A Mathematical Model for Analyzing Honeynets and Their Cyber Deception Techniques
Javadpour, Amir; Ja'fari, Forough; Taleb, Tarik; Benzaid, Chafika (2023-11-22)
IEEE
22.11.2023
A. Javadpour, F. Ja’Fari, T. Taleb and C. Benzaïd, "A Mathematical Model for Analyzing Honeynets and Their Cyber Deception Techniques," 2023 27th International Conference on Engineering of Complex Computer Systems (ICECCS), Toulouse, France, 2023, pp. 81-88, doi: 10.1109/ICECCS59891.2023.00019
https://rightsstatements.org/vocab/InC/1.0/
© 2023 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
https://rightsstatements.org/vocab/InC/1.0/
© 2023 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
https://rightsstatements.org/vocab/InC/1.0/
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:oulu-202401181328
https://urn.fi/URN:NBN:fi:oulu-202401181328
Tiivistelmä
Abstract
As a way of obtaining useful information about the adversaries behavior with a low rate of false detection, honeypots have made significant advancements in the field of cybersecurity. They are also powerful in wasting the adversaries resources and attracting their attention from other critical assets in the network. A deceptive network with multiple honeypots is called a honeynet. The honeypots in a honeynet aim to cooperate in order to increase their deception power. Professional adversaries utilize strong detection mechanisms to discover the existence of the honeypots in a network. When an adversary finds that a deception mechanism is deployed, it may change their behavior and cause malicious effects on the network. Therefore, a honeynet has to be deceptive enough in order not to be identified. This paper aims to review the techniques that are designed for the honeynets to make them improve their deception performance. The recent related surveys do not focus on the honeynet-specific techniques, and also have no comparison analysis. The main presented techniques in this paper are fully investigated through comparative analysis and simulation scenarios. Some suggestions on the research gap are also provided. The results of this paper can be used by the honeynet developers and researchers to improve their work.
As a way of obtaining useful information about the adversaries behavior with a low rate of false detection, honeypots have made significant advancements in the field of cybersecurity. They are also powerful in wasting the adversaries resources and attracting their attention from other critical assets in the network. A deceptive network with multiple honeypots is called a honeynet. The honeypots in a honeynet aim to cooperate in order to increase their deception power. Professional adversaries utilize strong detection mechanisms to discover the existence of the honeypots in a network. When an adversary finds that a deception mechanism is deployed, it may change their behavior and cause malicious effects on the network. Therefore, a honeynet has to be deceptive enough in order not to be identified. This paper aims to review the techniques that are designed for the honeynets to make them improve their deception performance. The recent related surveys do not focus on the honeynet-specific techniques, and also have no comparison analysis. The main presented techniques in this paper are fully investigated through comparative analysis and simulation scenarios. Some suggestions on the research gap are also provided. The results of this paper can be used by the honeynet developers and researchers to improve their work.
Kokoelmat
- Avoin saatavuus [38840]