Detection and Analysis of Active Attacks using Honeypot
Waqas Ahmad, Muhammad Arsalan Raza, Sabreena Nawaz, Farhana Waqas
Abstract
Honeypots are computer systems specifically deployed to deceive attackers so that they consider them legitimate computers.Honeypots are actually a trap to trick the attackers so that we can learn about their behavior and the attack methods they use.Security experts collect all the relevant information about attack techniques and behavior and take firm actions to strengthen security measures.Although another technique is also being used which is Intrusion Detection and Prevention System (IDPS), but it generates false positives and false negatives, which is a limitation of IDPS.Therefore, to know the behavior, methods, techniques, and signatures of an attacker, the Dionaea honeypot system is used to collect the information regarding cyber-attacks, proving it a more useful way rather than previous traditional methods.Attacks that were captured by the honeypot software reveal the source IP addresses of the attackers and the target host which became the victim of attacks.