An Adaptive Honeypot Configuration, Deployment and Maintenance Strategy
Daniel Fraunholz, Marc Zimmermann, Hans D. Schotten
TL;DR
This paper introduces a machine learning-based adaptive strategy for automatically configuring, deploying, and maintaining honeypots in networks, reducing manual effort and improving security effectiveness.
Contribution
It presents a novel dynamic honeypot management method that requires no manual configuration or maintenance, enhancing modern network security practices.
Findings
Automated honeypot deployment based on network entity clustering
Reduction in manual configuration and maintenance efforts
Improved adaptability of honeypots in dynamic network environments
Abstract
Since honeypots first appeared as an advanced network security concept they suffer from poor deployment and maintenance strategies. State-of-the-Art deployment is a manual process in which the honeypot needs to be configured and maintained by a network administrator. In this paper we present a method for a dynamic honeypot configuration, deployment and maintenance strategy based on machine learning techniques. Our method features an identification mechanism for machines and devices in a network. These entities are analysed and clustered. Based on the clusters, honeypots are intelligently deployed in the network. The proposed method needs no configuration and maintenance and is therefore a major advantage for the honeypot technology in modern network security.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsNetwork Security and Intrusion Detection · Advanced Malware Detection Techniques · Anomaly Detection Techniques and Applications