Visible to the public SDN-based hybrid honeypot for attack capture

TitleSDN-based hybrid honeypot for attack capture
Publication TypeConference Paper
Year of Publication2019
AuthorsWang, He, Wu, Bin
Conference Name2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC)
Keywordsattack capture, attack traffic migration, computer network security, cybersecurity, flow control, flow control technology, Generators, high-interaction honeypot, high-level attacks, honey pots, honeypot, human factors, hybrid honeypot system, IP networks, Mininet, network spoofing technology, Network topology, network topology simulation, Protocols, pubcrawl, Resiliency, Scalability, SDN, SDN controller, SDN-based hybrid honeypot, software defined networking, Switches, telecommunication control, telecommunication network topology, telecommunication traffic, Topology, Topology simulation, Traffic migration
AbstractHoneypots have become an important tool for capturing attacks. Hybrid honeypots, including the front end and the back end, are widely used in research because of the scalability of the front end and the high interactivity of the back end. However, traditional hybrid honeypots have some problems that the flow control is difficult and topology simulation is not realistic. This paper proposes a new architecture based on SDN applied to the hybrid honeypot system for network topology simulation and attack traffic migration. Our system uses the good expansibility and controllability of the SDN controller to simulate a large and realistic network to attract attackers and redirect high-level attacks to a high-interaction honeypot for attack capture and further analysis. It improves the deficiencies in the network spoofing technology and flow control technology in the traditional honeynet. Finally, we set up the experimental environment on the mininet and verified the mechanism. The test results show that the system is more intelligent and the traffic migration is more stealthy.
DOI10.1109/ITNEC.2019.8729425
Citation Keywang_sdn-based_2019