Cargando…

Containerized cloud-based honeypot deception for tracking attackers

Discovering malicious packets amid a cloud of normal activity, whether you use an IDS or gather and analyze machine and device log files on company infrastructure, may be challenging and time consuming. The vulnerability landscape is rapidly evolving, and it will only become worse as more and more d...

Descripción completa

Detalles Bibliográficos
Autores principales: Priya, V. S. Devi, Chakkaravarthy, S. Sibi
Formato: Online Artículo Texto
Lenguaje:English
Publicado: Nature Publishing Group UK 2023
Materias:
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9876893/
https://www.ncbi.nlm.nih.gov/pubmed/36697488
http://dx.doi.org/10.1038/s41598-023-28613-0
_version_ 1784878263457284096
author Priya, V. S. Devi
Chakkaravarthy, S. Sibi
author_facet Priya, V. S. Devi
Chakkaravarthy, S. Sibi
author_sort Priya, V. S. Devi
collection PubMed
description Discovering malicious packets amid a cloud of normal activity, whether you use an IDS or gather and analyze machine and device log files on company infrastructure, may be challenging and time consuming. The vulnerability landscape is rapidly evolving, and it will only become worse as more and more developing technologies, such as IoT, Industrial Automation, CPS, Digital Twins, etc are digitally connected. A honey trap aids in identifying malicious packets easily as, after a few rapid calibrations to eliminate false positives. Besides analyzing and reporting particular invasion patterns or toolkits exploited, it also assists in preventing access to actual devices by simulating the genuine systems and applications functioning in the network thus delaying as well as baffling the invader. In order to analyze and evaluate the hackers’ behavior, an ensemble of research honeypot detectors has been deployed in our work. This paper delivers a robust outline of the deployment of containerized honeypot deployment, as a direct consequence, these are portable, durable, and simple to deploy and administer. The instrumented approach was monitored and generated countless data points on which significant judgments about the malevolent users’ activities and purpose could be inferred.
format Online
Article
Text
id pubmed-9876893
institution National Center for Biotechnology Information
language English
publishDate 2023
publisher Nature Publishing Group UK
record_format MEDLINE/PubMed
spelling pubmed-98768932023-01-27 Containerized cloud-based honeypot deception for tracking attackers Priya, V. S. Devi Chakkaravarthy, S. Sibi Sci Rep Article Discovering malicious packets amid a cloud of normal activity, whether you use an IDS or gather and analyze machine and device log files on company infrastructure, may be challenging and time consuming. The vulnerability landscape is rapidly evolving, and it will only become worse as more and more developing technologies, such as IoT, Industrial Automation, CPS, Digital Twins, etc are digitally connected. A honey trap aids in identifying malicious packets easily as, after a few rapid calibrations to eliminate false positives. Besides analyzing and reporting particular invasion patterns or toolkits exploited, it also assists in preventing access to actual devices by simulating the genuine systems and applications functioning in the network thus delaying as well as baffling the invader. In order to analyze and evaluate the hackers’ behavior, an ensemble of research honeypot detectors has been deployed in our work. This paper delivers a robust outline of the deployment of containerized honeypot deployment, as a direct consequence, these are portable, durable, and simple to deploy and administer. The instrumented approach was monitored and generated countless data points on which significant judgments about the malevolent users’ activities and purpose could be inferred. Nature Publishing Group UK 2023-01-25 /pmc/articles/PMC9876893/ /pubmed/36697488 http://dx.doi.org/10.1038/s41598-023-28613-0 Text en © The Author(s) 2023 https://creativecommons.org/licenses/by/4.0/Open AccessThis article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/ (https://creativecommons.org/licenses/by/4.0/) .
spellingShingle Article
Priya, V. S. Devi
Chakkaravarthy, S. Sibi
Containerized cloud-based honeypot deception for tracking attackers
title Containerized cloud-based honeypot deception for tracking attackers
title_full Containerized cloud-based honeypot deception for tracking attackers
title_fullStr Containerized cloud-based honeypot deception for tracking attackers
title_full_unstemmed Containerized cloud-based honeypot deception for tracking attackers
title_short Containerized cloud-based honeypot deception for tracking attackers
title_sort containerized cloud-based honeypot deception for tracking attackers
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9876893/
https://www.ncbi.nlm.nih.gov/pubmed/36697488
http://dx.doi.org/10.1038/s41598-023-28613-0
work_keys_str_mv AT priyavsdevi containerizedcloudbasedhoneypotdeceptionfortrackingattackers
AT chakkaravarthyssibi containerizedcloudbasedhoneypotdeceptionfortrackingattackers