Skip to main content

How to stop cyber-attacks with honeypots

Award-winning insights on cyber defence strategies

Samuel Lavebrink and Madeleine Lindström are studying the Master's programme Machine Learning.
Published Feb 13, 2024

In the ever-evolving landscape of cyber warfare, defending against human-controlled cyberattacks requires innovative strategies. A recent study conducted by students at KTH delves into the realm of cyber defence, explicitly focusing on the placement of honeypots – deceptive traps designed to mislead potential attackers. This investigation aims to shed light on cyberspace's most effective defence strategies.

In a groundbreaking bachelor's thesis on strategies for bluffing games in cyberspace, students Samuel and Madeleine, in collaboration with the Swedish Defence Research Agency (FOI) and supervisor Joel Brynielsson, have recently received the "Best Paper" award at the FOSINT-SI 2023 conference.

“This achievement has not only highlighted the importance of our research but also created new opportunities and directions for our future cybersecurity careers,“ Madeleine says.

To defend against information-seeking cyberattacks, honeypots appear valuable targets within an organisation. The key lies in deceiving attackers by strategically placing honeypots. The study simulated different defence algorithms in a game to analyse their effectiveness in deceiving attackers. Based on game theory, the game portrayed a zero-sum scenario where the defender's gain equates to the attacker's loss.

“As cyberattacks surge, cyber defence becomes complex, often overshadowed by the attacker's advantage of pinpointing a single vulnerable point. The report emphasises the role of artificial intelligence (AI) in cyber defence despite the challenges of adapting to evolving threats”, Samuel says.

Samuel Lavebrink and Madeleine Lindström are studying the Master's programme Machine Learning.
Samuel Lavebrink and Madeleine Lindström are studying the 5-year engineering programme Engineering Physics and are in their first year of the Master's programme Machine Learning.

The study involved 124 KTH students playing against six defence strategies using HoneyGame. In this game, defence algorithms strategically placed honeypots on different nodes, and players aimed to maximise points by evading honeypots. Strategies with adaptability and randomness proved superior, with Learning with Linear Rewards standing out as the most effective algorithm.

“The findings contribute valuable insights to the ongoing battle for cyber defence in an era where the stakes have never been higher”, Madeleine says.

For Samuel and Madeleine, this success represents a recognised achievement and new opportunities for future career choices. With a growing interest in cybersecurity, they have now received offers to continue working on the project and write their theses with FOI. This future investment in cybersecurity opens doors to exciting opportunities and long-term involvement in the field.

Text & photo: Charlotta Alnersson

Related news

Cybercampus Sverige inaugurated

On 7 February, Cybercampus Sverige was formally launched at a ceremony at the new headquarters in Stockholm, with Minister for Civil Defence Carl-Oskar Bohlin and Minister for Education Mats Persson i...

Read the article
Samuel Lavebrink and Madeleine Lindström are studying the Master's programme Machine Learning.

How to stop cyber-attacks with honeypots

In the ever-evolving landscape of cyber warfare, defending against human-controlled cyberattacks requires innovative strategies. A recent study conducted by students at KTH delves into the realm of cy...

Read the article
Gunnar Karlsson with his Headquarters Medal of Merit from the Swedish Armed Forces.
Gunnar Karlsson with his Headquarters Medal of Merit from the Swedish Armed Forces.

Honoured for his work in cyber security

Gunnar Karlsson from the Department of Network and Systems Engineering recently received the Headquarters Medal of Merit from the Swedish Armed Forces for his commitment to training cyber soldiers and...

Read the article