TY - JOUR
T1 - A computational intelligence enabled honeypot for chasing ghosts in the wires
AU - Naik, Nitin
AU - Jenkins, Paul
AU - Savage, Nick
AU - Yang, Longzhi
N1 - This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article’s Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article’s Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/.
PY - 2021/2
Y1 - 2021/2
N2 - A honeypot is a concealed security system that functions as a decoy to entice cyberattackers to reveal their information. Therefore, it is essential to disguise its identity to ensure its successful operation. Nonetheless, cyberattackers frequently attempt to uncover these honeypots; one of the most effective techniques for revealing their identity is a fingerprinting attack. Once identified, a honeypot can be exploited as a zombie by an attacker to attack others. Several effective techniques are available to prevent a fingerprinting attack, however, that would be contrary to the purpose of a honeypot, which is designed to interact with attackers to attempt to discover information relating to them. A technique to discover any attempted fingerprinting attack is highly desirable, for honeypots, while interacting with cyberattackers. Unfortunately, no specific method is available to detect and predict an attempted fingerprinting attack in real-time due to the difficulty of isolating it from other attacks. This paper presents a computational intelligence enabled honeypot that is capable of discovering and predicting an attempted fingerprinting attack by using a Principal components analysis and Fuzzy inference system. This proposed system is successfully tested against the five popular fingerprinting tools Nmap, Xprobe2, NetScanTools Pro, SinFP3 and Nessus.
AB - A honeypot is a concealed security system that functions as a decoy to entice cyberattackers to reveal their information. Therefore, it is essential to disguise its identity to ensure its successful operation. Nonetheless, cyberattackers frequently attempt to uncover these honeypots; one of the most effective techniques for revealing their identity is a fingerprinting attack. Once identified, a honeypot can be exploited as a zombie by an attacker to attack others. Several effective techniques are available to prevent a fingerprinting attack, however, that would be contrary to the purpose of a honeypot, which is designed to interact with attackers to attempt to discover information relating to them. A technique to discover any attempted fingerprinting attack is highly desirable, for honeypots, while interacting with cyberattackers. Unfortunately, no specific method is available to detect and predict an attempted fingerprinting attack in real-time due to the difficulty of isolating it from other attacks. This paper presents a computational intelligence enabled honeypot that is capable of discovering and predicting an attempted fingerprinting attack by using a Principal components analysis and Fuzzy inference system. This proposed system is successfully tested against the five popular fingerprinting tools Nmap, Xprobe2, NetScanTools Pro, SinFP3 and Nessus.
UR - http://link.springer.com/10.1007/s40747-020-00209-5
U2 - 10.1007/s40747-020-00209-5
DO - 10.1007/s40747-020-00209-5
M3 - Article
SN - 2199-4536
VL - 7
SP - 477
EP - 494
JO - Complex & Intelligent Systems
JF - Complex & Intelligent Systems
ER -