To What Extent Are Honeypots and Honeynets Autonomic Computing Systems?

Cyber threats, such as advanced persistent threats (APTs), ransomware, and zero-day exploits, are rapidly evolving and demand improved security measures. Honeypots and honeynets, as deceptive systems, offer valuable insights into attacker behavior, helping researchers and practitioners develop innovative defense strategies and enhance detection mechanisms. However, their deployment involves significant maintenance and overhead expenses. At the same time, the complexity of modern computing has prompted the rise of autonomic computing, aiming for systems that can operate without human intervention. Recent honeypot and honeynet research claims to incorporate autonomic computing principles, often using terms like adaptive, dynamic, intelligent, and learning. This study investigates such claims by measuring the extent to which autonomic principles principles are expressed in honeypot and honeynet literature. The findings reveal that autonomic computing keywords are present in the literature sample, suggesting an evolution from self-adaptation to autonomic computing implementations. Yet, despite these findings, the analysis also shows low frequencies of self-configuration, self-healing, and self-protection keywords. Interestingly, self-optimization appeared prominently in the literature. While this study presents a foundation for the convergence of autonomic computing and deceptive systems, future research could explore technical implementations in sample articles and test them for autonomic behavior. Additionally, investigations into the design and implementation of individual autonomic computing principles in honeypots and determining the necessary ratio of these principles for a system to exhibit autonomic behavior could provide valuable insights for both researchers and practitioners.Comment: 18 pages, 3 figures, 5 table

A Survey of Botnet Detection Techniques by Command and Control Infrastructure

Botnets have evolved to become one of the most serious threats to the Internet and there is substantial research on both botnets and botnet detection techniques. This survey reviewed the history of botnets and botnet detection techniques. The survey showed traditional botnet detection techniques rely on passive techniques, primarily honeypots, and that honeypots are not effective at detecting peer-to-peer and other decentralized botnets. Furthermore, the detection techniques aimed at decentralized and peer-to-peer botnets focus on detecting communications between the infected bots. Recent research has shown hierarchical clustering of flow data and machine learning are effective techniques for detecting botnet peer-to-peer traffic

A green scheduling algorithm for cloud-based honeynets

Modern businesses leverage cloud architecture to achieve agile and cost-effective technology services. Doing so comes at the expense of the environment though cloud technologies consume large quantities of energy. Cloud energy consumption is concerning in light of global climate trends and dwindling fossil fuel reserves. Consequently, increasing attention is given to sustainable and green cloud computing, which seeks to optimize compute-resource allocation and usage of virtualized systems and services. At the same time, progress toward sustainable and green cloud technology is impeded because as more enterprises deploy services into cloud architecture, cybersecurity threats follow. Unfortunately, cybersecurity technologies are optimized for maximum service overwatch without regard for compute resources and energy. This negates the energy reduction achieved in recent sustainable technology advancements. In this work, a generalized cybersecurity honeynet scheduling algorithm is proposed, in which power, CPU, and network overhead are operationalized to increase sustainability while balancing defensive mechanisms. The work describes both the mathematical foundation for the algorithm and a pseudocode proof of concept

Laser ablation construction of on-column reagent addition devices for capillary electrophoresis

A simple and reproducible technique for constructing perfectly aligned gaps in fused-silica capillaries has been developed for postcolumn reagent addition with capillary electrophoresis. This technique uses laser ablation with the second harmonic of a Nd:YAG laser (532 nm) at 13.5 mJ/pulse and a repetition rate of 15 Hz to create these gaps. A capillary is glued to a microscope slide and positioned at the focal point of a cylindrical lens using the focused beam from a laser pointer as a reference. Gaps of 14.0 ± 2.2 μm (n = 33) at the bore of the capillary are produced with a success rate of 94% by ablation with 400 pulses. This simple method of gap construction requires no micromanipulation under a microscope, hydrofluoric acid etching, or use of column fittings. These structures have been used for reagent addition for postcolumn derivatization with laser-induced fluorescence detection and have been tested for the separation of proteins and amino acids. Detection limits of 6 × 10-7 and 1 × 10-8 M have been obtained for glycine and tranferrin, respectively. Separation efficiencies obtained using these gap reactors range from 38 000 to 213 000 theoretical plates