Fake Honeypots: A Defensive Tactic for Cyberspace
Rowe, Neil C.
Duong, Binh T.
Custy, E. John
MetadataShow full item record
Cyber-attackers are becoming more aware of honeypots. They generally want to avoid honeypots since it is hard to spread attacks from them, attacks are thoroughly monitored on them, and some honeypots contain planted false information. This suggests that it could be useful for a computer system to pretend it is a honeypot, to scare away smarter attackers. We examine here from a number of perspectives how this could be accomplished as a kind of ?vaccination? of systems to reduce numbers of attacks and their severity. We develop a mathematical model of what would make an attacker go away. We report experiments with deliberate distortions on text to see at what point people could detect deception, and discover they can respond to subtle clues. We also report experiments with real attackers against a honeypot of increasing obviousness. Results show that attacks on it decreased over time which may indicate that attackers are being scared away. We conclude with some speculation about the escalation of honeypot-antihoneypot techniques.
This paper appeared in the Proceedings of the 7th IEEE Workshop on Information Assurance, West Point, NY, June 21-23 2006.
Showing items related by title, author, creator and subject.
Yahyaoui, Aymen (Monterey, California: Naval Postgraduate School, 2014-09);Deception can be a useful defensive technique against cyber attacks. It has the advantage of unexpectedness to attackers and offers a variety of tactics. Honeypots are a good tool for deception. They act as decoy computers ...
Rowe, Neil C.; Custy, E. John; Duong, Binh T. (Monterey, California. Naval Postgraduate School, 2007);Honeypots are computer systems designed for no purpose other than recording attacks on them. Cyber-attackers avoid them since honeypots jeopardize the secrecy of attack methods and it is hard to launch attacks from them. ...
Rowe, Neil C.; Nguyen, Thuy D.; Dougherty, Jeffrey T. (Monterey, California. Naval Postgraduate School, 2020-10); NPS-CS-20-003This work addressed efficient and effective implementation of honeypots (decoy devices) in cloud services. Honeypots are essential tools for detecting new attacks on computers and networks, and cloud services are distributed ...