TY - GEN
T1 - An Improved Honeypot Model for Attack Detection and Analysis
AU - Abbas-Escribano, Marwan
AU - Debar, Hervé
N1 - Publisher Copyright:
© 2023 ACM.
PY - 2023/8/29
Y1 - 2023/8/29
N2 - This paper presents a new model and design for honeypots, and the results obtained the implementation and exposure on the internet of an high interaction honeypot. We show that our model can allow higher interaction with attackers while preserving integrity and attractiveness. In our work, we use threat analysis based on the MITRE ATT&CK taxonomy to describe the design and supervision constraints of our honeypot with it's situation in our implemented architecture. We exposed our infrastructure during seventeen days and collected information about several actors and attack methods, from which we extracted previously undocumented Indicators of Compromise.
AB - This paper presents a new model and design for honeypots, and the results obtained the implementation and exposure on the internet of an high interaction honeypot. We show that our model can allow higher interaction with attackers while preserving integrity and attractiveness. In our work, we use threat analysis based on the MITRE ATT&CK taxonomy to describe the design and supervision constraints of our honeypot with it's situation in our implemented architecture. We exposed our infrastructure during seventeen days and collected information about several actors and attack methods, from which we extracted previously undocumented Indicators of Compromise.
KW - Honeypot Deception High Interaction Supervision Analysis Indicator of Compromise MITRE ATT&CK
UR - https://www.scopus.com/pages/publications/85169693399
U2 - 10.1145/3600160.3604993
DO - 10.1145/3600160.3604993
M3 - Conference contribution
AN - SCOPUS:85169693399
T3 - ACM International Conference Proceeding Series
BT - ARES 2023 - 18th International Conference on Availability, Reliability and Security, Proceedings
PB - Association for Computing Machinery
T2 - 18th International Conference on Availability, Reliability and Security, ARES 2023
Y2 - 29 August 2023 through 1 September 2023
ER -