Automated Honeynet Deployment Strategy for Active Defense in Container-based Cloud

Kong, Tong; Wang, Liming; Ma, Duohe; Xu, Zhen; Yang, Qian; Lu, Zhitong; Lu, Yijun

doi:10.1109/hpcc-smartcity-dss50907.2020.00059

Cited by 6 publications

(10 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The latest honeynet literature describes innovations with deployment architectures. These innovations either seek to make honeynets behave more intelligently (Fan et al, 2015;Fraunholz et al, 2017;Meng et al, 2017) or to improve compute-resource management in some fashion (Kong et al, 2020;Washofsky, 2021). Thus, honeypots and honeynets are migrating to cloud architecture (Brown et al, 2012;Hamad and Omara, 2016;Kelly et al, 2021).…”

Section: Honeypots and Honeynetsmentioning

confidence: 99%

“…Research (Brown et al, 2012;Kumar et al, 2012;Fan et al, 2019) shows the next-generation honeynets consist of virtual systems or containers in a cloud architecture and software-defined networking (SDN). Based on sample honeynet architectures (Fan et al, 2015;Meng et al, 2017;Bao et al, 2018;Kong et al, 2020;Franco et al, 2021), the minimum number of systems in a honeynet is five-a low-interaction honeypot, a high-interaction honeypot, the honeynet controller and logging facility, a screening router, and SDN controller.…”

Section: Honeynet Deployment Architecturesmentioning

confidence: 99%

“…Processing power and virtual hardware requirements are high for honeynets. The high compute-resource utilization is exacerbated by the need for honeynets to optimize toward maximum service exposure and uptime (Kong et al, 2020). Fortunately, elastic and dynamic resource allocation is a cloud computing specialty.…”

Section: Honeynet Deployment Architecturesmentioning

confidence: 99%

“…Resource task scheduling is critical to honeynets because the virtual machine honeynets must always be accessible to maximize capture availability. Obviously, when maximally capturing attack traffic, the honeynet may require significant compute resources under millisecond demand (Bao et al, 2018;Kong et al, 2020). Alternatively, the honeynet idles with minimal compute-resource expenditure.…”

Section: Honeynet Schedulingmentioning

confidence: 99%

“…Accordingly, there is a problem insofar as there are no generalized green computing algorithms applicable to honeynets (More and Ingle, 2017). Furthermore, existing honeynet scheduling algorithms optimize toward maximum service exposure and uptime (Kong et al, 2020). As a consequence, the existing scheduling mechanisms do not consider sustainability a core operational principle.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

A green scheduling algorithm for cloud-based honeynets

Pittman¹,

Alaee²

2023

Front. Sustain.

View full text Add to dashboard Cite

Modern businesses leverage cloud architecture to achieve agile and cost-effective technology services. Doing so comes at the expense of the environment though cloud technologies consume large quantities of energy. Cloud energy consumption is concerning in light of global climate trends and dwindling fossil fuel reserves. Consequently, increasing attention is given to sustainable and green cloud computing, which seeks to optimize compute-resource allocation and usage of virtualized systems and services. At the same time, progress toward sustainable and green cloud technology is impeded because as more enterprises deploy services into cloud architecture, cybersecurity threats follow. Unfortunately, cybersecurity technologies are optimized for maximum service overwatch without regard for compute resources and energy. This negates the energy reduction achieved in recent sustainable technology advancements. In this work, a generalized cybersecurity honeynet scheduling algorithm is proposed, in which power, CPU, and network overhead are operationalized to increase sustainability while balancing defensive mechanisms. The work describes both the mathematical foundation for the algorithm and a pseudocode proof of concept.

show abstract

Section: Honeypots and Honeynetsmentioning

confidence: 99%

Section: Honeynet Deployment Architecturesmentioning

confidence: 99%

Section: Honeynet Deployment Architecturesmentioning

confidence: 99%

Section: Honeynet Schedulingmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

A green scheduling algorithm for cloud-based honeynets

Pittman¹,

Alaee²

2023

Front. Sustain.

View full text Add to dashboard Cite

show abstract

Well Begun is Half Done: An Empirical Study of Exploitability & Impact of Base-Image Vulnerabilities

Haque

Babar

2022

2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)

View full text Add to dashboard Cite

Honeynet optimization strategy based on attack graph

Yang¹,

Li²,

Yang³

et al. 2023

International Conference on Cryptography, Network Security, and Communication Technology (CNSCT 2023)

View full text Add to dashboard Cite

Honeypot is an active defense mechanism in network security protection. Its main purpose is to collect various intrusion information. However, due to the complexity of attacker penetration attacks and the diversity of host vulnerabilities, a simple honeypot can't to meet the defense requirements, so a honeynet system formed by a combination of various honeypots has emerged. But what kind of honeypots are included in the honeynet? How are honeypots connected? What is the reasonable size of the honeynet? These problems are restricting the development of honeynet. Therefore, the research of this paper is to analyze the vulnerability of an nodes in the network by establishing an attack graph, so as to formulate a honeynet deployment strategy. However, due to the difference in the network structure and the size of the honeynet, the effect of security protection will be very different. At the same time, considering the maintenance cost and protection benefits of the honeynet, when adopting a dynamic honeynet deployment method, we need to adjust the type and number of honeypots in the honeynet at any time. This paper uses ant colony algorithm and wolf swarm algorithm to optimize the honeynet, so as to realize the simplification of the attack graph and the dynamic configuration of the honeynet.

show abstract

Automated Honeynet Deployment Strategy for Active Defense in Container-based Cloud

Cited by 6 publications

References 20 publications

A green scheduling algorithm for cloud-based honeynets

A green scheduling algorithm for cloud-based honeynets

Well Begun is Half Done: An Empirical Study of Exploitability & Impact of Base-Image Vulnerabilities

Honeynet optimization strategy based on attack graph

Contact Info

Product

Resources

About