Measuring the Effectiveness of Honeypot Counter-Counterdeception

Loading...
Thumbnail Image
Authors
Rowe, Neil C.
Subjects
Advisors
Date of Issue
2006-01
Date
January 2006
Publisher
Monterey, California. Naval Postgraduate School
Language
Abstract
Honeypots are computer systems that try to fool cyberattackers into thinking they are ordinary computer systems, when in fact they are designed solely to collect data about attack methods and thereby enable better defense against attackers. Honeypots are more effective the more ordinary they appear, but so far designers have just used intuition in designing them. So it is valuable to develop metrics for measuring the effectiveness of honeypot deception. We report on several software tools we have developed for assessing the effectiveness of honeypots, particularly a metric-calculating tool that summarizes a file system by a vector of 72 numbers. Comparison of vectors between fake and real systems can guide design of the fake. We show that this metric tool, applied to a detailed fake file system we constructed, confirms that it is convincing in most ways.
Type
Conference Paper
Description
This paper appeared in the 2006 Hawaii International Conference on Systems Sciences, January 2006, Poipu, HI.
Series/Report No
Department
Cebrowski Institute, U.S. Naval Postgraduate School
Organization
Identifiers
NPS Report Number
Sponsors
supported by the National Science Foundation under the Cyber Trust program
Funder
Format
Citation
2006 Hawaii International Conference on Systems Sciences, January 2006, Poipu, HI.
Distribution Statement
Approved for public release; distribution is unlimited.
Rights
Collections