A Graph Theory Based Self-Learning Honeypot to Detect Persistent Threats

Attacks on the cyber space is getting exponential in recent times. Illegal penetrations and breaches are real threats to the individuals and organizations. Conventional security systems are good enough to detect the known threats but when it comes to Advanced Persistent Threats (APTs) they fails. These APTs are targeted, more sophisticated and very persistent and incorporates lot of evasive techniques to bypass the existing defenses. Hence, there is a need for an effective defense system that can achieve a complete reliance of security. To address the above-mentioned issues, this paper proposes a novel honeypot system that tracks the anonymous behavior of the APT threats. The key idea of honeypot leverages the concepts of graph theory to detect such targeted attacks. The proposed honey-pot is self-realizing, strategic assisted which withholds the APTs actionable techniques and observes the behavior for analysis and modelling. The proposed graph theory based self learning honeypot using the results gamma(C(n,1)),gamma(c) (C(n,1)), gamma(sc )(C(n,1)) outperforms traditional techniques by detecting APTs behavioral with detection rate of 96%.