DEPLOYING AND ANALYZING CONTAINERIZED HONEYPOTS IN THE CLOUD WITH T-POT

Loading...
Thumbnail Image
Authors
Washofsky, Alexander D.
Subjects
honeypot
cloud
cloud server
T-Pot
deception
cyber defense
Advisors
Rowe, Neil C.
Nguyen, Thuy D.
Date of Issue
2021-09
Date
Publisher
Monterey, CA; Naval Postgraduate School
Language
Abstract
Honeypots (decoy systems) are effective tools to monitor cyberattack and intrusion attempts, but it is challenging to deploy enough of them to catch a sufficient amount of such activity. With cyberattacks on the rise, specifically those targeting critical infrastructure, better suspicious-traffic collection methods must be developed. This thesis explores the deployment and use of cloud-based honeypots within an open-source honeypot management framework, T-Pot. Instances of T-Pot ran honeypots that simulated a web server and an electrical-power distribution system, and their traffic was compared to previous local and cloud-based standalone honeypot deployments. The results showed that the cloud deployments received more traffic than local deployments and that the use of T-Pot did not discourage intrusions or attacks. T-Pot bundles security analysis tools and services for analyzing cloud-scale data, enabling more robust cyber defense for critical infrastructure and Department of Defense networks.
Type
Thesis
Description
Series/Report No
Department
Computer Science (CS)
Organization
Identifiers
NPS Report Number
Sponsors
Funder
Format
Citation
Distribution Statement
Approved for public release. Distribution is unlimited.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
Collections