Sciweavers

CODASPY
2016

HoneyMix: Toward SDN-based Intelligent Honeynet

8 years 7 months ago
HoneyMix: Toward SDN-based Intelligent Honeynet
Honeynet is a collection of honeypots that are set up to attract as many attackers as possible to learn about their patterns, tactics, and behaviors. However, existing honeypots suffer from a variety of fingerprinting techniques, and the current honeynet architecture does not fully utilize features of residing honeypots due to its coarse-grained data control mechanisms. To address these challenges, we propose an SDN-based intelligent honeynet called HoneyMix. HoneyMix leverages the rich programmability of SDN to circumvent attackers’ detection mechanisms and enables finegrained data control for honeynet. To do this, HoneyMix simultaneously establishes multiple connections with a set of honeypots and selects the most desirable connection to inspire attackers to remain connected. In this paper, we present the HoneyMix architecture and a description of its core components. Keywords Software-defined Networking; Network Function Virtualization; Honeynet; Honeypot
Wonkyu Han, Ziming Zhao, Adam Doupé, Gail-J
Added 31 Mar 2016
Updated 31 Mar 2016
Type Journal
Year 2016
Where CODASPY
Authors Wonkyu Han, Ziming Zhao, Adam Doupé, Gail-Joon Ahn
Comments (0)