An Optimized Low-Level Interaction Glastopf Honeypot for Accurate Detection of Fake Honeypot using OMNET++ Simulation

No Thumbnail Available

Date

2023-12

Journal Title

Journal ISSN

Volume Title

Publisher

Lead City University

Abstract

Securing cloud-based information has become the most critical aspect in computing, owing to different methods adopted by attackers to steal vital information. Most system developers focus their information security on defensive mechanisms against attackers, this has proven to be inactive as attackers continuously explore ways to gain unauthorized access to cyberspace information, which has necessitated more effective, robust, and efficient models to mitigate threats posed by Cyber criminals. Hence, the design of an optimized web-based low-interaction Glastopf honeypot for the accurate gathering of Attackers' intelligence information and detection of fake honeypot systems using the OMNET++ Simulation tool. This study aims to assess the effectiveness of the Glastopf honeypot in collecting relevant intelligence on attackers, detecting fake honeypot systems, analyses the honeypot's ability to capture and record attackers' actions, including their exploitation methods, tools used, and payloads deployed. It also evaluates the honeypot's ability to provide valuable insights into attackers' motivations, intentions, and potential targets. An extensive experiment was conducted by setting up a virtual system with OMNET++ simulation running on Ubuntu web-server on the back end while on the front end was windows operating system where Glastopf honeypot was configured in a controlled environment. The study injects Hornet 40 data sets of attacks collected from six different cloud servers into the server to test Glastopf honeypot. Multiple attack scenarios were simulated, involving various types of attackers and attack vectors. The honeypot's logs, network traffic captures, and other relevant data are collected and analyzed using automated techniques. The results of the experiment provide insights into the Glastopf honeypot’s effectiveness in gathering intelligence information and make Glastopf honeypot a good cyber security tool, but would perform better when deployed with IDS and firewalls, thereby recommended for organizations but would not be suitable for individuals due to the installation technicality involved. Keywords: Deception Technology, Honeypot, IDS, OMNET++, Glastopf, Web Application Word Count: 298 words

Description

Keywords

Optimized Low-Level Interaction, Glastopf Honeypot, Detection of Fake Honeypot using OMNET++ Simulation, Deception Technology

Citation

Kate Turabian