Design and performance analysis of a SDN-based intelligent and collaborative Honeynet for mobile networks environment

In the mobile network environment, the mobile honeypot resources are limited and the attack injection means are flexible, so it is necessary to dynamically deploy the honeynet to collaboratively detect the attack behavior characteristics. However, existing honey nets are susceptible to feature recognition attacks, malicious traffic within the network, and can't be migrated across honeypots. Based on software defined networking(SDN) technology, an intelligent collaborative honeynet system(ic-Honeynet) was designed. It consisted of a reverse connection proxy module and a honeynet controller. Finally, an ic-Honeynet experimental environment was built and the effectiveness of the system was verified. The experimental results show that the throughput of the system is nearly linear, up to 8.23 Gbit/s; the additional increase in response delay is small, only in the range of 0.5 to 1.2 ms; the connection processing capability is also very strong, up to 1 473 connections/s.