Enabling an Anatomic View to Investigate Honeypot Systems: A Survey

Fan, Wenjun and Du, Zhihui and Fernández Cambronero, David and Villagra González, Victor Abraham (2017). Enabling an Anatomic View to Investigate Honeypot Systems: A Survey. "IEEE Systems Journal" ; https://doi.org/10.1109/JSYST.2017.2762161.

Description

Title: Enabling an Anatomic View to Investigate Honeypot Systems: A Survey
Author/s:
  • Fan, Wenjun
  • Du, Zhihui
  • Fernández Cambronero, David
  • Villagra González, Victor Abraham
Item Type: Article
Título de Revista/Publicación: IEEE Systems Journal
Date: 2017
Subjects:
Faculty: E.T.S.I. Telecomunicación (UPM)
Department: Ingeniería de Sistemas Telemáticos [hasta 2014]
Creative Commons Licenses: None

Full text

[img]
Preview
PDF - Requires a PDF viewer, such as GSview, Xpdf or Adobe Acrobat Reader
Download (229kB) | Preview

Abstract

A honeypot is a type of security facility deliberately created to be probed, attacked and compromised. It is often used for protecting production systems by detecting and deflecting unauthorized accesses. It is also useful for investigating the behaviour of attackers, and in particular, unknown attacks. For the past 17 years much effort has been invested in the research and development of honeypot based techniques and tools and they have evolved to become an increasingly powerful means of defending against the creations of the blackhat community. In this paper, by studying multiple honeypot systems, the two essential elements of honeypots - the decoy and the security program - are captured and presented, together with two abstract organizational forms - independent and cooperative - in which these two elements can be integrated. A novel decoy and security program (D-P) based taxonomy is proposed, for the purpose of investigating and classifying the various techniques involved in honeypot systems. An extensive set of honeypot projects and research, which cover the techniques applied in both independent and cooperative honeypots, is surveyed under the taxonomy framework. Finally, the taxonomy is applied to a wide set of tools and systems in order to demonstrate its validity and predict the tendency of honeypot development.

More information

Item ID: 45563
DC Identifier: http://oa.upm.es/45563/
OAI Identifier: oai:oa.upm.es:45563
DOI: 10.1109/JSYST.2017.2762161
Official URL: https://ieeexplore.ieee.org/document/8098608
Deposited by: Wenjun Fan
Deposited on: 24 Apr 2017 07:04
Last Modified: 13 Mar 2019 11:31
  • Logo InvestigaM (UPM)
  • Logo GEOUP4
  • Logo Open Access
  • Open Access
  • Logo Sherpa/Romeo
    Check whether the anglo-saxon journal in which you have published an article allows you to also publish it under open access.
  • Logo Dulcinea
    Check whether the spanish journal in which you have published an article allows you to also publish it under open access.
  • Logo de Recolecta
  • Logo del Observatorio I+D+i UPM
  • Logo de OpenCourseWare UPM