Enabling an Anatomic View to Investigate Honeypot Systems: A Survey

Enabling an Anatomic View to Investigate Honeypot Systems: A Survey

A honeypot is a type of security facility deliberately created to be probed, attacked, and compromised. It is often used for protecting production systems by detecting and deflecting unauthorized accesses. It is also useful for investigating the behavior of attackers, and in particular, unknown atta...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE systems journal 2018-12, Vol.12 (4), p.3906-3919
Hauptverfasser: Fan, Wenjun, Du, Zhihui, Fernandez, David, Villagra, Victor A.
Format: Artikel
Sprache:eng
Schlagworte:
Computer security
Couplings
Fans
honeypots
intrusion detection
Monitoring
network security
R&D
Research & development
Research and development
Security
Taxonomy
Terminology
virtualization
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 3919
container_issue 4
container_start_page 3906
container_title IEEE systems journal
container_volume 12
creator Fan, Wenjun
Du, Zhihui
Fernandez, David
Villagra, Victor A.
description A honeypot is a type of security facility deliberately created to be probed, attacked, and compromised. It is often used for protecting production systems by detecting and deflecting unauthorized accesses. It is also useful for investigating the behavior of attackers, and in particular, unknown attacks. For the past 17 years plenty of effort has been invested in the research and development of honeypot techniques, and they have evolved to be an increasingly powerful means of defending against the creations of the blackhat community. In this paper, by studying a wide set of honeypots, the two essential elements of honeypots-the decoy and the captor-are captured and presented, together with two abstract organizational forms-independent and cooperative-where these two elements can be integrated. A novel decoy and captor (D-C) based taxonomy is proposed for the purpose of studying and classifying the various honeypot techniques. An extensive set of independent and cooperative honeypot projects and research that cover these techniques is surveyed under the taxonomy framework. Furthermore, two subsets of features from the taxonomy are identified, which can greatly influence the honeypot performances. These two subsets of features are applied to a number of typical independent and cooperative honeypots separately in order to validate the taxonomy and predict the honeypot development trends.
doi_str_mv 10.1109/JSYST.2017.2762161
format Article
fullrecord <record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_crossref_primary_10_1109_JSYST_2017_2762161</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>8098608</ieee_id><sourcerecordid>2137560985</sourcerecordid><originalsourceid>FETCH-LOGICAL-c295t-399c02c9d8f62a3189af2fd70216ced85345d24c8c22028463effaa586093c633</originalsourceid><addsrcrecordid>eNo9kM1OwzAQhC0EEqXwAnCxxDnBXseOza2qCi2qxCEFiZNlHKdK1TolTovy9rg_4rRzmJkdfQjdU5JSStTTW_FVLFIgNE8hF0AFvUADqlieKGDZ5VFDIqnMrtFNCCtCuOS5GqDxxJvvde2X2Hg88qZrNrXFn7X7xV2DZ37vQlcvTefwtPGu3zYdLvrQuU14xiNc7Nq962_RVWXWwd2d7xB9vEwW42kyf3-djUfzxILiXcKUsgSsKmUlwDAqlamgKnMS51pXSs4yXkJmpQUgIDPBXFUZw6UgilnB2BA9nnq3bfOzi8P0qtm1Pr7UQFnOoy-WDBGcXLZtQmhdpbdtvTFtrynRB1j6CEsfYOkzrBh6OIVq59x_QMZCQST7Ay2QZIs</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2137560985</pqid></control><display><type>article</type><title>Enabling an Anatomic View to Investigate Honeypot Systems: A Survey</title><source>IEEE Electronic Library (IEL)</source><creator>Fan, Wenjun ; Du, Zhihui ; Fernandez, David ; Villagra, Victor A.</creator><creatorcontrib>Fan, Wenjun ; Du, Zhihui ; Fernandez, David ; Villagra, Victor A.</creatorcontrib><description>A honeypot is a type of security facility deliberately created to be probed, attacked, and compromised. It is often used for protecting production systems by detecting and deflecting unauthorized accesses. It is also useful for investigating the behavior of attackers, and in particular, unknown attacks. For the past 17 years plenty of effort has been invested in the research and development of honeypot techniques, and they have evolved to be an increasingly powerful means of defending against the creations of the blackhat community. In this paper, by studying a wide set of honeypots, the two essential elements of honeypots-the decoy and the captor-are captured and presented, together with two abstract organizational forms-independent and cooperative-where these two elements can be integrated. A novel decoy and captor (D-C) based taxonomy is proposed for the purpose of studying and classifying the various honeypot techniques. An extensive set of independent and cooperative honeypot projects and research that cover these techniques is surveyed under the taxonomy framework. Furthermore, two subsets of features from the taxonomy are identified, which can greatly influence the honeypot performances. These two subsets of features are applied to a number of typical independent and cooperative honeypots separately in order to validate the taxonomy and predict the honeypot development trends.</description><identifier>ISSN: 1932-8184</identifier><identifier>EISSN: 1937-9234</identifier><identifier>DOI: 10.1109/JSYST.2017.2762161</identifier><identifier>CODEN: ISJEB2</identifier><language>eng</language><publisher>New York: IEEE</publisher><subject>Computer security ; Couplings ; Fans ; honeypots ; intrusion detection ; Monitoring ; network security ; R&amp;D ; Research &amp; development ; Research and development ; Security ; Taxonomy ; Terminology ; virtualization</subject><ispartof>IEEE systems journal, 2018-12, Vol.12 (4), p.3906-3919</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2018</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c295t-399c02c9d8f62a3189af2fd70216ced85345d24c8c22028463effaa586093c633</citedby><cites>FETCH-LOGICAL-c295t-399c02c9d8f62a3189af2fd70216ced85345d24c8c22028463effaa586093c633</cites><orcidid>0000-0002-7363-9695 ; 0000-0002-8435-1611</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/8098608$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,776,780,792,27903,27904,54737</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/8098608$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Fan, Wenjun</creatorcontrib><creatorcontrib>Du, Zhihui</creatorcontrib><creatorcontrib>Fernandez, David</creatorcontrib><creatorcontrib>Villagra, Victor A.</creatorcontrib><title>Enabling an Anatomic View to Investigate Honeypot Systems: A Survey</title><title>IEEE systems journal</title><addtitle>JSYST</addtitle><description>A honeypot is a type of security facility deliberately created to be probed, attacked, and compromised. It is often used for protecting production systems by detecting and deflecting unauthorized accesses. It is also useful for investigating the behavior of attackers, and in particular, unknown attacks. For the past 17 years plenty of effort has been invested in the research and development of honeypot techniques, and they have evolved to be an increasingly powerful means of defending against the creations of the blackhat community. In this paper, by studying a wide set of honeypots, the two essential elements of honeypots-the decoy and the captor-are captured and presented, together with two abstract organizational forms-independent and cooperative-where these two elements can be integrated. A novel decoy and captor (D-C) based taxonomy is proposed for the purpose of studying and classifying the various honeypot techniques. An extensive set of independent and cooperative honeypot projects and research that cover these techniques is surveyed under the taxonomy framework. Furthermore, two subsets of features from the taxonomy are identified, which can greatly influence the honeypot performances. These two subsets of features are applied to a number of typical independent and cooperative honeypots separately in order to validate the taxonomy and predict the honeypot development trends.</description><subject>Computer security</subject><subject>Couplings</subject><subject>Fans</subject><subject>honeypots</subject><subject>intrusion detection</subject><subject>Monitoring</subject><subject>network security</subject><subject>R&amp;D</subject><subject>Research &amp; development</subject><subject>Research and development</subject><subject>Security</subject><subject>Taxonomy</subject><subject>Terminology</subject><subject>virtualization</subject><issn>1932-8184</issn><issn>1937-9234</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2018</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNo9kM1OwzAQhC0EEqXwAnCxxDnBXseOza2qCi2qxCEFiZNlHKdK1TolTovy9rg_4rRzmJkdfQjdU5JSStTTW_FVLFIgNE8hF0AFvUADqlieKGDZ5VFDIqnMrtFNCCtCuOS5GqDxxJvvde2X2Hg88qZrNrXFn7X7xV2DZ37vQlcvTefwtPGu3zYdLvrQuU14xiNc7Nq962_RVWXWwd2d7xB9vEwW42kyf3-djUfzxILiXcKUsgSsKmUlwDAqlamgKnMS51pXSs4yXkJmpQUgIDPBXFUZw6UgilnB2BA9nnq3bfOzi8P0qtm1Pr7UQFnOoy-WDBGcXLZtQmhdpbdtvTFtrynRB1j6CEsfYOkzrBh6OIVq59x_QMZCQST7Ay2QZIs</recordid><startdate>201812</startdate><enddate>201812</enddate><creator>Fan, Wenjun</creator><creator>Du, Zhihui</creator><creator>Fernandez, David</creator><creator>Villagra, Victor A.</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><orcidid>https://orcid.org/0000-0002-7363-9695</orcidid><orcidid>https://orcid.org/0000-0002-8435-1611</orcidid></search><sort><creationdate>201812</creationdate><title>Enabling an Anatomic View to Investigate Honeypot Systems: A Survey</title><author>Fan, Wenjun ; Du, Zhihui ; Fernandez, David ; Villagra, Victor A.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c295t-399c02c9d8f62a3189af2fd70216ced85345d24c8c22028463effaa586093c633</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2018</creationdate><topic>Computer security</topic><topic>Couplings</topic><topic>Fans</topic><topic>honeypots</topic><topic>intrusion detection</topic><topic>Monitoring</topic><topic>network security</topic><topic>R&amp;D</topic><topic>Research &amp; development</topic><topic>Research and development</topic><topic>Security</topic><topic>Taxonomy</topic><topic>Terminology</topic><topic>virtualization</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Fan, Wenjun</creatorcontrib><creatorcontrib>Du, Zhihui</creatorcontrib><creatorcontrib>Fernandez, David</creatorcontrib><creatorcontrib>Villagra, Victor A.</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><jtitle>IEEE systems journal</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Fan, Wenjun</au><au>Du, Zhihui</au><au>Fernandez, David</au><au>Villagra, Victor A.</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Enabling an Anatomic View to Investigate Honeypot Systems: A Survey</atitle><jtitle>IEEE systems journal</jtitle><stitle>JSYST</stitle><date>2018-12</date><risdate>2018</risdate><volume>12</volume><issue>4</issue><spage>3906</spage><epage>3919</epage><pages>3906-3919</pages><issn>1932-8184</issn><eissn>1937-9234</eissn><coden>ISJEB2</coden><abstract>A honeypot is a type of security facility deliberately created to be probed, attacked, and compromised. It is often used for protecting production systems by detecting and deflecting unauthorized accesses. It is also useful for investigating the behavior of attackers, and in particular, unknown attacks. For the past 17 years plenty of effort has been invested in the research and development of honeypot techniques, and they have evolved to be an increasingly powerful means of defending against the creations of the blackhat community. In this paper, by studying a wide set of honeypots, the two essential elements of honeypots-the decoy and the captor-are captured and presented, together with two abstract organizational forms-independent and cooperative-where these two elements can be integrated. A novel decoy and captor (D-C) based taxonomy is proposed for the purpose of studying and classifying the various honeypot techniques. An extensive set of independent and cooperative honeypot projects and research that cover these techniques is surveyed under the taxonomy framework. Furthermore, two subsets of features from the taxonomy are identified, which can greatly influence the honeypot performances. These two subsets of features are applied to a number of typical independent and cooperative honeypots separately in order to validate the taxonomy and predict the honeypot development trends.</abstract><cop>New York</cop><pub>IEEE</pub><doi>10.1109/JSYST.2017.2762161</doi><tpages>14</tpages><orcidid>https://orcid.org/0000-0002-7363-9695</orcidid><orcidid>https://orcid.org/0000-0002-8435-1611</orcidid></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 1932-8184
ispartof IEEE systems journal, 2018-12, Vol.12 (4), p.3906-3919
issn 1932-8184
1937-9234
language eng
recordid cdi_crossref_primary_10_1109_JSYST_2017_2762161
source IEEE Electronic Library (IEL)
subjects Computer security
Couplings
Fans
honeypots
intrusion detection
Monitoring
network security
R&D
Research & development
Research and development
Security
Taxonomy
Terminology
virtualization
title Enabling an Anatomic View to Investigate Honeypot Systems: A Survey
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-21T18%3A46%3A44IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Enabling%20an%20Anatomic%20View%20to%20Investigate%20Honeypot%20Systems:%20A%20Survey&rft.jtitle=IEEE%20systems%20journal&rft.au=Fan,%20Wenjun&rft.date=2018-12&rft.volume=12&rft.issue=4&rft.spage=3906&rft.epage=3919&rft.pages=3906-3919&rft.issn=1932-8184&rft.eissn=1937-9234&rft.coden=ISJEB2&rft_id=info:doi/10.1109/JSYST.2017.2762161&rft_dat=%3Cproquest_RIE%3E2137560985%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2137560985&rft_id=info:pmid/&rft_ieee_id=8098608&rfr_iscdi=true