• International Journal of Computer Science & Network Security
• /
• v.21 no.1
• /
• pp.162-173
• /
• 2021

The Honeypot is the mechanism that is made to learn more about the attackers like knowing about the method and pattern of attack and is also used to obtain very useful info about all intrusive activities. Honeypots usually categorized according to the interaction's level as (high, medium, low) interaction. The main purpose which is used as honey production and honey research. This paper includes a detailed study of two honeypot tools. The different honey pot findings are put in in this paper to illustrate how honey is working in a real environment and even how it reacts when undesirable interest obtain in this network, and these tools are used to improve the concept of security, protection and confidentiality within or outside the organization to avoid attacks, vulnerabilities and breaches.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.5 no.4
• /
• pp.406-411
• /
• 2010

A honeynet is a closely monitored computing resource that we want to be probed, attacked or compromised. More precisely, a honeypot is "an information system resource whose value lies in unauthorized or illicit use of that resource The value of honeynet is weighed by the information that can be obtained from it. but It's very difficult to deploy Honeynet in Real World, So I focused on Virtual Honeynet. The strength of virtual honeynet is scalability and ease of maintenance. It is inexpensive to deploy and accessible to almost everyone. Compared with physical honeypots, this approach is more lightweight. Instead of deploying a physical computer system that acts as a honeypot, we can also deploy one physical computer that hosts several virtual machines that act as honeypots.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.7 no.2
• /
• pp.279-285
• /
• 2012

Most national critical key infrastructure, such like electricity, nuclear power plant, and petroleum is run on SCADA (Supervisory Control And Data Acquisition) system as the closed network type. These systems have treated the open protocols like TCP/IP, and the commercial operating system, which due to gradually increasing dependence on IT(Information Technology) is a trend. Recently, concerns have been raised about the possibility of these facilities being attacked by cyber terrorists, hacking, or viruses. In this paper, the method to minimize threats and vulnerabilities is proposed, with the virtual honeynet system architecture and the attack detection algorithm, which can detect the unknown attack patterns of Zero-Day Attack are reviewed.

• ETRI Journal
• /
• v.41 no.5
• /
• pp.585-598
• /
• 2019

A cyber-physical system (CPS) is a new mechanism controlled or monitored by computer algorithms that intertwine physical and software components. Advanced persistent threats (APTs) represent stealthy, powerful, and well-funded attacks against CPSs; they integrate physical processes and have recently become an active research area. Existing offensive and defensive processes for APTs in CPSs are usually modeled by incomplete information game theory. However, honeypots, which are effective security vulnerability defense mechanisms, have not been widely adopted or modeled for defense against APT attacks in CPSs. In this study, a honeypot game-theoretical model considering both low- and high-interaction modes is used to investigate the offensive and defensive interactions, so that defensive strategies against APTs can be optimized. In this model, human analysis and honeypot allocation costs are introduced as limited resources. We prove the existence of Bayesian Nash equilibrium strategies and obtain the optimal defensive strategy under limited resources. Finally, numerical simulations demonstrate that the proposed method is effective in obtaining the optimal defensive effect.