Skip to main content
SpringerLink
Log in

Honeypot Deception Tactics

  • Chapter
  • First Online:
Autonomous Cyber Deception

Abstract

Honeypots on computer networks are most effective when they use deception to fool cyberadversaries into thinking that they are not actual decoy intelligence collectors. Honeypot deception can be made more effective when applied with variety. We discuss the range of deception tactics of which honeypots can take advantage. Ideas can come from deception theory, and honeypot deceptions can benefit from planning and experimentation.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 59.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 79.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Change history

  • 01 February 2020

    This book was inadvertently published as an authored work with the chapter authors mentioned in the footnotes of the chapter opening pages. This has now been updated and the chapter authors have been mentioned in the respective chapter opening pages as mentioned below:

References

  1. P. Aggarwal, C. Gonzalez, and V. Dutt. Looking from the hacker’s perspective: Role of deceptive strategies in cyber security. In 2016 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (CyberSA), pages 1–6, June 2016.

    Google Scholar 

  2. N. Al-Gharabally, N. El-Sayed, S. Al-Mulla, and I. Ahmad. Wireless honeypots: Survey and assessment. In Proceedings of the 2009 Conference on Information Science, Technology and Applications, ISTA ’09, pages 45–52, New York, NY, USA, 2009. ACM.

    Google Scholar 

  3. M. H. Almeshekah and E. H. Spafford. Planning and integrating deception into computer security defenses. In Proceedings of the 2014 New Security Paradigms Workshop, pages 127–138, New York, NY, USA, 2014. ACM.

    Google Scholar 

  4. F. Araujo, K. W. Hamlen, S. Biedermann, and S. Katzenbeisser. From patches to honey-patches: Lightweight attacker misdirection, deception, and disinformation. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS ’14, pages 942–953, New York, NY, USA, 2014. ACM.

    Google Scholar 

  5. K. Borders, L. Falk, and A. Prakash. Openfire: Using deception to reduce network attacks. In SecureComm, pages 224–233. IEEE, 2007.

    Google Scholar 

  6. F. De Gaspari, S. Jajodia, L. V. Mancini, and A. Panico. Ahead: A new architecture for active defense. In Proceedings of the 2016 ACM Workshop on Automated Decision Making for Active Cyber Defense, SafeConfig ’16, pages 11–16, New York, NY, USA, 2016. ACM.

    Google Scholar 

  7. J. Dunnigan and A. Nofi. Victory and Deceit, Second Edition: Deception and Trickery in War. Writers Club Press, San Jose, CA, US, 2001.

    Google Scholar 

  8. C. D. Faveri, A. Moreira, and V. Amaral. Goal-driven deception tactics design. In 2016 IEEE 27th International Symposium on Software Reliability Engineering (ISSRE), pages 264–275, Oct 2016.

    Google Scholar 

  9. C. Fowler and R. Nesbit. Tactical deception in air-land warfare. Journal of Electronic Defense, 18(6), 1995.

    Google Scholar 

  10. D. Fraunholz and H. D. Schotten. Strategic defense and attack in deception based network security. In 2018 International Conference on Information Networking (ICOIN), pages 156–161, Jan 2018.

    Google Scholar 

  11. E. E. Frederick, N. C. Rowe, and A. B. G. Wong. Testing deception tactics in response to cyberattacks, In Proceedings of the National Symposium on Moving Target Research, Annapolis, Maryland, US, June 2012. Retrieved from http://faculty.nps.edu/ncrowe/rowe_mtr_realtimedecep.htm, March 10, 2018.

  12. F. Girtler. Efficient Malware Detection by a Honeypot Network. AV Akademikerverlag, 2013.

    Google Scholar 

  13. X. Han, N. Kheir, and D. Balzarotti. Evaluation of deception-based web attacks detection. In Proceedings of the 2017 Workshop on Moving Target Defense, MTD ’17, pages 65–73, New York, NY, USA, 2017. ACM.

    Google Scholar 

  14. S. Hassan and R. Guha. A probabilistic study on the relationship of deceptions and attacker skills. In 2017 IEEE 15th Intl Conf on Dependable, Autonomic and Secure Computing, 15th Intl Conf on Pervasive Intelligence and Computing, 3rd Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress (DASC/PiCom/DataCom/CyberSciTech), pages 693–698, Nov 2017.

    Google Scholar 

  15. S. F. McKenna. Detection and classification of web robots with honeypots, 2016. Retrieved from http://faculty.nps.edu/ncrowe/oldstudents/28Mar_McKenna_Sean_thesis.htm, March 3, 2018.

  16. P. Pal, N. Soule, N. Lageman, S. S. Clark, M. Carvalho, A. Granados, and A. Alves. Adaptive resource management enabling deception (armed). In Proceedings of the 12th International Conference on Availability, Reliability and Security, ARES ’17, pages 52:1–52:8, New York, NY, USA, 2017. ACM.

    Google Scholar 

  17. N. C. Rowe, E. J. Custy, and B. T. Duong. Defending cyberspace with fake honeypots, 2007.

    Google Scholar 

  18. N. C. Rowe and J. Rrushi. Introduction to Cyberdeception. Springer Publishing Company, Incorporated, 1st edition, 2016.

    Book  Google Scholar 

  19. M. P. Stoecklin, J. Zhang, F. Araujo, and T. Taylor. Dressed up: Baiting attackers through endpoint service projection. In Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, SDN-NFVSec@CODASPY 2018, Tempe, AZ, USA, March 19–21, 2018, pages 23–28, 2018.

    Google Scholar 

  20. P. Sztompka. Trust. Cambridge University Press, London, UK, 1999.

    Google Scholar 

  21. J. Tammi, S. Rauti, and V. Leppänen. Practical challenges in building fake services with the record and play approach. In SIN, pages 235–239. ACM, 2017.

    Google Scholar 

  22. V. E. Urias, W. M. S. Stout, and H. W. Lin. Gathering threat intelligence through computer network deception. In 2016 IEEE Symposium on Technologies for Homeland Security (HST), pages 1–6, May 2016.

    Google Scholar 

  23. C. Wang and Z. Lu. Cyber deception: Overview and the road ahead. IEEE Security Privacy, 16(2):80–85, March 2018.

    Article  Google Scholar 

  24. W. Wang, J. Bickford, I. Murynets, R. Subbaraman, A. G. Forte, and G. Singaraju. Catching the wily hacker: A multilayer deception system. In 2012 35th IEEE Sarnoff Symposium, pages 1–6, May 2012.

    Google Scholar 

  25. M. Wegerer and S. Tjoa. Defeating the database adversary using deception - a MySQL database honeypot. In 2016 International Conference on Software Security and Assurance (ICSSA), pages 6–10, Aug 2016.

    Google Scholar 

  26. A. Zarras. The art of false alarms in the game of deception: Leveraging fake honeypots for enhanced security. In 48th IEEE International Carnahan Conference on Security Technology (ICCST), October 2014.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. U.S. Naval Postgraduate School, Monterey, CA, USA

    Neil C. Rowe

Authors
  1. Neil C. Rowe
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Neil C. Rowe .

Editor information

Editors and Affiliations

  1. Department of Software & Information System, University of North Carolina Charlotte, Charlotte, NC, USA

    Ehab Al-Shaer

  2. Department of Software and Information System, University of North Carolina, Charlotte, NC, USA

    Jinpeng Wei

  3. Computer Science Department, University of Texas at Dallas, Richardson, TX, USA

    Kevin W. Hamlen

  4. Computing and Information Science Division, Army Research Office, Durham, NC, USA

    Cliff Wang

Rights and permissions

Reprints and permissions

Copyright information

© 2019 This is a U.S. government work and not under copyright protection in the U.S.; foreign copyright protection may apply

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Rowe, N.C. (2019). Honeypot Deception Tactics. In: Al-Shaer, E., Wei, J., Hamlen, K., Wang, C. (eds) Autonomous Cyber Deception. Springer, Cham. https://doi.org/10.1007/978-3-030-02110-8_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-02110-8_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-02109-2

  • Online ISBN: 978-3-030-02110-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation