Enabling an Anatomic View to Investigate Honeypot Systems: A Survey
Wenjun Fan, Zhihui Du, David Fernandez, and Victor A. Villagra

TL;DR
This survey introduces a novel taxonomy for honeypot systems, analyzing their components and organizational forms to better understand and classify techniques used in honeypot research and development.
Contribution
It presents a new decoy and security program (D-P) based taxonomy for classifying honeypot techniques and applies it to a broad set of existing honeypot systems.
Findings
The taxonomy effectively classifies various honeypot techniques.
It demonstrates the evolution and trends in honeypot development.
The framework aids in understanding the integration of decoys and security programs.
Abstract
A honeypot is a type of security facility deliberately created to be probed, attacked and compromised. It is often used for protecting production systems by detecting and deflecting unauthorized accesses. It is also useful for investigating the behaviour of attackers, and in particular, unknown attacks. For the past 17 years much effort has been invested in the research and development of honeypot based techniques and tools and they have evolved to become an increasingly powerful means of defending against the creations of the blackhat community. In this paper, by studying multiple honeypot systems, the two essential elements of honeypots - the decoy and the security program - are captured and presented, together with two abstract organizational forms - independent and cooperative - in which these two elements can be integrated. A novel decoy and security program (D-P) based taxonomy is…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
