This research project material is available: ADVANCED HONEYPOT ARCHITECTURE FOR NETWORK THREATS QUANTIFICATION.
Through the widespread use of computer technology, a large number of devices have become interconnected with other systems. Day by day the threat landscape is evolving fast and with humanity’s increasing dependency on computerized equipment and networks, securing these systems became highly important.
With the aim to learn more about attack patterns and behavior, decoy systems under the name of honeypots have been deployed. In terms of computer security, a honeypot is a mechanism set to detect, deflect, or counteract attempts that aim at the unauthorized use of production systems. Through the use of honeypots, valuable information can be learned about the attacker proceedings and motives as well as their technical knowledge and abilities.
As computer networks are frequently targeted by various hostile activities independently of their scale, honeypots became subject to intensive research for quite some time. One of the widely used honeypot solutions was Honeyd. Honeyd is a framework that allows the creation of virtual network hosts, which can be configured to mimic the network stack of different operating systems (OS).
The configured virtual systems can be arranged in complex network topologies, where Honeyd can simulate the routing of network traffic. Honeyd is capable of handling many network connections and it allows monitoring activity on a wide Internet Protocol (IP) address space instead of the usual single IP address for other honey-pots.
As Honeyd’s development ha
Download Chapter One (DOC | DOCX)Download Chapter One (PDF)
Read full post »