Abstract
This article proposes an approach to security provision of one of the key bases of digital transformation – the technology of the Internet of things (IoT). The effective technology of carrying out the information security audit with application of Honeypot systems is the cornerstone of the article and the offered method. The main advantages of the use of container virtualization, unlike application of traps on the basis of virtual machines, are formulated by the authors. The method of protection of a similar infrastructure by means of integration of dynamic container virtualization of network traps is considered. The article contains information on implementation of the offered method, comparison of results with existing solutions, and a summary table with the actual results of an experiment. A detailed flowchart of functioning of the offered method is also provided in the work. The proposed solutions allow to increase efficiency of the malefactor’s actions analysis. The administrator of IoT devices network can obtain information about the priority purposes, the used by malefactor means, and vulnerabilities of various elements of network. These circumstances give an opportunity to quickly take measures for increase in security of network and to avoid its compromise.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Alosefer, Y., Rana, O.: Honeyware: a web-based low interaction client honeypot. In: 2010 Third International Conference on Software Testing, Verification, and Validation Workshops (ICSTW), pp. 410–417 (2010)
Cabaj, K., Denis, M., Buda, M.: Management and analytical software for data gathered from HoneyPot system. Inf. Syst. Manag. 2 (2013)
Chawda, K., Patel, A.D.: Dynamic & hybrid honeypot model for scalable network monitoring. In: International Conference on Information Communication and Embedded Systems (ICICES2014), Chennai, pp. 1–5 (2014)
Cleary, M., Corpin, M., Cox, O., Lau, H., Nahorney, B., O’Brien, D., O’Gorman, B., Power, J.-P., Wallace, S., Wood, P., Wueest, C.: ISTR. Internet Security Threat Report (Symantec), vol. 23. Symantec Corporation, Mountain View, USA (2018)
Eftimie, S., Răcuciu, C.: Honeypot system based on software containers Mircea cel Batran. Naval Acad. Sci. Bull. 19(2), 415–418 (2016)
Fraunholz, D., Zimmermann, M., Schotten, H.D.: An adaptive honeypot configuration, deployment and maintenance strategy. In: 19th International Conference on Advanced Communication Technology (ICACT), pp. 53–57 (2017)
Iskhakov, A., Meshcheryakov, R., Ekhlakov, Yu.: The Internet of Things in the security industry. In: Interactive Systems Problems of Human-Computer Interaction: Collection of Scientific Papers, pp. 161–168 (2017)
Iskhakova, A., Meshcheryakov, R., Iskhakov, A., Timchenko, S.: Analysis of the vulnerabilities of the embedded information systems of IoT-devices through the honeypot network implementation. In: Proceedings of the IV International Research Conference “Information Technologies in Science, Management, Social Sphere and Medicine” (ITSMSSM 2017), pp. 363–367 (2017)
Kuskov, V., Kuzin, M., Shmelev, Ya., Makrushin, D., Grachev, I.: Traps of “Internet of things”. The analysis of the data collected on IoT-traps of Kaspersky Lab. SecureList (2017)
Kyriakou, A., Sklavos, N.: Container-based honeypot deployment for the analysis of malicious activity. In: 2018 Global Information Infrastructure and Networking Symposium (GIIS), Thessaloniki, Greece, pp. 1–4 (2018)
Lihet, M., Dadarlat, P.D.V.: Honeypot in the cloud. Five years of data analysis. In: 17th RoEduNet Conference Networking in Education and Research (RoEduNet), Cluj-Napoca, pp. 1–6 (2018)
Lipatnikov, V.A., Shevchenko, A.A., Yatskin, A.D., Semenova, E.G.: Information security management of integrated structure organization based on a dedicated server with container virtualization. Inf. Control Syst. 89(4), 67–76 (2017). (in Russia)
Luo, T., Xu, Z., Kin, X., Jia, Y., Ouyang, X.: IoTCandyJar. Towards an Intelligent-Interaction Honeypot for IoT Devices, pp. 1–11. Blackhat (2017)
Pa, Y.M.P., Suzuki, S., Yoshioka, K., Matsumoto, T., Kasama, T., Rossow, C.: IoTPOT analysing the rise of IoT compromises. USENIX WOOT (2015)
Pauna, A., Bica, I.: RASSH – Reinforced adaptive SSH honeypot. In: 10th International Conference on Communications (COMM), Bucharest, pp. 1–6 (2014)
Sekar, K.R., Gayathri, V., Anisha, G., Ravichandran, K.S., Manikandan, R.: Dynamic honeypot configuration for intrusion detection. In: 2nd International Conference on Trends in Electronics and Informatics (ICOEI), Tirunelveli, pp. 1397–1401 (2018)
Sembiring, I.: Implementation of honeypot to detect and prevent distributed denial of service attack. In: 3rd International Conference on Information Technology, Computer, and Electrical Engineering (ICITACEE), Semarang, pp. 345–350 (2016)
Sever, D., Kišasondi, T.: Efficiency and security of docker based honeypot systems. In: 41st International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), Opatija, pp. 1167–1173 (2018)
Yagi, T., Tanimoto, N., Hariu, T., Itoh, M.: Enhanced attack collection scheme on high-interaction web honeypots. In: The IEEE Symposium on Computers and Communications (ISCC), pp. 81–86 (2010)
Yatskin, A.D.: Dynamic honeypot-systems based on container virtualization, diploma work of a specialist. (in Russian). http://elib.spbstu.ru/dl/2/v16-128.pdf/download/v16-128.pdf
Acknowledgments
The reported study was partially funded by RFBR according to the research project № 19-01-00767.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Iskhakov, A., Iskhakova, A., Meshcheryakov, R. (2020). Dynamic Container Virtualization as a Method of IoT Infrastructure Security Provision. In: Arseniev, D., Overmeyer, L., Kälviäinen, H., Katalinić, B. (eds) Cyber-Physical Systems and Control. CPS&C 2019. Lecture Notes in Networks and Systems, vol 95. Springer, Cham. https://doi.org/10.1007/978-3-030-34983-7_47
Download citation
DOI: https://doi.org/10.1007/978-3-030-34983-7_47
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-34982-0
Online ISBN: 978-3-030-34983-7
eBook Packages: EngineeringEngineering (R0)