Visible to the public In Search of Effective Honeypot and Honeynet Systems for Real-Time Intrusion Detection and Prevention

TitleIn Search of Effective Honeypot and Honeynet Systems for Real-Time Intrusion Detection and Prevention
Publication TypeConference Paper
Year of Publication2016
AuthorsOlagunju, Amos O., Samu, Farouk
Conference NameProceedings of the 5th Annual Conference on Research in Information Technology
PublisherACM
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-4453-1
Keywordscomposability, honeynet, honeypot, Intrusion detection, intrusion prevention, Metrics, network intrusion detection, network security., pubcrawl, Resiliency
Abstract

A honeypot is a deception tool for enticing attackers to make efforts to compromise the electronic information systems of an organization. A honeypot can serve as an advanced security surveillance tool for use in minimizing the risks of attacks on information technology systems and networks. Honeypots are useful for providing valuable insights into potential system security loopholes. The current research investigated the effectiveness of the use of centralized system management technologies called Puppet and Virtual Machines in the implementation automated honeypots for intrusion detection, correction and prevention. A centralized logging system was used to collect information of the source address, country and timestamp of intrusions by attackers. The unique contributions of this research include: a demonstration how open source technologies is used to dynamically add or modify hacking incidences in a high-interaction honeynet system; a presentation of strategies for making honeypots more attractive for hackers to spend more time to provide hacking evidences; and an exhibition of algorithms for system and network intrusion prevention.

URLhttp://doi.acm.org/10.1145/2978178.2978184
DOI10.1145/2978178.2978184
Citation Keyolagunju_search_2016