HoneyDOC: An Efficient Honeypot Architecture Enabling All-Round Design

• URL: http://arxiv.org/abs/2402.06516v1
• Date: Fri, 9 Feb 2024 16:27:45 GMT
• Title: HoneyDOC: An Efficient Honeypot Architecture Enabling All-Round Design
• Authors: Wenjun Fan, Zhihui Du, Max Smith-Creasey, David Fernández,
• Abstract summary: Honeypots are designed to trap the attacker with the purpose of investigating its malicious behavior. How to capture high-quality attack data has become a challenge in the context of honeypot area. All-round honeypots, which mean significant improvement in sensibility, countermeasure and stealth, are necessary to tackle the problem.
• Score: 0.5849783371898033
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Honeypots are designed to trap the attacker with the purpose of investigating its malicious behavior. Owing to the increasing variety and sophistication of cyber attacks, how to capture high-quality attack data has become a challenge in the context of honeypot area. All-round honeypots, which mean significant improvement in sensibility, countermeasure and stealth, are necessary to tackle the problem. In this paper, we propose a novel honeypot architecture termed HoneyDOC to support all-round honeypot design and implementation. Our HoneyDOC architecture clearly identifies three essential independent and collaborative modules, Decoy, Captor and Orchestrator. Based on the efficient architecture, a Software-Defined Networking (SDN) enabled honeypot system is designed, which supplies high programmability for technically sustaining the features for capturing high-quality data. A proof-of-concept system is implemented to validate its feasibility and effectiveness. The experimental results show the benefits by using the proposed architecture comparing to the previous honeypot solutions.

Related papers

• White-Basilisk: A Hybrid Model for Code Vulnerability Detection [50.49233187721795]
  We introduce White-Basilisk, a novel approach to vulnerability detection that demonstrates superior performance.<n>White-Basilisk achieves results in vulnerability detection tasks with a parameter count of only 200M.<n>This research establishes new benchmarks in code security and provides empirical evidence that compact, efficiently designed models can outperform larger counterparts in specialized tasks.
  arXiv  Detail & Related papers  (2025-07-11T12:39:25Z)
• MISLEADER: Defending against Model Extraction with Ensembles of Distilled Models [56.09354775405601]
  Model extraction attacks aim to replicate the functionality of a black-box model through query access.<n>Most existing defenses presume that attacker queries have out-of-distribution (OOD) samples, enabling them to detect and disrupt suspicious inputs.<n>We propose MISLEADER, a novel defense strategy that does not rely on OOD assumptions.
  arXiv  Detail & Related papers  (2025-06-03T01:37:09Z)
• InvFussion: Bridging Supervised and Zero-shot Diffusion for Inverse Problems [76.39776789410088]
  This work introduces a framework that combines the strong performance of supervised approaches and the flexibility of zero-shot methods. A novel architectural design seamlessly integrates the degradation operator directly into the denoiser. Experimental results on the FFHQ and ImageNet datasets demonstrate state-of-the-art posterior-sampling performance.
  arXiv  Detail & Related papers  (2025-04-02T12:40:57Z)
• AsCAN: Asymmetric Convolution-Attention Networks for Efficient Recognition and Generation [48.82264764771652]
  We introduce AsCAN -- a hybrid architecture, combining both convolutional and transformer blocks. AsCAN supports a variety of tasks: recognition, segmentation, class-conditional image generation. We then scale the same architecture to solve a large-scale text-to-image task and show state-of-the-art performance.
  arXiv  Detail & Related papers  (2024-11-07T18:43:17Z)
• LLM Honeypot: Leveraging Large Language Models as Advanced Interactive Honeypot Systems [0.0]
  Honeypots are decoy systems designed to lure and interact with attackers. We present a novel approach to creating realistic and interactive honeypot systems using Large Language Models.
  arXiv  Detail & Related papers  (2024-09-12T17:33:06Z)
• HoneyGPT: Breaking the Trilemma in Terminal Honeypots with Large Language Model [18.51393825471691]
  Honeypots struggle with balancing flexibility, interaction depth, and deceptive capability. We introduce HoneyGPT, a pioneering honeypot architecture based on ChatGPT. We present a structured prompt engineering framework that augments long-term interaction memory and robust security analytics.
  arXiv  Detail & Related papers  (2024-06-04T01:31:20Z)
• Diffusion Model for Data-Driven Black-Box Optimization [54.25693582870226]
  We focus on diffusion models, a powerful generative AI technology, and investigate their potential for black-box optimization. We study two practical types of labels: 1) noisy measurements of a real-valued reward function and 2) human preference based on pairwise comparisons. Our proposed method reformulates the design optimization problem into a conditional sampling problem, which allows us to leverage the power of diffusion models.
  arXiv  Detail & Related papers  (2024-03-20T00:41:12Z)
• Emergency Caching: Coded Caching-based Reliable Map Transmission in Emergency Networks [9.423705897088672]
  We propose a three-layer architecture of caching networks focusing on data collection and reliable transmission. We propose a disaster map collection framework that integrates coded caching technologies. Our proposed scheme is more effective than the non-coding caching scheme, as validated by simulation.
  arXiv  Detail & Related papers  (2024-02-27T14:44:11Z)
• Optimally Blending Honeypots into Production Networks: Hardness and Algorithms [11.847370655794608]
  Honeypot is an important cyber defense technique that can expose attackers new attacks. In this paper, we initiate a systematic study on characterizing the cybersecurity effectiveness of a new paradigm of deploying honeypots.
  arXiv  Detail & Related papers  (2024-01-12T18:54:51Z)
• ILCAS: Imitation Learning-Based Configuration-Adaptive Streaming for Live Video Analytics with Cross-Camera Collaboration [53.29046841099947]
  This paper proposes the first imitation learning (IL) based configuration-adaptive live video analytics (VA) streaming system. ILCAS trains the agent with demonstrations collected from the expert which is designed as an offline optimal policy. experiments confirm the superiority of ILCAS compared with state-of-the-art solutions, with 2-20.9% improvement of mean accuracy and 19.9-85.3% reduction of chunk upload lag.
  arXiv  Detail & Related papers  (2023-08-19T16:20:59Z)
• Heterogeneous Continual Learning [88.53038822561197]
  We propose a novel framework to tackle the continual learning (CL) problem with changing network architectures. We build on top of the distillation family of techniques and modify it to a new setting where a weaker model takes the role of a teacher. We also propose Quick Deep Inversion (QDI) to recover prior task visual features to support knowledge transfer.
  arXiv  Detail & Related papers  (2023-06-14T15:54:42Z)
• HoneyCar: A Framework to Configure HoneypotVulnerabilities on the Internet of Vehicles [5.248912296890883]
  The Internet of Vehicles (IoV) has promising socio-economic benefits but also poses new cyber-physical threats. Data on vehicular attackers can be realistically gathered through cyber threat intelligence using systems like honeypots. We present HoneyCar, a novel decision support framework for honeypot deception.
  arXiv  Detail & Related papers  (2021-11-03T17:31:56Z)
• Pareto-Frontier-aware Neural Architecture Generation for Diverse Budgets [93.79297053429447]
  Existing methods often perform an independent architecture search for each target budget. We propose a general architecture generator that automatically produces effective architectures for an arbitrary budget merely via model inference. Extensive experiments on three platforms (i.e., mobile, CPU, and GPU) show the superiority of the proposed method over existing NAS methods.
  arXiv  Detail & Related papers  (2021-02-27T13:59:17Z)
• Multi-Scale Boosted Dehazing Network with Dense Feature Fusion [92.92572594942071]
  We propose a Multi-Scale Boosted Dehazing Network with Dense Feature Fusion based on the U-Net architecture. We show that the proposed model performs favorably against the state-of-the-art approaches on the benchmark datasets as well as real-world hazy images.
  arXiv  Detail & Related papers  (2020-04-28T09:34:47Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.