HoneyMix: Toward SDN-based Intelligent Honeynet
| Title | HoneyMix: Toward SDN-based Intelligent Honeynet |
| Publication Type | Conference Paper |
| Year of Publication | 2016 |
| Authors | Han, Wonkyu, Zhao, Ziming, Doupé, Adam, Ahn, Gail-Joon |
| Conference Name | Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization |
| Date Published | March 2016 |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-4078-6 |
| Keywords | honey pots, honeynet, honeypot, network function virtualization, pubcrawl, Resiliency, Scalability, SDN security, software-defined networking |
| Abstract | Honeynet is a collection of honeypots that are set up to attract as many attackers as possible to learn about their patterns, tactics, and behaviors. However, existing honeypots suffer from a variety of fingerprinting techniques, and the current honeynet architecture does not fully utilize features of residing honeypots due to its coarse-grained data control mechanisms. To address these challenges, we propose an SDN-based intelligent honeynet called HoneyMix. HoneyMix leverages the rich programmability of SDN to circumvent attackers' detection mechanisms and enables fine-grained data control for honeynet. To do this, HoneyMix simultaneously establishes multiple connections with a set of honeypots and selects the most desirable connection to inspire attackers to remain connected. In this paper, we present the HoneyMix architecture and a description of its core components. |
| URL | https://dl.acm.org/doi/10.1145/2876019.2876022 |
| DOI | 10.1145/2876019.2876022 |
| Citation Key | han_honeymix:_2016 |