Delivering Honeypots as a Service
Delivering Honeypots as a Service
dc.contributor.author | Jafarian, Jafar Haadi | |
dc.contributor.author | Niakanlahiji, Amirreza | |
dc.date.accessioned | 2020-01-04T07:31:45Z | |
dc.date.available | 2020-01-04T07:31:45Z | |
dc.date.issued | 2020-01-07 | |
dc.description.abstract | The effect of honeypots in slowing down attacks and collecting their signatures is well-known. Despite their known effectiveness, these technologies have remained underutilized, especially by small and medium-sized enterprises, because internal hosting and configuration of honeypots requires extensive expertise and infrastructure, which is unjustifiably expensive especially for small or medium-sized enterprises. In this paper, we propose a novel security approach that enables a security service provider to offer honeypot-as-a-service (HaaS) to customer enterprises. The HaaS service is offered by a plug-and-play gateway and incorporates a network of moving high-interaction honeypots into unused address space of client enterprises. These honeypots are configured tailored to the mission and type of services offered by the customer enterprise to blend in the surrounding network for maximum believability while looking vulnerable enough to engage potential attackers. As a contribution, we formulate and solve the problem of strategic configuration planning of a group of honeypots for a given input network. We also provide the necessary infrastructure and mechanisms for realizing the model and offering it to client enterprises without affecting their regular operations. Using experimental and analytical modeling, we evaluate our approach and show its robustness against honeypot mapping attacks, and its effectiveness in slowing down large-scale cyber intrusion attacks on enterprise networks. | |
dc.format.extent | 10 pages | |
dc.identifier.doi | 10.24251/HICSS.2020.227 | |
dc.identifier.isbn | 978-0-9981331-3-3 | |
dc.identifier.uri | http://hdl.handle.net/10125/63966 | |
dc.language.iso | eng | |
dc.relation.ispartof | Proceedings of the 53rd Hawaii International Conference on System Sciences | |
dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 International | |
dc.rights.uri | https://creativecommons.org/licenses/by-nc-nd/4.0/ | |
dc.subject | Cyber Deception for Defense | |
dc.subject | adaptive deception | |
dc.subject | deception planning | |
dc.subject | honeynet | |
dc.subject | honeypots | |
dc.subject | software-as-a-service | |
dc.title | Delivering Honeypots as a Service | |
dc.type | Conference Paper | |
dc.type.dcmi | Text |
Files
Original bundle
1 - 1 of 1
No Thumbnail Available
- Name:
- 0182.pdf
- Size:
- 761.57 KB
- Format:
- Adobe Portable Document Format
- Description: