A computational intelligence enabled honeypot for chasing ghosts in the wires
- PDF / 3,780,386 Bytes
- 18 Pages / 595.276 x 790.866 pts Page_size
- 66 Downloads / 178 Views
ORIGINAL ARTICLE
A computational intelligence enabled honeypot for chasing ghosts in the wires Nitin Naik1
· Paul Jenkins2 · Nick Savage3 · Longzhi Yang4
Received: 31 March 2020 / Accepted: 26 September 2020 © The Author(s) 2020
Abstract A honeypot is a concealed security system that functions as a decoy to entice cyberattackers to reveal their information. Therefore, it is essential to disguise its identity to ensure its successful operation. Nonetheless, cyberattackers frequently attempt to uncover these honeypots; one of the most effective techniques for revealing their identity is a fingerprinting attack. Once identified, a honeypot can be exploited as a zombie by an attacker to attack others. Several effective techniques are available to prevent a fingerprinting attack, however, that would be contrary to the purpose of a honeypot, which is designed to interact with attackers to attempt to discover information relating to them. A technique to discover any attempted fingerprinting attack is highly desirable, for honeypots, while interacting with cyberattackers. Unfortunately, no specific method is available to detect and predict an attempted fingerprinting attack in real-time due to the difficulty of isolating it from other attacks. This paper presents a computational intelligence enabled honeypot that is capable of discovering and predicting an attempted fingerprinting attack by using a Principal components analysis and Fuzzy inference system. This proposed system is successfully tested against the five popular fingerprinting tools Nmap, Xprobe2, NetScanTools Pro, SinFP3 and Nessus. Keywords Cyberattack · Honeypot · Computational intelligence · Fingerprinting attack · Principal components analysis · Fuzzy inference system
Introduction Security experts adapted their strategy due to the significant increase in cyberattacks, in particular, the increase in
B
Nitin Naik [email protected] Paul Jenkins [email protected] Nick Savage [email protected] Longzhi Yang [email protected]
1
School of Informatics and Digital Engineering, Aston University, Birmingham, UK
2
Cardiff School of Technologies, Cardiff Metropolitan University, Cardiff, UK
3
School of Computing, University of Portsmouth, Portsmouth, UK
4
Department of Computer and Information Sciences, Northumbria University, Newcastle upon Tyne, UK
their complexity and resolution; which led to the application of both active and passive defence systems as a part of their defensive strategies [8]. As an active defence system, a honeypot functions as a decoy to entice cyberattackers to reveal information which can be utilised by security experts in updating their security procedures [28]. As a concealed system, it is essential to disguise its identity for its successful operation. Nonetheless, cyberattackers always attempt to uncover these honeypots and one of the most effective techniques for revealing their identity is a fingerprinting attack. Generally, for any unconcealed system fingerprinting is not of great concern, but f
Data Loading...
