2 research outputs found
EVHS - Elastic Virtual Honeypot System for SDNFV-Based Networks
The SDNFV-based network has leveraged the advantages of software-defined networking (SDN) and network-function virtualization (NFV) to become the most prominent network architecture. However, with the advancement of the SDNFV-based network, more attack types have emerged. This research focuses on one of the methods (use of the honeypot system) of preventing these attacks on the SDNFV-based network. We introduce an SDNFV-based elastic virtual honeypot system (EVHS), which not only resolves problems of other current honeypot systems but also employs a new approach to efficiently manage and control honeypots. It uses a network-intrusion-detection system (NIDS) at the border of the network to detect attacks, leverages the advantages of SDN and NFV to flexibly generate honeypots, and connects attackers to these honeypots by using a moving-target defense mechanism. Furthermore, we optimize the system to efficiently reuse the available honeypots after the attacks are handled. Experimental results validate that the proposed system is a flexible and efficient approach to manage and provide virtual honeypots in the SDNFV-based network; the system can also resolve the problems encountered by current honeypot systems
HoneyDOC: An Efficient Honeypot Architecture Enabling All-Round Design
Honeypots are designed to trap the attacker with the purpose of investigating
its malicious behavior. Owing to the increasing variety and sophistication of
cyber attacks, how to capture high-quality attack data has become a challenge
in the context of honeypot area. All-round honeypots, which mean significant
improvement in sensibility, countermeasure and stealth, are necessary to tackle
the problem. In this paper, we propose a novel honeypot architecture termed
HoneyDOC to support all-round honeypot design and implementation. Our HoneyDOC
architecture clearly identifies three essential independent and collaborative
modules, Decoy, Captor and Orchestrator. Based on the efficient architecture, a
Software-Defined Networking (SDN) enabled honeypot system is designed, which
supplies high programmability for technically sustaining the features for
capturing high-quality data. A proof-of-concept system is implemented to
validate its feasibility and effectiveness. The experimental results show the
benefits by using the proposed architecture comparing to the previous honeypot
solutions.Comment: Non