fig.4,this paper analyzes the network security probability under the UDRH strategy.With the change of iteration time,it is higher when there is no DoS attack than when there is a DoS attack.It shows that the attacker floods the communication channel between the UAV and the GCS with garbage data.As a result,the UAV cannot usually receive messages,reducing the cyber security rate.Meanwhile,in the presence or absence of a DoS attack,the UDRH strategy has a higher network security rate than the NHDS,which shows that honeypot defense is of great significance for improving UAV cyber security performance.In addition,after a period of iteration,the cyber security probability of the UDRH strategy under the presence or absence of a DoS attack is equal,reaching the final balance.

Figure 3:The deceptive quality of hierarchical honeypot

Analogously,this paper can analyze from Fig.5 that the network transmission delay changes with the iteration time.In the presence of a DoS attack,the network transmission delay is higher than when there is no DoS attack.It shows that the DoS attack intensity is high.However,this paper adopts a reward adjustment strategy.After a period of iteration,the network transmission delay continues to approach the situation without a DoS attack.The honeypot defense strategy can resist the DoS attack.If the honeypot is absent compared to the NHDS scheme,there is a higher chance that the UAV network transmission may be interrupted.

In this paper,Fig.6 compares the expected benefits of the defender with the degree of honeypot camouflage under different schemes.The honeypot strategy based on the zero-sum game proposed in this paper has apparent advantages over the other two schemes.It can improve the expected benefits of the defense more efficiently.The NHDS is that in the case of no honeypot defense,the mixed Nash equilibrium strategy selects its actions,resulting in lower expected returns.While adopting the honeypot defensive technique,the drone reward scheme (DRS) [43] lacks the time-delay feedback evaluation to dynamically change attack and defense strategies.In addition,when the degree of camouflage of the honeypot is low,the expected benefits of the UDRH and the DRS are similar.However,as the degree of honeypot camouflage increases,the expected benefit value of UDRH and DRS gradually increases.Simultaneously,the advantages of UDRH are steadily reflected.

Figure 6:Comparison of benefits under different schemes

6 Conclusion

UAV gives a promising future to brilliant intelligent cities.With the advances in UAV technology,UAVs will become a part of the human environment.However,due to the openness of the G2A network,the transmission of UAV security information has become a challenging issue.UAV is vulnerable to cyber attacks,causing harm such as loss of confidential data and productivity.Given the vulnerability of UAVs to DoS attacks,a method to reduce the impact of UAV network delay in the environment of cyber attacks is proposed.This paper uses hierarchical honeypots and delayed rewards to establish a honeypot game model.The experimental results show that this method is suitable for effectively mitigating the impact of G2A network communication by DoS attack.In the offensive and defensive game model we use,the ground station’s strategy is choosing network transmission,and the strategy of the malicious ground station is choosing a DoS attack.It is regarded as a zero-sum game model.Among them,the behavior of defender is to improve its confusion,while the attacker mainly provides prerequisites for the network delay.Finally,we give a detailed analysis of the experiment.In the presence of a DoS attack,the UDRH strategy can guarantee that the G2A network delay is about 10.2 milliseconds,while the G2A network delay under the NHDS strategy is about 58.6 milliseconds.For the future,it is intended to improve the security of UAV cyber through the analysis of honeypot data.

Acknowledgement:Previous UAV data link security is the basis of our research.We are grateful to all the researchers and applications that have guided us in developing the honeypot system for UAVs.

Funding Statement:Basic Scientific Research program of China JCKY2020203C025 funding is involved in this study.

Author Contributions:All authors contributed to the study conception and design.Material preparation,data collection and analysis were performed by Shangting Miao,Yang Li and Quan Pan.The first draft of the manuscript was written by Shangting Miao and all authors commented on previous versions of the manuscript.All authors read and approved the final manuscript.

Availability of Data and Materials:Part of the data comes from the DroneWars website.

Conflicts of Interest:The authors declare they have no conflicts of interest to report regarding the present study.