Popis: |
This paper explores deploying a cyber honeypot system to learn how cyber defenders can use a honeypot system as a deception mechanism to gather intelligence. Defenders can gather intelligence about an attacker such as the autonomous system that the IP of the attacker is allocated from, the way the attacker is trying to penetrate the system, what different types of attacks are being used, the commands the attacker is running once they are inside the honeypot, and what malware the attacker is downloading to the deployed system. We demonstrate an experiment to implement a honeypot system that can lure in attackers and gather all the information mentioned above. The data collected is then thoroughly analyzed and explained to understand all this information. This experiment can be recreated and makes use of many open-source tools to successfully create a honeypot system. |