HoneyDOC: An Efficient Honeypot Architecture Enabling All-Round Design
- URL: http://arxiv.org/abs/2402.06516v1
- Date: Fri, 9 Feb 2024 16:27:45 GMT
- Title: HoneyDOC: An Efficient Honeypot Architecture Enabling All-Round Design
- Authors: Wenjun Fan, Zhihui Du, Max Smith-Creasey, David Fernández,
- Abstract summary: Honeypots are designed to trap the attacker with the purpose of investigating its malicious behavior.
How to capture high-quality attack data has become a challenge in the context of honeypot area.
All-round honeypots, which mean significant improvement in sensibility, countermeasure and stealth, are necessary to tackle the problem.
- Score: 0.5849783371898033
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Honeypots are designed to trap the attacker with the purpose of investigating its malicious behavior. Owing to the increasing variety and sophistication of cyber attacks, how to capture high-quality attack data has become a challenge in the context of honeypot area. All-round honeypots, which mean significant improvement in sensibility, countermeasure and stealth, are necessary to tackle the problem. In this paper, we propose a novel honeypot architecture termed HoneyDOC to support all-round honeypot design and implementation. Our HoneyDOC architecture clearly identifies three essential independent and collaborative modules, Decoy, Captor and Orchestrator. Based on the efficient architecture, a Software-Defined Networking (SDN) enabled honeypot system is designed, which supplies high programmability for technically sustaining the features for capturing high-quality data. A proof-of-concept system is implemented to validate its feasibility and effectiveness. The experimental results show the benefits by using the proposed architecture comparing to the previous honeypot solutions.
Related papers
- HoneyGPT: Breaking the Trilemma in Terminal Honeypots with Large Language Model [18.51393825471691]
Honeypots struggle with balancing flexibility, interaction depth, and deceptive capability.
We introduce HoneyGPT, a pioneering honeypot architecture based on ChatGPT.
We present a structured prompt engineering framework that augments long-term interaction memory and robust security analytics.
arXiv Detail & Related papers (2024-06-04T01:31:20Z) - Efficient Modulation for Vision Networks [122.1051910402034]
We propose efficient modulation, a novel design for efficient vision networks.
We demonstrate that the modulation mechanism is particularly well suited for efficient networks.
Our network can accomplish better trade-offs between accuracy and efficiency.
arXiv Detail & Related papers (2024-03-29T03:48:35Z) - Diffusion Model for Data-Driven Black-Box Optimization [54.25693582870226]
We focus on diffusion models, a powerful generative AI technology, and investigate their potential for black-box optimization.
We study two practical types of labels: 1) noisy measurements of a real-valued reward function and 2) human preference based on pairwise comparisons.
Our proposed method reformulates the design optimization problem into a conditional sampling problem, which allows us to leverage the power of diffusion models.
arXiv Detail & Related papers (2024-03-20T00:41:12Z) - Emergency Caching: Coded Caching-based Reliable Map Transmission in
Emergency Networks [9.423705897088672]
We propose a three-layer architecture of caching networks focusing on data collection and reliable transmission.
We propose a disaster map collection framework that integrates coded caching technologies.
Our proposed scheme is more effective than the non-coding caching scheme, as validated by simulation.
arXiv Detail & Related papers (2024-02-27T14:44:11Z) - Optimally Blending Honeypots into Production Networks: Hardness and Algorithms [11.847370655794608]
Honeypot is an important cyber defense technique that can expose attackers new attacks.
In this paper, we initiate a systematic study on characterizing the cybersecurity effectiveness of a new paradigm of deploying honeypots.
arXiv Detail & Related papers (2024-01-12T18:54:51Z) - ILCAS: Imitation Learning-Based Configuration-Adaptive Streaming for
Live Video Analytics with Cross-Camera Collaboration [53.29046841099947]
This paper proposes the first imitation learning (IL) based configuration-adaptive live video analytics (VA) streaming system.
ILCAS trains the agent with demonstrations collected from the expert which is designed as an offline optimal policy.
experiments confirm the superiority of ILCAS compared with state-of-the-art solutions, with 2-20.9% improvement of mean accuracy and 19.9-85.3% reduction of chunk upload lag.
arXiv Detail & Related papers (2023-08-19T16:20:59Z) - Heterogeneous Continual Learning [88.53038822561197]
We propose a novel framework to tackle the continual learning (CL) problem with changing network architectures.
We build on top of the distillation family of techniques and modify it to a new setting where a weaker model takes the role of a teacher.
We also propose Quick Deep Inversion (QDI) to recover prior task visual features to support knowledge transfer.
arXiv Detail & Related papers (2023-06-14T15:54:42Z) - What are Attackers after on IoT Devices? An approach based on a
multi-phased multi-faceted IoT honeypot ecosystem and data clustering [11.672070081489565]
Honeypots have been historically used as decoy devices to help researchers gain a better understanding of the dynamic of threats on a network.
In this work, we presented a new approach to creating a multi-phased, multi-faceted honeypot ecosystem.
We were able to collect increasingly sophisticated attack data in each phase.
arXiv Detail & Related papers (2021-12-21T04:11:45Z) - HoneyCar: A Framework to Configure HoneypotVulnerabilities on the
Internet of Vehicles [5.248912296890883]
The Internet of Vehicles (IoV) has promising socio-economic benefits but also poses new cyber-physical threats.
Data on vehicular attackers can be realistically gathered through cyber threat intelligence using systems like honeypots.
We present HoneyCar, a novel decision support framework for honeypot deception.
arXiv Detail & Related papers (2021-11-03T17:31:56Z) - Pareto-Frontier-aware Neural Architecture Generation for Diverse Budgets [93.79297053429447]
Existing methods often perform an independent architecture search for each target budget.
We propose a general architecture generator that automatically produces effective architectures for an arbitrary budget merely via model inference.
Extensive experiments on three platforms (i.e., mobile, CPU, and GPU) show the superiority of the proposed method over existing NAS methods.
arXiv Detail & Related papers (2021-02-27T13:59:17Z) - Multi-Scale Boosted Dehazing Network with Dense Feature Fusion [92.92572594942071]
We propose a Multi-Scale Boosted Dehazing Network with Dense Feature Fusion based on the U-Net architecture.
We show that the proposed model performs favorably against the state-of-the-art approaches on the benchmark datasets as well as real-world hazy images.
arXiv Detail & Related papers (2020-04-28T09:34:47Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.