Skip to main content
SpringerLink
Log in
Book cover

International Conference Cyber-Physical Systems and Control

CPS&C 2019: Cyber-Physical Systems and Control pp 482–490Cite as

Dynamic Container Virtualization as a Method of IoT Infrastructure Security Provision

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 95))

Abstract

This article proposes an approach to security provision of one of the key bases of digital transformation – the technology of the Internet of things (IoT). The effective technology of carrying out the information security audit with application of Honeypot systems is the cornerstone of the article and the offered method. The main advantages of the use of container virtualization, unlike application of traps on the basis of virtual machines, are formulated by the authors. The method of protection of a similar infrastructure by means of integration of dynamic container virtualization of network traps is considered. The article contains information on implementation of the offered method, comparison of results with existing solutions, and a summary table with the actual results of an experiment. A detailed flowchart of functioning of the offered method is also provided in the work. The proposed solutions allow to increase efficiency of the malefactor’s actions analysis. The administrator of IoT devices network can obtain information about the priority purposes, the used by malefactor means, and vulnerabilities of various elements of network. These circumstances give an opportunity to quickly take measures for increase in security of network and to avoid its compromise.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Alosefer, Y., Rana, O.: Honeyware: a web-based low interaction client honeypot. In: 2010 Third International Conference on Software Testing, Verification, and Validation Workshops (ICSTW), pp. 410–417 (2010)

    Google Scholar 

  2. Cabaj, K., Denis, M., Buda, M.: Management and analytical software for data gathered from HoneyPot system. Inf. Syst. Manag. 2 (2013)

    Google Scholar 

  3. Chawda, K., Patel, A.D.: Dynamic & hybrid honeypot model for scalable network monitoring. In: International Conference on Information Communication and Embedded Systems (ICICES2014), Chennai, pp. 1–5 (2014)

    Google Scholar 

  4. Cleary, M., Corpin, M., Cox, O., Lau, H., Nahorney, B., O’Brien, D., O’Gorman, B., Power, J.-P., Wallace, S., Wood, P., Wueest, C.: ISTR. Internet Security Threat Report (Symantec), vol. 23. Symantec Corporation, Mountain View, USA (2018)

    Google Scholar 

  5. Eftimie, S., Răcuciu, C.: Honeypot system based on software containers Mircea cel Batran. Naval Acad. Sci. Bull. 19(2), 415–418 (2016)

    Google Scholar 

  6. Fraunholz, D., Zimmermann, M., Schotten, H.D.: An adaptive honeypot configuration, deployment and maintenance strategy. In: 19th International Conference on Advanced Communication Technology (ICACT), pp. 53–57 (2017)

    Google Scholar 

  7. Iskhakov, A., Meshcheryakov, R., Ekhlakov, Yu.: The Internet of Things in the security industry. In: Interactive Systems Problems of Human-Computer Interaction: Collection of Scientific Papers, pp. 161–168 (2017)

    Google Scholar 

  8. Iskhakova, A., Meshcheryakov, R., Iskhakov, A., Timchenko, S.: Analysis of the vulnerabilities of the embedded information systems of IoT-devices through the honeypot network implementation. In: Proceedings of the IV International Research Conference “Information Technologies in Science, Management, Social Sphere and Medicine” (ITSMSSM 2017), pp. 363–367 (2017)

    Google Scholar 

  9. Kuskov, V., Kuzin, M., Shmelev, Ya., Makrushin, D., Grachev, I.: Traps of “Internet of things”. The analysis of the data collected on IoT-traps of Kaspersky Lab. SecureList (2017)

    Google Scholar 

  10. Kyriakou, A., Sklavos, N.: Container-based honeypot deployment for the analysis of malicious activity. In: 2018 Global Information Infrastructure and Networking Symposium (GIIS), Thessaloniki, Greece, pp. 1–4 (2018)

    Google Scholar 

  11. Lihet, M., Dadarlat, P.D.V.: Honeypot in the cloud. Five years of data analysis. In: 17th RoEduNet Conference Networking in Education and Research (RoEduNet), Cluj-Napoca, pp. 1–6 (2018)

    Google Scholar 

  12. Lipatnikov, V.A., Shevchenko, A.A., Yatskin, A.D., Semenova, E.G.: Information security management of integrated structure organization based on a dedicated server with container virtualization. Inf. Control Syst. 89(4), 67–76 (2017). (in Russia)

    Google Scholar 

  13. Luo, T., Xu, Z., Kin, X., Jia, Y., Ouyang, X.: IoTCandyJar. Towards an Intelligent-Interaction Honeypot for IoT Devices, pp. 1–11. Blackhat (2017)

    Google Scholar 

  14. Pa, Y.M.P., Suzuki, S., Yoshioka, K., Matsumoto, T., Kasama, T., Rossow, C.: IoTPOT analysing the rise of IoT compromises. USENIX WOOT (2015)

    Google Scholar 

  15. Pauna, A., Bica, I.: RASSH – Reinforced adaptive SSH honeypot. In: 10th International Conference on Communications (COMM), Bucharest, pp. 1–6 (2014)

    Google Scholar 

  16. Sekar, K.R., Gayathri, V., Anisha, G., Ravichandran, K.S., Manikandan, R.: Dynamic honeypot configuration for intrusion detection. In: 2nd International Conference on Trends in Electronics and Informatics (ICOEI), Tirunelveli, pp. 1397–1401 (2018)

    Google Scholar 

  17. Sembiring, I.: Implementation of honeypot to detect and prevent distributed denial of service attack. In: 3rd International Conference on Information Technology, Computer, and Electrical Engineering (ICITACEE), Semarang, pp. 345–350 (2016)

    Google Scholar 

  18. Sever, D., Kišasondi, T.: Efficiency and security of docker based honeypot systems. In: 41st International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), Opatija, pp. 1167–1173 (2018)

    Google Scholar 

  19. Yagi, T., Tanimoto, N., Hariu, T., Itoh, M.: Enhanced attack collection scheme on high-interaction web honeypots. In: The IEEE Symposium on Computers and Communications (ISCC), pp. 81–86 (2010)

    Google Scholar 

  20. Yatskin, A.D.: Dynamic honeypot-systems based on container virtualization, diploma work of a specialist. (in Russian). http://elib.spbstu.ru/dl/2/v16-128.pdf/download/v16-128.pdf

Download references

Acknowledgments

The reported study was partially funded by RFBR according to the research project № 19-01-00767.

Author information

Authors and Affiliations

  1. V. A. Trapeznikov Institute of Control Sciences of Russian Academy of Sciences, Moscow, Russia

    Andrey Iskhakov, Anastasia Iskhakova & Roman Meshcheryakov

Authors
  1. Andrey Iskhakov
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Anastasia Iskhakova
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Roman Meshcheryakov
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Andrey Iskhakov .

Editor information

Editors and Affiliations

  1. Peter the Great St. Petersburg Polytechnic University, Saint Petersburg, Russia

    Dmitry G. Arseniev

  2. Institute of Transport and Automation Technology, Leibniz Universität Hannover, Garbsen, Niedersachsen, Germany

    Ludger Overmeyer

  3. Machine Vision and Pattern Recognition Laboratory, Lappeenranta University of Technology, Lappeenranta, Finland

    Heikki Kälviäinen

  4. Institute of Production Engineering and Photonic Technologies, Vienna University of Technology, Vienna, Austria

    Branko Katalinić

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Iskhakov, A., Iskhakova, A., Meshcheryakov, R. (2020). Dynamic Container Virtualization as a Method of IoT Infrastructure Security Provision. In: Arseniev, D., Overmeyer, L., Kälviäinen, H., Katalinić, B. (eds) Cyber-Physical Systems and Control. CPS&C 2019. Lecture Notes in Networks and Systems, vol 95. Springer, Cham. https://doi.org/10.1007/978-3-030-34983-7_47

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-34983-7_47

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-34982-0

  • Online ISBN: 978-3-030-34983-7

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation