A HONEYPOT FOR SPIES: UNDERSTANDING INTERNET-BASED DATA THEFT

Loading...
Thumbnail Image
Authors
Henderson, Blake T.
Subjects
honeypot
electronic counterintelligence
deception
data theft
Advisors
Rowe, Neil C.
Date of Issue
2018-03
Date
Publisher
Monterey, CA; Naval Postgraduate School
Language
Abstract
Creating ruses and planting false documents to deceive our adversaries is a tactic that has been used for a long time. Honeypots allow us to easily plant false data on information systems while we monitor what attackers access and download. This enables us to learn of a potential spy’s interests and intents, helping defenders decide how to concentrate their resources when protecting critical information networks. In this thesis, we used a content-based Web honeypot to monitor access to military-related documents to see what type of information Internet users were most interested in obtaining. We created a webserver within the Naval Postgraduate School address range, mimicked the Naval Postgraduate School library’s website layout, and used webpage and webserver log monitoring software to analyze activity. We characterized both human and automated (bot) activity and found that the cyber subpage was the most popular among both types of users. Additionally, human-user document downloads tended to be in order of appearance on the webpage (alphabetically), but bot-user downloads appeared to be more random.
Type
Thesis
Description
Series/Report No
Department
Information Sciences (IS)
Organization
Identifiers
NPS Report Number
Sponsors
Funder
Format
Citation
Distribution Statement
Approved for public release; distribution is unlimited.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
Collections