37 research outputs found
To What Extent Are Honeypots and Honeynets Autonomic Computing Systems?
Cyber threats, such as advanced persistent threats (APTs), ransomware, and
zero-day exploits, are rapidly evolving and demand improved security measures.
Honeypots and honeynets, as deceptive systems, offer valuable insights into
attacker behavior, helping researchers and practitioners develop innovative
defense strategies and enhance detection mechanisms. However, their deployment
involves significant maintenance and overhead expenses. At the same time, the
complexity of modern computing has prompted the rise of autonomic computing,
aiming for systems that can operate without human intervention. Recent honeypot
and honeynet research claims to incorporate autonomic computing principles,
often using terms like adaptive, dynamic, intelligent, and learning. This study
investigates such claims by measuring the extent to which autonomic principles
principles are expressed in honeypot and honeynet literature. The findings
reveal that autonomic computing keywords are present in the literature sample,
suggesting an evolution from self-adaptation to autonomic computing
implementations. Yet, despite these findings, the analysis also shows low
frequencies of self-configuration, self-healing, and self-protection keywords.
Interestingly, self-optimization appeared prominently in the literature. While
this study presents a foundation for the convergence of autonomic computing and
deceptive systems, future research could explore technical implementations in
sample articles and test them for autonomic behavior. Additionally,
investigations into the design and implementation of individual autonomic
computing principles in honeypots and determining the necessary ratio of these
principles for a system to exhibit autonomic behavior could provide valuable
insights for both researchers and practitioners.Comment: 18 pages, 3 figures, 5 table
A Survey of Botnet Detection Techniques by Command and Control Infrastructure
Botnets have evolved to become one of the most serious threats to the Internet and there is substantial research on both botnets and botnet detection techniques. This survey reviewed the history of botnets and botnet detection techniques. The survey showed traditional botnet detection techniques rely on passive techniques, primarily honeypots, and that honeypots are not effective at detecting peer-to-peer and other decentralized botnets. Furthermore, the detection techniques aimed at decentralized and peer-to-peer botnets focus on detecting communications between the infected bots. Recent research has shown hierarchical clustering of flow data and machine learning are effective techniques for detecting botnet peer-to-peer traffic
A green scheduling algorithm for cloud-based honeynets
Modern businesses leverage cloud architecture to achieve agile and cost-effective technology services. Doing so comes at the expense of the environment though cloud technologies consume large quantities of energy. Cloud energy consumption is concerning in light of global climate trends and dwindling fossil fuel reserves. Consequently, increasing attention is given to sustainable and green cloud computing, which seeks to optimize compute-resource allocation and usage of virtualized systems and services. At the same time, progress toward sustainable and green cloud technology is impeded because as more enterprises deploy services into cloud architecture, cybersecurity threats follow. Unfortunately, cybersecurity technologies are optimized for maximum service overwatch without regard for compute resources and energy. This negates the energy reduction achieved in recent sustainable technology advancements. In this work, a generalized cybersecurity honeynet scheduling algorithm is proposed, in which power, CPU, and network overhead are operationalized to increase sustainability while balancing defensive mechanisms. The work describes both the mathematical foundation for the algorithm and a pseudocode proof of concept
Laser ablation construction of on-column reagent addition devices for capillary electrophoresis
A simple and reproducible technique for constructing perfectly aligned gaps in fused-silica capillaries has been developed for postcolumn reagent addition with capillary electrophoresis. This technique uses laser ablation with the second harmonic of a Nd:YAG laser (532 nm) at 13.5 mJ/pulse and a repetition rate of 15 Hz to create these gaps. A capillary is glued to a microscope slide and positioned at the focal point of a cylindrical lens using the focused beam from a laser pointer as a reference. Gaps of 14.0 ± 2.2 μm (n = 33) at the bore of the capillary are produced with a success rate of 94% by ablation with 400 pulses. This simple method of gap construction requires no micromanipulation under a microscope, hydrofluoric acid etching, or use of column fittings. These structures have been used for reagent addition for postcolumn derivatization with laser-induced fluorescence detection and have been tested for the separation of proteins and amino acids. Detection limits of 6 × 10-7 and 1 × 10-8 M have been obtained for glycine and tranferrin, respectively. Separation efficiencies obtained using these gap reactors range from 38 000 to 213 000 theoretical plates