An Advanced Hybrid Honeypot for Providing Effective Resistance in Automatic Network Generation

Document Type: Research Paper

Authors

Department of Computer Engineering, Dezful Branch, Islamic Azad University, Dezful, Iran

10.22061/jecei.2020.5621.241

Abstract

Increasing usage of Internet and computer networks by individuals and organizations on the one hand and attackers’ usage of new methods and tools in an attempt to endanger their securities; on the other hand, have led to the emergence of a wide range of threats and serious damages to networks. In such circumstances, different security mechanisms, such as firewalls, penetration detection systems, digital signatures, etc., are utilized to improve network security. A honeypot is one of the basic techniques employed for its security enhancement. It is basically designed to be attacked so as to get the attackers’ information and trap them. By using a vulnerable scanner in this paper, we obtained the required network vulnerabilities and normalized them via the proposed method. Then, a dynamic hybrid Honeypot created by high- and low-interaction Honeypots was presented. Following this, active and passive scanning of an integrated network, a detailed picture of the production network, and a Honeypot configuration file was generated by the proposed program. As a result, more devices could be detected via the automated production since their Honeypots had been created. This method could accelerate the Honeypot production and reduce the users’ mistakes during their manual production. Monitoring network traffic, collecting the information of network machines, determining network operating systems, and storing data in a database were the specific features of this system that could be performed by using the selected network scanning tools and modules.

Keywords