Related papers: Measuring and Clustering Network Attackers using M…
The growing number of Internet of Things (IoT) devices makes it imperative to be aware of the real-world threats they face in terms of cybersecurity. While honeypots have been historically used as decoy devices to help…
Honeypots are a well-known and widely used technology in the cybersecurity community, where it is assumed that placing honeypots in different geographical locations provides better visibility and increases effectiveness. However, how…
In this age of digitalization, Internet services face more attacks than ever. An attacker's objective is to exploit systems and use them for malicious purposes. Such efforts are rising as vulnerable systems can be discovered and compromised…
Network infrastructure in a production environment is increasingly targeted by attackers every day. Many resources and services now rely on the internet, making network infrastructure one of the most critical parts to protect, as it hosts…
Honeypots are more and more used to collect data on malicious activities on the Internet and to better understand the strategies and techniques used by attackers to compromise target systems. Analysis and modeling methodologies are needed…
With the rapid growth of Internet of Things (IoT) devices, it is imperative to proactively understand the real-world cybersecurity threats posed to them. This paper describes our initial efforts towards building a honeypot ecosystem as a…
This paper explores deploying a cyber honeypot system to learn how cyber defenders can use a honeypot system as a deception mechanism to gather intelligence. Defenders can gather intelligence about an attacker such as the autonomous system…
In the field of network security, with the ongoing arms race between attackers, seeking new vulnerabilities to bypass defense mechanisms and defenders reinforcing their prevention, detection and response strategies, the novel concept of…
Honeypots are a well-studied defensive measure in network security. This work proposes an effective low-cost honeypot that is easy to deploy and maintain. The honeypot introduced in this work is able to handle commands in a non-standard way…
Since honeypots first appeared as an advanced network security concept they suffer from poor deployment and maintenance strategies. State-of-the-Art deployment is a manual process in which the honeypot needs to be configured and maintained…
Honeypots are a deceptive technology used to capture malicious activity. The technology is useful for studying attacker behavior, tools, and techniques but can be difficult to implement and maintain. Historically, a lack of measures of…
In the recent years, the fast development and the exponential utilization of social networks have prompted an expansion of social Computing. In social networks users are interconnected by edges or links, where Facebook, twitter, LinkedIn…
The rapid evolution of cyber threats necessitates innovative solutions for detecting and analyzing malicious activity. Honeypots, which are decoy systems designed to lure and interact with attackers, have emerged as a critical component in…
Critical Infrastructure (CI) is prone to cyberattacks. Several techniques have been developed to protect CI against such attacks. In this work, we describe a honeypot based on a cyber twin for a water treatment plant. The honeypot is…
Honeypots are computing systems used to capture unauthorized, often malicious, activity. While honeypots can take on a variety of forms, researchers agree the technology is useful for studying adversary behavior, tools, and techniques.…
The proliferation of the Internet of Things (IoT) has raised concerns about the security of connected devices. There is a need to develop suitable and cost-efficient methods to identify vulnerabilities in IoT devices in order to address…
Honeypots are decoy systems that lure attackers by presenting them with a seemingly vulnerable system. They provide an early detection mechanism as well as a method for learning how adversaries work and think. However, over the last years,…
A honeypot is a type of security facility deliberately created to be probed, attacked and compromised. It is often used for protecting production systems by detecting and deflecting unauthorized accesses. It is also useful for investigating…
This paper presents an experimental study and the lessons learned from the observation of the attackers when logged on a compromised machine. The results are based on a six months period during which a controlled experiment has been run…
Honeypot is an important cyber defense technique that can expose attackers new attacks. However, the effectiveness of honeypots has not been systematically investigated, beyond the rule of thumb that their effectiveness depends on how they…