Abstract
The recent increase in the number of security attacks by cyber-criminals on small businesses meant that security remained a concern for such organizations. In many such cases, detecting the attackers remained a challenge. A common tool to augment existing attack detection mechanisms within networks involves the use of honeypot systems. A fundamental feature of low-interaction honeypots is to be able to lure intruders, but the effectiveness of such systems has nevertheless been affected by various constraints. To be able to secure honeypots systems, it is important to firstly determine its requirements, before taking appropriate actions to ensure that the identified requirements have been achieved. This paper critically examines how existing low-interaction honeypot systems abide to major requirements before recommending how their security could be improved.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Chakrabarti, A., Manimaran, G.: Internet infrastructure security: a taxonomy. IEEE Netw. 16(6), 13–21 (2002)
Tiwari, R., Jain, A.: Design and analysis of distributed honeypot system. Int. J. Comput. Appl. 55(13), 20–23 (2012)
Smith, M.: Huge rise in hack attacks as cyber-criminals target small businesses (2016). https://www.theguardian.com/small-business-network/2016/feb/08/huge-rise-hack-attacks-cyber-criminals-target-small-businesses. Accessed 20 Aug 2016
Yang, Y., Yang, H., Mi, J.: Design of distributed honeypot system based on intrusion tracking. In: IEEE 3rd International Conference on Communication Software and Networks (ICCSN), pp. 196–198. IEEE (2011)
Mukkamala, S., Yendrapalli, K., Basnet, R., Shankarapani, M.K., Sung, A.H.: Detection of virtual environments and low interaction honeypots. In: Information Assurance and Security Workshop, IAW 2007. IEEE SMC, pp. 92–98. IEEE (2007)
Shiue, L., Kao, S.: Countermeasure for detection of honeypot deployment. In: IEEE International Conference on Computer and Communication Engineering, ICCCE 2008, pp. 595–599. IEEE (2008)
Mohammadi, S., Nikkhahan, B.: A fault tolerance honeypots network for securing E-government. In: IEEE International e-Conference on Advanced Science and Technology, AST 2009, pp. 13–17. IEEE (2009)
Defibaugh-Chavez, P., Veeraghattam, R., Kannappa, M., Mukkamala, S., Sung, A.H.: Network based detection of virtual environments and low interaction honeypots. In: 2006 IEEE Information Assurance Workshop, pp. 283–289. IEEE (2006)
Brown, B.: How to make a honeypot network security system pay off (2007). http://www.networkworld.com/article/2296754/lan-wan/how-to-make-a-honeypot-network-security-system-pay-off.html. Accessed 10 Aug 2016
Valli, C.: Honeyd-A OS fingerprinting artifice. In: Proceedings of 1st Australian Computer Network and Information Forensics Conference (2003)
Bishop, M.: What is computer security? IEEE Secur. Priv. 1(1), 67–69 (2003)
Cohen, F.: The use of deception techniques: honeypots and decoys. Handb. Inf. Secur. 3(1), 646–655 (2006)
Zhang, F., Zhou, S., Qin, Z., Liu, J.: Honeypot: a supplemented active defense system for network security. In: Proceedings of the Fourth International Conference on Parallel and Distributed Computing, Applications and Technologies, PDCAT 2003, pp. 231–235 (2003)
Provos, N.: A virtual honeypot framework. In: USENIX Security Symposium, vol. 173, pp. 1–14 (2004)
Rowe, N.: Deception in defense of computer systems from cyber attack. In: Cyber Warfare and Cyber Terrorism (2008)
Fu, X., Yu, W., Cheng, D., Tan, X., Streff, K., Graham, S.: On recognizing virtual honeypots and countermeasures. In: 2006 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing, pp. 211–218. IEEE (2006)
Yek, S., Australia, W.: Measuring the effectiveness of deception in a wireless honeypot. In: Australian Computer, Network and Information Forensics Conference (2003)
Nikkhahan, B., Aghdam, A., Sohrabi, S.: E-government security: a honeynet approach. Int. J. Adv. Sci. Technol. 5, 75–84 (2009)
Avizienis, A., Kelly, J.: Fault tolerance by design diversity: concepts and experiments. Computer 17(8), 67–80 (1984)
Zakaria, W., Kiah, M.: A review on artificial intelligence techniques for developing intelligent honeypot. In: 2012 8th International Conference on Computing Technology and Information Management (ICCM), pp. 696–701. IEEE (2012)
Provos, N., Holz, T.: Virtual Honeypots: From Botnet Tracking to Intrusion Detection. Pearson Education, Upper Saddle River (2007)
Krutz, R., Vines, R.: The CEH Prep Guide: The Comprehensive Guide to Certified Ethical Hacking (With CD). Wiley, Hoboken (2007)
NOSTROMO: Techniques in OS-Fingerprinting. Hagenberg (2005)
Boyle, A.: A Remote OS Identification Primer. SANS (2001)
Fu, X., Graham, B., Cheng, D., Bettati, R., Zhao, W.: Camouflaging virtual honeypots. Texas A&M University (2005)
Song, J., Takakura, H., Okabe, Y.: Cooperation of intelligent honeypots to detect unknown malicious codes. In: IEEE WOMBAT Workshop on Information Security Threats Data Collection and Sharing, WISTDCS 2008. IEEE (2008)
Kumar, S., Sehgal, R., Singh, P., Chaudhary, A.: Nepenthes honeypots based botnet detection. J. Adv Inf. Technol. 3(4), 215–221 (2012)
Baecher, P., Koetter, M., Holz, T., Dornseif, M., Freiling, F.: The nepenthes platform: an efficient approach to collect malware. In: International Workshop on Recent Advances in Intrusion Detection (2006)
Gupta, N.: Improving the effectiveness of deceptive honeynets through an empirical learning approach. In: 3rd Australian Information Warfare and Security Conference (2002)
Yek, S.: Implementing network defence using deception in a wireless honeypot. In: Australian Computer, Network and Information Forensics Conference (2004)
Gerwehr, S., Anderson, R.: Employing deception in INFOSEC (2000). http://www.cert.org/research/isw/isw2000/papers/26.pdf. Accessed 10 Aug 2016
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Zakari, A., Lawan, A.A., Bekaroo, G. (2017). Towards Improving the Security of Low-Interaction Honeypots: Insights from a Comparative Analysis. In: Fleming, P., Vyas, N., Sanei, S., Deb, K. (eds) Emerging Trends in Electrical, Electronic and Communications Engineering. ELECOM 2016. Lecture Notes in Electrical Engineering, vol 416. Springer, Cham. https://doi.org/10.1007/978-3-319-52171-8_28
Download citation
DOI: https://doi.org/10.1007/978-3-319-52171-8_28
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-52170-1
Online ISBN: 978-3-319-52171-8
eBook Packages: EngineeringEngineering (R0)