Assessing the effects of honeypots on cyber-attackers
Lim, Sze Li Harry
Rowe, Neil C.
Fulp, John D.
MetadataShow full item record
A honeypot is a non-production system, design to interact with cyber-attackers to collect intelligence on attack techniques and behaviors. While the security community is reaping fruits of this collection tool, the hacker community is increasingly aware of this technology. In response, they develop anti-honeypot technology to detect and avoid honeypots. Prior to the discovery of newer intelligence collection tools, we need to maintain the relevancy of honeypot. Since the development of anti-honeypot technology indicates the deterrent effect of honeypot, we can capitalize on this deterrent effect to develop fake honeypot. Fake honeypot is real production system with deterring characteristics of honeypot that induces the avoidance behavior of cyber-attackers. Fake honeypots will provide operators with workable production systems under obfuscation of deterring honeypot when deployed in hostile information environment. Deployed in a midst of real honeynets, it will confuse and delay cyber-attackers. To understand the effects of honeypot on cyber-attackers to design fake honeypot, we exposed a tightly secured, self-contained virtual honeypot to the Internet over a period of 28 days. We conclude that it is able to withstand the duration of exposure without compromise. The metrics pertaining to the size of last packet suggested departure of cyber-attackers during reconnaissance.
Showing items related by title, author, creator and subject.
Rowe, Neil C.; Custy, E. John; Duong, Binh T. (Monterey, California. Naval Postgraduate School, 2007);Honeypots are computer systems designed for no purpose other than recording attacks on them. Cyber-attackers avoid them since honeypots jeopardize the secrecy of attack methods and it is hard to launch attacks from them. ...
Rowe, Neil C.; Duong, Binh T.; Custy, E. John (Monterey, California. Naval Postgraduate School, 2006-06);Cyber-attackers are becoming more aware of honeypots. They generally want to avoid honeypots since it is hard to spread attacks from them, attacks are thoroughly monitored on them, and some honeypots contain planted false ...
McCaughey, Ryan J. (Monterey, California: Naval Postgraduate School, 2017-09);The number of devices vulnerable to unauthorized cyber access has been increasing at an alarming rate. A honeypot can deceive attackers trying to gain unauthorized access to a system; studying their interactions with ...