Skip to main content
SpringerLink
Log in
Book cover

Honeypot Frameworks and Their Applications: A New Framework pp 1–5Cite as

Introduction to Honeypot

  • Chapter
  • First Online:

Part of the book series: SpringerBriefs on Cyber Security Systems and Networks ((BRIEFSCSSN))

Abstract

Honeypot is a decoy system or a simulated application which simulates an entire network to lure attacker by disguising itself with popular vulnerabilities. There are different types of honeypots. For instance, a research honeypot can assist researchers to monitor and analyse the activities of the attacker that are captured in the honeypot. Usually, honeypot can be categorised into three different sub-types based on its purpose, interaction and form. It is then further categorised according to its nature, specialization and framework. Honeypot, however, is not a foolproof concept; often it can be detected by experienced attacker. The information about the features of honeypot and anti-honeypot tools are widely available online to educate attackers. This book will cover the honeypot to detect some of the more popular and damaging attacks such as worm, DDoS, APT, phishing and insider breaches. It will also cover the application of forensics work in honeypot and proposed concept from honeypot researchers to enhance the features of honeypot so as to make it difficult distinguish between a real host and honeypot.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   49.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   64.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. F. Cohen et al., The deception toolkit. Risks Digest 19, 1998 (1998)

    Google Scholar 

  2. L. Spitzner, Honeypots: catching the insider threat, in 19th Annual on Computer Security Applications Conference, 2003. Proceedings (IEEE, 2003), pp. 170–179

    Google Scholar 

  3. N. Provos, Honeyd-a virtual honeypot daemon, in 10th DFN-CERT Workshop, vol. 2 (Hamburg, Germany, 2003), p. 4

    Google Scholar 

  4. K.Y. Enemy, Sebek, a kernel based data capture tool, the honeynet project (2003)

    Google Scholar 

  5. M.K. Daly, Advanced persistent threat, vol. 4 (Usenix, 2009). (Nov)

    Google Scholar 

  6. J. Mirkovic, P. Reiher, A taxonomy of ddos attack and ddos defense mechanisms. ACM SIGCOMM Comput. Commun. Rev. 34(2), 39–53 (2004)

    Article  Google Scholar 

  7. R. Chinchani, A. Iyer, H. Q. Ngo, S. Upadhyaya, Towards a theory of insider threat assessment, in 2005 International Conference on Dependable Systems and Networks (DSN’05) (IEEE, 2005), pp. 108–117

    Google Scholar 

  8. A.N.A. AlFraih, W. Chen, Design of a worm isolation and unknown worm monitoring system based on honeypot, in International Conference on Logistics Engineering, Management and Computer Science (LEMCS 2014) (Atlantis Press, 2014)

    Google Scholar 

  9. S. Paul, B.K. Mishra, Honeypot-based signature generation for polymorphic worms. Int. J. Secur. Appl. 8(6), 101–114 (2014)

    Article  Google Scholar 

  10. M.M. Mohammed, E. Aleisa, N. Ventura, Zero-day polymorphic worms detection using aho-corasick algorithm

    Google Scholar 

  11. P. Jain, A. Sardana, Defending against internet worms using honeyfarm, in Proceedings of the CUBE International Information Technology Conference (ACM, 2012), pp. 795–800

    Google Scholar 

  12. L. Vokorokos, P. Fanfara, J. Radusovsky, P. Poor, Sophisticated honeypot mechanism-the autonomous hybrid solution for enhancing computer system security, in 2013 IEEE 11th International Symposium on Applied Machine Intelligence and Informatics (SAMI) (IEEE, 2013), pp. 41–46

    Google Scholar 

  13. K. Chawda, A.D. Patel Dynamic & hybrid honeypot model for scalable network monitoring, in 2014 International Conference on Information Communication and Embedded Systems (ICICES) (IEEE, 2014), pp. 1–5

    Google Scholar 

  14. I. Alberdi, E. Alata, V. Nicomette, P. Owezarski, M. Kaâniche, Shark: Spy honeypot with advanced redirection kit, in IEEE Workshop on Monitoring, Attack Detection and Mitigation (MonAM07) (2007), pp. 47–52. (ps approach for preventing, detecting, and responding to ddos attacks. Br. J. Appl. Sci. Technol. 5(5), 500 (2015))

    Google Scholar 

  15. R. Selvaraj, V.M. Kuthadi, T. Marwala, An effective odaids-hps approach for preventing, detecting, and responding to ddos attacks. Br. J. Appl. Sci. Technol. 5(5), 500 (2015)

    Article  Google Scholar 

  16. S.S. Sadamate, V. Nandedkar, Advance honeypot mechanism-the hybrid solution for enhancing computer system security with DoS, vol. 4 (2015)

    Google Scholar 

  17. B.-X. Jia, S.-X. Xie, Dynamic forensics model based on ontology and context information. Netinfo Secur. 1, 026 (2012)

    Google Scholar 

  18. T.H. Project, www.honeynet.org

  19. O. Hayatle, A. Youssef, H. Otrok, Dempster-shafer evidence combining for (anti)-honeypot technologies. Inf. Secur. J. Glob. Perspect. 21(6), 306–316 (2012)

    Google Scholar 

  20. S. Mukkamala, K. Yendrapalli, R. Basnet, M. Shankarapani, A. Sung, Detection of virtual environments and low interaction honeypots, in Information Assurance and Security Workshop, 2007. IAW’07. IEEE SMC (IEEE, 2007), pp. 92–98

    Google Scholar 

  21. X. Fu, W. Yu, D. Cheng, X. Tan, K. Streff, S. Graham, On recognizing virtual honeypots and countermeasures, in 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing (IEEE, 2006), pp. 211–218

    Google Scholar 

  22. C.C. Zou, R. Cunningham, Honeypot-aware advanced botnet construction and maintenance, in International Conference on Dependable Systems and Networks, 2006. DSN 2006 (IEEE, 2006), pp. 199–208

    Google Scholar 

  23. A. Nicholson, H. Janicke, T. Watson, R. Smith, Rolling the dice-deceptive authentication for attack attribution, in Reading: Academic Conferences International Limited (2015), pp. 223–XI, http://ezproxy.deakin.edu.au/login?url=http://search.proquest.com/docview/1781336066?accountid=10445

  24. G. O’Gorman, G. McDonald, Ransomware: a growing menace, (Symantec Corporation, 2012)

    Google Scholar 

  25. C. Seifert, R. Steenson, I. Welch, P. Komisarczuk, B. Endicott-Popovsky, Capture-a behavioral analysis tool for applications and documents. Digit. Investig. 4(Suppl), 23–30 (2007)

    Article  Google Scholar 

  26. C. Sandbox, Automated malware analysis (2013)

    Google Scholar 

  27. L. Pearce, Malware analysis in a nutshell. Technical Report (Los Alamos National Laboratory (LANL), 2016)

    Google Scholar 

  28. B.M. Bowen, M.B. Salem, A.D. Keromytis, S.J. Stolfo, Monitoring technologies for mitigating insider threats, in Insider Threats in Cyber Security (Springer, 2010), pp. 197–217

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Information, Deakin University, Burwood, Melbourne, VIC, Australia

    Chee Keong Ng

  2. School of Information, Deakin University, Burwood, Melbourne, VIC, Australia

    Lei Pan

  3. Digital Research and Innovation Capability, Swinburne University of Technology, Hawthorn, Melbourne, VIC, Australia

    Yang Xiang

Authors
  1. Chee Keong Ng
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lei Pan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yang Xiang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Chee Keong Ng .

Rights and permissions

Reprints and permissions

Copyright information

© 2018 The Author(s)

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Ng, C.K., Pan, L., Xiang, Y. (2018). Introduction to Honeypot. In: Honeypot Frameworks and Their Applications: A New Framework. SpringerBriefs on Cyber Security Systems and Networks. Springer, Singapore. https://doi.org/10.1007/978-981-10-7739-5_1

Download citation

  • DOI: https://doi.org/10.1007/978-981-10-7739-5_1

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-10-7738-8

  • Online ISBN: 978-981-10-7739-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation