A Highly Interactive Honeypot-Based Approach to Network Threat Management

Xingyuan Yang

Jie Yuan

Hao Yang

Ya Kong

Hao Zhang and Jinyu Zhao

Resumen

In this paper, considering the problem that the common defensive means in the current cyber confrontation often fall into disadvantage, honeypot technology is adopted to turn reactive into proactive to deal with the increasingly serious cyberspace security problem. We address the issue of common defensive measures in current cyber confrontations that frequently lead to disadvantages. To tackle the progressively severe cyberspace security problem, we propose the adoption of honeypot technology to shift from a reactive to a proactive approach. This system uses honeypot technology for active defense, tempting attackers into a predetermined sandbox to observe the attacker?s behavior and attack methods to better protect equipment and information security. During the research, it was found that due to the singularity of traditional honeypots and the limitations of low-interactivity honeypots, the application of honeypot technology has difficulty in achieving the desired protective effect. Therefore, the system adopts a highly interactive honeypot and a modular design idea to distinguish the honeypot environment from the central node of data processing, so that the honeypot can obtain more sufficient information and the honeypot technology can be used more easily. By managing honeypots at the central node, i.e., adding, deleting, and modifying honeypots and other operations, it is easy to maintain and upgrade the system, while reducing the difficulty of using honeypots. The high-interactivity honeypot technology not only attracts attackers into pre-set sandboxes to observe their behavior and attack methods, but also performs a variety of advanced functions, such as network threat analysis, virtualization, vulnerability perception, tracing reinforcement, and camouflage detection. We have conducted a large number of experimental comparisons and proven that our method has significant advantages compared to traditional honeypot technology and provides detailed data support. Our research provides new ideas and effective methods for network security protection.

Palabras claves

high interaction honeypot - cyber threat analysis - virtualization - vulnerability detection - traceability reinforcement - masquerade detection

Acceso

P�GINAS

pp. 0 - 0

N�MERO

Volumen: 15 Parte: 4 (2023)

MATERIAS

INFRAESTRUCTURA

REVISTAS SIMILARES

ISPRS International Journal of Geo-Information
Future Internet
Water

DOI

https://doi.org/10.3390/fi15040127

Art�culos similares

Participatory Rural Spatial Planning Based on a Virtual Globe-Based 3D PGIS

Acceso

Linjun Yu, Xiaotong Zhang, Feng He, Yalan Liu and Dacheng Wang

With the current spatial planning reform in China, public participation is becoming increasingly important in the success of rural spatial planning. However, engaging various stakeholders in spatial planning projects is difficult, mainly due to the lack ... ver m�s

Revista: ISPRS International Journal of Geo-Information

Spatiotemporal Exploration of Chinese Spring Festival Population Flow Patterns and Their Determinants Based on Spatial Interaction Model

Acceso

Tao Zhou, Bo Huang, Xiaoqian Liu, Guangqin He, Qiang Gou, Zhihui Huang and Cheng Xie

Large-scale population flow reshapes the economic landscape and is affected by unbalanced urban development. The exploration of migration patterns and their determinants is therefore crucial to reveal unbalanced urban development. However, low-resolution... ver m�s

Revista: ISPRS International Journal of Geo-Information

myDIG: Personalized Illicit Domain-Specific Knowledge Discovery with No Programming

Acceso

Mayank Kejriwal and Pedro Szekely

With advances in machine learning, knowledge discovery systems have become very complicated to set up, requiring extensive tuning and programming effort. Democratizing such technology so that non-technical domain experts can avail themselves of these adv... ver m�s

Revista: Future Internet

?SimDelta??Inquiry into an Internet-Based Interactive Model for Water Infrastructure Development in The Netherlands

Acceso

Ties Rijcken, Jan Stijnen and Nadine Slootjes

The Dutch Delta Program is currently developing new government policies for flood protection and fresh water supply. Decision support instruments have to address the program?s technical and political complexity. The water system functions are highly inte... ver m�s

Revista: Water

Revistas destacadas

Acceso directo a los n�meros publicados en la revista Infrastructures

Infrastructures

Acceso directo a los n�meros publicados en la revista Informed Infraestructure

Informed Infraestructure

Acceso directo a los n�meros publicados en la revista BiT

Acceso directo a los n�meros publicados en la revista Revista de la Construcci�n

Revista de la Construcci�n

Ver todas las revistas disponibles