This paper presents a novel honeypot system implemented as a deliberative agent, built by means of a Case Based Reasoning (CBR) system. The honeypot system uses as reference an existing medium interaction honeypot (Kippo) and leverages the Beliefs-Desires-Intentions (BDI) deliberative agents improved with the learning capabilities of Case Base Reasoning (CBR) technique. The main goal is to create an autonomous system capable to learn and adapt by interaction with the attackers. The preliminary experimental results show that the developed system reacts as it was foreseen.


honeypot systems Belief-Desire-Intention Intelligent Agents Case Based Reasoning 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Kippo: A ssh honeypot,
  2. 2.
    Nazario, J.: Kippo Log Analysis,
  3. 3.
    The Secure Shell (SSH) Protocol Architecture,
  4. 4.
  5. 5.
  6. 6.
    In Leake, D. (ed.): Case-Based Reasoning: Experiences, Lessons, and Future Directions. AAAI Press/MIT Press, Menlo Park (1996)Google Scholar
  7. 7.
    Li, L., Tang, W., Wang, R.: A CBR Engine Adapting to IDS. In: Hao, Y., Liu, J., Wang, Y.-P., Cheung, Y.-M., Yin, H., Jiao, L., Ma, J., Jiao, Y.-C. (eds.) CIS 2005. LNCS (LNAI), vol. 3802, pp. 334–339. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  8. 8.
    Zakaria, W., Kiah, M.L.M.: A review on artificial intelligence techniques for developing intelligent honeypot. In: Proceeding of: 8th International Conference on Computing Technology and Information Management, At Seoul, Korea (2012)Google Scholar
  9. 9.
    Burmeister, B., Sundermeyer, K.: Cooperative problem-solving guided by intentions and perception. In: Werner, E., Demazeau, Y. (eds.) Decentralized A.I. 3. North Holland, Amsterdam (1992)Google Scholar
  10. 10.
    Georgeff, M.P., Lansky, A.L.: Procedural knowledge. In: Proceedingsof the IEEE Special Issue on Knowledge Representation, vol. 74, pp. 1383–1398 (1986)Google Scholar
  11. 11.
    Muller, J.P., Pischel, M., Thiel, M.: Modelling reactive behaviour in vertically layered agent architectures. In: Wooldridge, M.J., Jennings, N.R. (eds.) ECAI 1994 and ATAL 1994. LNCS (LNAI), vol. 890, pp. 261–276. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  12. 12.
    Shoham, Y.: Agent-oriented programming. Artificial Intelligence 60(1), 51–92 (1993)CrossRefMathSciNetGoogle Scholar
  13. 13.
    Russell, S.J., Norvig, P.: Artificial Intelligence: A Modern Approach, ch. 2, 2nd edn. Prentice Hall, Upper Saddle River (2003) ISBN 0-13-790395-2Google Scholar
  14. 14.
    Laza, R., Gómez, A., Pavón, R., Corchado, J.M.: A Case-Based Reasoning Approach to the Implementation of BDI Agents. In: ECCBR Workshops, pp. 27–30 (2002)Google Scholar
  15. 15.
    Ramsbrock, D., Berthier, R., Cukier, M.: Profiling attacker behavior following SSH compromises. In: DSN 2007: Proceedings of the 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 119–124. IEEE Computer Society, Washington, DC (2007)Google Scholar
  16. 16.
  17. 17.
    CASSHH Honeypot code repo:

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  • Adrian Pauna
    • 1
  • Victor Valeriu Patriciu
    • 1
  1. 1.Military Technical AcademyBucharestRomania

Personalised recommendations