DECEPTIVE DECOYS: COMBINING BELIEVABLE USER AND NETWORK ACTIVITIES AND DECEPTIVE NETWORK SETUP IN ENHANCING EFFECTIVENESS
Journal: International Journal of Electrical Engineering and Technology (IJEET) (Vol.12, No. 6)Publication Date: 2021-06-30
Authors : Edwin K. Serem David M. Mugo Boaz K. Too;
Page : 281-292
Keywords : Decoy; Honeypot; advanced persistent threats (APT); Virtual Machine (VM); Linux Containers (LXC);
Abstract
Cybersecurity threats are a malicious act that seeks to damage, steal, or gain unauthorized access to information. In recent years there has been an attempt by cybersecurity specialists to come up with an effective system that proactively protects the systems from cyber-attacks. Cyber deception is one efficient method that makes use of decoys to entrap attacks and divert them from real systems. However, existing cyber decoys lack efficiency in hiding true identity due to impractical user activity and network simulation. In this paper, we propose a hybrid decoy system that combines the use of two-layered decoys in the front-end and back-end with an SSH tunnel in between. The front-end decoys will capture attacks and forward them to backend decoys for execution and feedback. General HOSTS framework was used to generate believable user and network activities that can effectively convince the attackers that they are attacking the real systems. All attacker activities are logged by Logstash and presented using Grafana with the Kibana user interface. The experimental results demonstrate that our system can effectively misdirect and misinform attackers by combining deceptive network setup and configurations as well as generating fake user and network activities.
Other Latest Articles
- AN ANALYSIS OF SERBIA’S CYBER-POLITICAL HABITAT
- ROBUST FACE RECOGNITION USING HYBRID FEATURES
- ACADEMIC INTEGRITY IN UKRAINIAN UNIVERSITIES: CASE OF ACADEMIC IQ PROJECT IN TNPU
- EFFICIENT CLASSIFICATION OF LAND USE LAND CHANGE OF REMOTE SENSING DATA
- A NORTH INDIAN RAGA RECOGNITION USING ENSEMBLE CLASSIFIER
Last modified: 2021-07-02 19:26:32