학술논문
Measuring Honeypots based on CTF game
Document Type
Conference
Source
2022 IEEE 10th Jubilee International Conference on Computational Cybernetics and Cyber-Medical Systems (ICCC) Computational Cybernetics and Cyber-Medical Systems (ICCC), 2022 IEEE 10th Jubilee International Conference on. :000123-000128 Jul, 2022
Subject
Language
Abstract
Defensive deception is increasingly being used in cybersecurity, both to improve the effectiveness of defensive methods and to analyse attack techniques and attacker behaviour. One of the oldest and most common tools of defensive deception is the honeypot, which is a lightweight but fake target disguised to distract attackers from real services and targets, while detecting an ongoing attack and sending alert about intrusion. However, due to their frequent deployment, there is a need to measure the effectiveness and performance of these systems for comparability and optimisation. The main objective of our research is to identify indicators, based on different criteria, that allow to measure the performance of honeypot systems and to compare them. Since our honeypot system is implemented in a university environment, we test it through capture the flag games and use the log data collected to measure the effectiveness of honeypot and analyse the behaviour of the attackers and the techniques used.