| Title | SDN-based hybrid honeypot for attack capture |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Wang, He, Wu, Bin |
| Conference Name | 2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC) |
| Keywords | attack capture, attack traffic migration, computer network security, cybersecurity, flow control, flow control technology, Generators, high-interaction honeypot, high-level attacks, honey pots, honeypot, human factors, hybrid honeypot system, IP networks, Mininet, network spoofing technology, Network topology, network topology simulation, Protocols, pubcrawl, Resiliency, Scalability, SDN, SDN controller, SDN-based hybrid honeypot, software defined networking, Switches, telecommunication control, telecommunication network topology, telecommunication traffic, Topology, Topology simulation, Traffic migration |
| Abstract | Honeypots have become an important tool for capturing attacks. Hybrid honeypots, including the front end and the back end, are widely used in research because of the scalability of the front end and the high interactivity of the back end. However, traditional hybrid honeypots have some problems that the flow control is difficult and topology simulation is not realistic. This paper proposes a new architecture based on SDN applied to the hybrid honeypot system for network topology simulation and attack traffic migration. Our system uses the good expansibility and controllability of the SDN controller to simulate a large and realistic network to attract attackers and redirect high-level attacks to a high-interaction honeypot for attack capture and further analysis. It improves the deficiencies in the network spoofing technology and flow control technology in the traditional honeynet. Finally, we set up the experimental environment on the mininet and verified the mechanism. The test results show that the system is more intelligent and the traffic migration is more stealthy. |
| DOI | 10.1109/ITNEC.2019.8729425 |
| Citation Key | wang_sdn-based_2019 |
SDN-based hybrid honeypot for attack capture