Author Guidelines

Publications

Editorial

About

Archive Issue – Vol.5, Issue.4 (Oct-Dec 2025)

Archive Issue – Vol.5, Issue.4 (October-December 2025)


DDQN-BASED ADAPTIVE LIGHTWEIGHT HONEYPOT FRAMEWORK FOR INTELLIGENT CYBER THREAT DETECTION IN SMALL AND MEDIUM ENTERPRISES

Arshit Rawat, Devansh Namdev, Aditya Sharma, Anant Pratap Singh Sachan and Shivank Kumar Soni

Research Paper | Journal Paper

Vol.5, Issue.4, pp.1-07, Dep-2025

Abstract References Citation Download

Abstract

Honeypots serve as deceptive cybersecurity systems that attract and engage attackers, providing valuable insights into their methods within controlled environments. However, traditional honeypots are largely static and passive, making them easily identifiable and ineffective against modern, adaptive cyber threats. Existing adaptive models offer incremental improvements but remain limited by predefined rules or simplified learning mechanisms, restricting their responsiveness to complex and evolving attacks. This paper introduces an RL-Enhanced Adaptive Honeypot that integrates a Dueling Double Deep Q-Network (DDQN)-based decision engine to enable autonomous behavioural adaptation. The system dynamically adjusts its defence posture by analysing attacker activity and environmental metrics represented in a structured state model. Through continuous learning and policy optimization, the honeypot transitions between observation, deception, and mitigation strategies, maintaining an average accuracy of approximately 96% across behavioural prediction and threat intelligence classification tasks. Future work aims to employ simulated multi-stage attack environments to pre-train reinforcement learning agents, fostering the development of self-evolving honeypots capable of real-time, intelligent cyber defence.

Key-Words / Index Term: Adaptive Cyber Defence, DDQN, Honeypot, Network Security, Reinforcement Learning.

References

      1. A. Alahmari and B. Duncan, "Cybersecurity Risk Management in Small and Medium-Sized Enterprises: A Systematic Review of Recent Evidence," 2020 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), Dublin, Ireland, 2020, pp. 1-5, 10.1109/CyberSA49311.2020.9139638
      2. Z. Aradi and A. Bánáti, "The Role of Honeypots in Modern Cybersecurity Strategies," 2025 IEEE 23rd World Symposium on Applied Machine Intelligence and Informatics (SAMI), Stará Lesná, Slovakia, 2025, pp. 000189-000196, 10.1109/SAMI63904.2025.10883300
      3. T. T. Nguyen and V. J. Reddi, "Deep Reinforcement Learning for Cyber Security," in IEEE Transactions on Neural Networks and Learning Systems, vol. 34, no. 8, pp. 3779-3795, Aug. 2023, 10.1109/TNNLS.2021.3121870.
      4. Van Hasselt, Hado, Arthur Guez, and David Silver. "Deep reinforcement learning with double q-learning." Proceedings of the AAAI conference on artificial intelligence. Vol. 30. No. 1. 2016. https://doi.org/10.1609/aaai.v30i1.10295
      5. P. Holgado, V. A. Villagrá and L. Vázquez, "Real-Time Multistep Attack Prediction Based on Hidden Markov Models," in IEEE Transactions on Dependable and Secure Computing, vol. 17, no. 1, pp. 134-147, 1 Jan.-Feb. 2020, 10.1109/TDSC.2017.2751478.
      6. Pashaei, Abbasgholi, et al. "Early Intrusion Detection System using honeypot for industrial control networks." Results in Engineering 16 (2022): 100576. https://doi.org/10.1016/j.rineng.2022.100576
      7. B. Hu and J. Li, "Shifting Deep Reinforcement Learning Algorithm Toward Training Directly in Transient Real-World Environment: A Case Study in Powertrain Control," in IEEE Transactions on Industrial Informatics, vol. 17, no. 12, pp. 8198-8206, Dec. 2021, 10.1109/TII.2021.3063489.
      8. Caminero, Guillermo, Manuel Lopez-Martin, and Belen Carro. "Adversarial environment reinforcement learning algorithm for intrusion detection." Computer Networks 159 (2019): 96-109. https://doi.org/10.1016/j.comnet.2019.05.013
      9. Y. Liu, H. Wang, M. Peng, J. Guan, J. Xu and Y. Wang, "DeePGA: A Privacy-Preserving Data Aggregation Game in Crowdsensing via Deep Reinforcement Learning," in IEEE Internet of Things Journal, vol. 7, no. 5, pp. 4113-4127, May 2020, 10.1109/JIOT.2019.2957400
      10. Q. Xu, Z. Su and R. Lu, "Game Theory and Reinforcement Learning Based Secure Edge Caching in Mobile Social Networks," in IEEE Transactions on Information Forensics and Security, vol. 15, pp. 3415-3429, 2020, 10.1109/TIFS.2020.2980823.
      11. Sethi, K., Sai Rupesh, E., Kumar, R. et al. A context-aware robust intrusion detection system: a reinforcement learning-based approach. Int. J. Inf. Secur. 19, 657–678 (2020). https://doi.org/10.1007/s10207-019-00482-7
      12. S. Otoum, B. Kantarci and H. Mouftah, "Empowering Reinforcement Learning on Big Sensed Data for Intrusion Detection," ICC 2019 - 2019 IEEE International Conference on Communications (ICC), Shanghai, China, 2019, pp. 1-7, 10.1109/ICC.2019.8761575
      13. Pacheco, Yulexis, and Weiqing Sun. "Adversarial Machine Learning: A Comparative Study on Contemporary Intrusion Detection Datasets." ICISSP.2021. https://www.scitepress.org/PublishedPapers/2021/102535/102535.pdf
      14. E. Suwannalai and C. Polprasert, "Network Intrusion Detection Systems Using Adversarial Reinforcement Learning with Deep Q-network," 2020 18th International Conference on ICT and Knowledge Engineering (ICT&KE), Bangkok, Thailand, 2020, pp. 1-7, 10.1109/ICTKE50349.2020.9289884
      15. Veluchamy, Selvakumar, and Ruba Soundar Kathavarayan. "Deep reinforcement learning for building honeypots against runtime DoS attack." International Journal of Intelligent Systems 37.7 (2022): 3981-4007. https://doi.org/10.1002/int.22708

Citation

Arshit Rawat, Devansh Namdev, Aditya Sharma, Anant Pratap Singh Sachan and Shivank Kumar Soni, "DDQN-BASED ADAPTIVE LIGHTWEIGHT HONEYPOT FRAMEWORK FOR INTELLIGENT CYBER THREAT DETECTION IN SMALL AND MEDIUM ENTERPRISES" International Journal of Scientific Research in Technology & Management, Vol.5, Issue.4, pp.1-07, 2025.