HoneyDOC: An Efficient Honeypot Architecture Enabling All-Round Design

Wenjun Fan, Zhihui Du*, Max Smith-Creasey, David Fernandez

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

44 Citations (Scopus)

Abstract

Honeypots are designed to trap the attacker with the purpose of investigating its malicious behavior. Owing to the increasing variety and sophistication of cyber attacks, how to capture high-quality attack data has become a challenge in the context of honeypot area. All-round honeypots, which mean a significant improvement in sensibility, countermeasure, and stealth, are necessary to tackle the problem. In this paper, we propose a novel honeypot architecture termed HoneyDOC to support all-round honeypot design and implementation. Our HoneyDOC architecture clearly identifies three essential independent and collaborative modules, Decoy, Captor, and Orchestrator. Based on the efficient architecture, a software-defined networking-enabled honeypot system is designed, which supplies a high programmability for technically sustaining the features for capturing high-quality data. A proof-of-concept system is implemented to validate its feasibility and effectiveness. The experimental results show the benefits by using the proposed architecture compared with the previous honeypot solutions.

Original languageEnglish
Article number8635491
Pages (from-to)683-697
Number of pages15
JournalIEEE Journal on Selected Areas in Communications
Volume37
Issue number3
DOIs
Publication statusPublished - Mar 2019
Externally publishedYes

Keywords

  • Honeypot
  • cyber deception
  • cyber security
  • intrusion response
  • network softwarization
  • traffic redirection

Fingerprint

Dive into the research topics of 'HoneyDOC: An Efficient Honeypot Architecture Enabling All-Round Design'. Together they form a unique fingerprint.

Cite this