Document Type : Original Research Paper


Department of Computer Engineering, Dezful Branch, Islamic Azad University, Dezful, Iran


Background and Objectives: Increasing usage of Internet and computer networks by individuals and organizations and also attackers’ usage of new methods and tools in an attempt to endanger network security, have led to the emergence of a wide range of threats to networks.
Methods: A honeypot is one of the basic techniques employed for network security improvement. It is basically designed to be attacked so as to get the attackers’ information and trap them. By using a vulnerable scanner in this paper, we obtained the required network vulnerabilities and normalized them via the proposed method. Then, a dynamic hybrid honeypot has proposed by high and low interaction honeypots. Also, in the proposed method, by footprinting and scanning of an integrated network, a detailed picture of the production network and a honeypot configuration file are generated.
Results: As a result, more devices could be detected via automated production by the proposed method.
Conclusion: This method could accelerate honeypot production and reduce the users’ mistakes during their manual production. Monitoring network traffic, collecting the information of network machines, determining network operating systems, and storing data in a database are the specific features of this system that could be performed by using the selected network scanning tools and modules.

©2019 The author(s). This is an open access article distributed under the terms of the Creative Commons Attribution (CC BY 4.0), which permits unrestricted use, distribution, and reproduction in any medium, as long as the original authors and source are cited. No permission is required from the authors or the publishers.


Main Subjects

[1] M. E. Namin, M. Hosseinzadeh, N. Bagheri, A. Khademzadeh, “RSPAE: RFID search protocol based on authenticated encryption,” Journal of Electrical and Computer Engineering Innovations, 6(2): 179-192, 2018.

[2] M. Safkhani, “Cryptanalysis of R2AP an ultra lightweight authentication protocol for RFID,” Journal of Electrical and Computer Engineering Innovations, 6(1): 107-114, 2018.

[3] L. Spitzner, Honeypots: tracking hackers, Addison Wesley Professional, 1: 2002.

[4] P. Diebold, A. Hess, G. Schäfer, “A honeypot architecture for detecting and analyzing unknown network attacks,” in Proc. 14th Kommunikation in Verteilten Systemen (KiVS05): 245-255, 2005.

[5] J. P. John, F. Yu, Y. Xie, A. Krishnamurthy, M. Abadi, “Heat-seeking honeypots: design and experience,” in Proc. The 20th International Conference on World Wide Web, ACM: 207-216, 2011.

[6] A. M. Leonard, H. Cai, K. K. Venkatasubramanian, M. Ali, and T. Eisenbarth, “A honeypot system for wearable networks,” in Proc. IEEE 37th Sarnoff Symposium: 199-201, 2016.

[7] J. D. Guarnizo, A. Tambe, S. S. Bhunia, M. Ochoa, N. O. Tippenhauer, A. Shabtai, Y. Elovici, “Siphon: Towards scalable high-interaction physical honeypots,” in Proc. The 3rd ACM Workshop on Cyber-Physical System Security: 57-68, 2017.

[8] D. Fraunholz, D. Krohmer, H. D. Schotten, C. Nogueira, “Introducing FALCOM: A multifunctional high-interaction honeypot framework for industrial and embedded applications,” in Proc. International Conference on Cyber Security and Protection of Digital Services (Cyber Security)): 1-8, 2018.

[9] J. Daubert, D. Boopalan, M. Mühlhäuser, E. Vasilomanolakis, “HoneyDrone: A medium-interaction unmanned aerial vehicle honeypot,” in Proc. NOMS 2018-2018 IEEE/IFIP Network Operations and Management Symposium: 1-6, 2018.

[10] M. Baykara, R. DAŞ, “SoftSwitch: A centralized honeypot-based security approach using software-defined switching for secure management of VLAN networks,” Turkish Journal of Electrical Engineering & Computer Sciences, 27(5): 3309-3325, 2019.

[11] R. Danford, 2nd Generation Honeyclients, SANS Internet Storm Center, 2006.

[12] F. Pouget, M. Dacier, V. H. Pham, “Leurreé.com: On the advantages of deploying a large scale distributed honeypot platform,” in Proc. The E-Crime and Computer Evidence Conference, 2005.

[13] J. Levine, R. LaBella, H. Owen, D. Contis, and B. Culver, “The use of honeynets to detect exploited systems across large enterprise networks,” in Proc. Information Assurance Workshop, IEEE Systems, Man and Cybernetics Society: 92-99, 2003.

[14] J. G. Levine, J. B. Grizzard, and H. L. Owen, “Using honeynets to protect large enterprise networks,” IEEE Security & Privacy, 2(6): 73-75, 2004.

[15] S. Azadegan and V. McKenna, “Use of honeynets in computer security education,” in Proc. IEEE Fourth Annual ACIS International Conference on Computer and Information Science: 320-325, 2005.

[16] ‘The Xen Hypervisor,’December 2019.

[17] F. Bellard, “QEMU-open source processor emulator,” 14 November 2019.

[18] ‘VMware”, 01 October 2018.

[19] N. Provos, T. Holz, Virtual honeypots: from botnet tracking to intrusion detection, Pearson Education, 2007.

[20] R. Baumann, C. Plattner, Honeypots, Swiss Federal Institute of Technology, 2002.

[21] P. Fanfara, M. Dufala, J. Radušovský, “Autonomous hybrid honeypot as the future of distributed computer systems security,” Acta Polytechnica Hungarica, 10(6): 25-42, 2013.

[22] I. Kuwatly, M. Sraj, Z. Al Masri, and H. Artail, “A dynamic honeypot design for intrusion detection,” in Proc. IEEE/ACS International Conference on Pervasive Services: 95-104, 2004.

[23] C. Hecker, B. Hay, “Securing E-government assets through automating deployment of honeynets for IDS support,” in Proc. 43rd Hawaii International Conference in System Sciences (HICSS): 1-10, 2010.

[24] C. Hecker, B. Hay, “Automated honeynet deployment for dynamic network environment,” in Proc. 46th Hawaii International Conference In System Sciences (HICSS): 4880-4889, 2013.


Journal of Electrical and Computer Engineering Innovations (JECEI) welcomes letters to the editor for the post-publication discussions and corrections which allows debate post publication on its site, through the Letters to Editor. Letters pertaining to manuscript published in JECEI should be sent to the editorial office of JECEI within three months of either online publication or before printed publication, except for critiques of original research. Following points are to be considering before sending the letters (comments) to the editor.

[1] Letters that include statements of statistics, facts, research, or theories should include appropriate references, although more than three are discouraged.

[2] Letters that are personal attacks on an author rather than thoughtful criticism of the author’s ideas will not be considered for publication.

[3] Letters can be no more than 300 words in length.

[4] Letter writers should include a statement at the beginning of the letter stating that it is being submitted either for publication or not.

[5] Anonymous letters will not be considered.

[6] Letter writers must include their city and state of residence or work.

[7] Letters will be edited for clarity and length.