Abstract
Honeypot is a decoy system or a simulated application which simulates an entire network to lure attacker by disguising itself with popular vulnerabilities. There are different types of honeypots. For instance, a research honeypot can assist researchers to monitor and analyse the activities of the attacker that are captured in the honeypot. Usually, honeypot can be categorised into three different sub-types based on its purpose, interaction and form. It is then further categorised according to its nature, specialization and framework. Honeypot, however, is not a foolproof concept; often it can be detected by experienced attacker. The information about the features of honeypot and anti-honeypot tools are widely available online to educate attackers. This book will cover the honeypot to detect some of the more popular and damaging attacks such as worm, DDoS, APT, phishing and insider breaches. It will also cover the application of forensics work in honeypot and proposed concept from honeypot researchers to enhance the features of honeypot so as to make it difficult distinguish between a real host and honeypot.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
F. Cohen et al., The deception toolkit. Risks Digest 19, 1998 (1998)
L. Spitzner, Honeypots: catching the insider threat, in 19th Annual on Computer Security Applications Conference, 2003. Proceedings (IEEE, 2003), pp. 170–179
N. Provos, Honeyd-a virtual honeypot daemon, in 10th DFN-CERT Workshop, vol. 2 (Hamburg, Germany, 2003), p. 4
K.Y. Enemy, Sebek, a kernel based data capture tool, the honeynet project (2003)
M.K. Daly, Advanced persistent threat, vol. 4 (Usenix, 2009). (Nov)
J. Mirkovic, P. Reiher, A taxonomy of ddos attack and ddos defense mechanisms. ACM SIGCOMM Comput. Commun. Rev. 34(2), 39–53 (2004)
R. Chinchani, A. Iyer, H. Q. Ngo, S. Upadhyaya, Towards a theory of insider threat assessment, in 2005 International Conference on Dependable Systems and Networks (DSN’05) (IEEE, 2005), pp. 108–117
A.N.A. AlFraih, W. Chen, Design of a worm isolation and unknown worm monitoring system based on honeypot, in International Conference on Logistics Engineering, Management and Computer Science (LEMCS 2014) (Atlantis Press, 2014)
S. Paul, B.K. Mishra, Honeypot-based signature generation for polymorphic worms. Int. J. Secur. Appl. 8(6), 101–114 (2014)
M.M. Mohammed, E. Aleisa, N. Ventura, Zero-day polymorphic worms detection using aho-corasick algorithm
P. Jain, A. Sardana, Defending against internet worms using honeyfarm, in Proceedings of the CUBE International Information Technology Conference (ACM, 2012), pp. 795–800
L. Vokorokos, P. Fanfara, J. Radusovsky, P. Poor, Sophisticated honeypot mechanism-the autonomous hybrid solution for enhancing computer system security, in 2013 IEEE 11th International Symposium on Applied Machine Intelligence and Informatics (SAMI) (IEEE, 2013), pp. 41–46
K. Chawda, A.D. Patel Dynamic & hybrid honeypot model for scalable network monitoring, in 2014 International Conference on Information Communication and Embedded Systems (ICICES) (IEEE, 2014), pp. 1–5
I. Alberdi, E. Alata, V. Nicomette, P. Owezarski, M. Kaâniche, Shark: Spy honeypot with advanced redirection kit, in IEEE Workshop on Monitoring, Attack Detection and Mitigation (MonAM07) (2007), pp. 47–52. (ps approach for preventing, detecting, and responding to ddos attacks. Br. J. Appl. Sci. Technol. 5(5), 500 (2015))
R. Selvaraj, V.M. Kuthadi, T. Marwala, An effective odaids-hps approach for preventing, detecting, and responding to ddos attacks. Br. J. Appl. Sci. Technol. 5(5), 500 (2015)
S.S. Sadamate, V. Nandedkar, Advance honeypot mechanism-the hybrid solution for enhancing computer system security with DoS, vol. 4 (2015)
B.-X. Jia, S.-X. Xie, Dynamic forensics model based on ontology and context information. Netinfo Secur. 1, 026 (2012)
T.H. Project, www.honeynet.org
O. Hayatle, A. Youssef, H. Otrok, Dempster-shafer evidence combining for (anti)-honeypot technologies. Inf. Secur. J. Glob. Perspect. 21(6), 306–316 (2012)
S. Mukkamala, K. Yendrapalli, R. Basnet, M. Shankarapani, A. Sung, Detection of virtual environments and low interaction honeypots, in Information Assurance and Security Workshop, 2007. IAW’07. IEEE SMC (IEEE, 2007), pp. 92–98
X. Fu, W. Yu, D. Cheng, X. Tan, K. Streff, S. Graham, On recognizing virtual honeypots and countermeasures, in 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing (IEEE, 2006), pp. 211–218
C.C. Zou, R. Cunningham, Honeypot-aware advanced botnet construction and maintenance, in International Conference on Dependable Systems and Networks, 2006. DSN 2006 (IEEE, 2006), pp. 199–208
A. Nicholson, H. Janicke, T. Watson, R. Smith, Rolling the dice-deceptive authentication for attack attribution, in Reading: Academic Conferences International Limited (2015), pp. 223–XI, http://ezproxy.deakin.edu.au/login?url=http://search.proquest.com/docview/1781336066?accountid=10445
G. O’Gorman, G. McDonald, Ransomware: a growing menace, (Symantec Corporation, 2012)
C. Seifert, R. Steenson, I. Welch, P. Komisarczuk, B. Endicott-Popovsky, Capture-a behavioral analysis tool for applications and documents. Digit. Investig. 4(Suppl), 23–30 (2007)
C. Sandbox, Automated malware analysis (2013)
L. Pearce, Malware analysis in a nutshell. Technical Report (Los Alamos National Laboratory (LANL), 2016)
B.M. Bowen, M.B. Salem, A.D. Keromytis, S.J. Stolfo, Monitoring technologies for mitigating insider threats, in Insider Threats in Cyber Security (Springer, 2010), pp. 197–217
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2018 The Author(s)
About this chapter
Cite this chapter
Ng, C.K., Pan, L., Xiang, Y. (2018). Introduction to Honeypot. In: Honeypot Frameworks and Their Applications: A New Framework. SpringerBriefs on Cyber Security Systems and Networks. Springer, Singapore. https://doi.org/10.1007/978-981-10-7739-5_1
Download citation
DOI: https://doi.org/10.1007/978-981-10-7739-5_1
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-7738-8
Online ISBN: 978-981-10-7739-5
eBook Packages: Computer ScienceComputer Science (R0)