Name
Abstract | ||
|---|---|---|
In this paper, we describe the design, the implementation and the evaluation of a dynamic honeypot architecture which can be offered as an additional security service for cloud users in a cloud that offers Infrastructure-as-a-Service (IaaS). Honeypots can protect original systems while revealing new and unknown attacks at the same time. The proposed dynamic honeypot architecture detects potential attacks in the initial phases and delays these attacks until a new honeypot virtual machine (VM) is extracted from the original VM which is under attack. The extraction process is a modifying VM live cloning process which leaves sensible data behind and prevents internal data loss. This way, the newly created honeypot VM runs the same software in exactly the same up-to-date configuration. The honeypot controller redirects the delayed attack to the extracted honeypot VM and analyses its impact without risking the integrity of the original target VM. The proposed architecture benefits from the flexibility and adaptability of the cloud. It efficiently protects VMs of cloud users from contemporary network attacks while only few additional cloud resources are temporarily needed. The architecture deceives and misleads an attacker or an attacking source but does not influence the normal work-flow of the original VMs in the cloud. Based on a defined reporting format, cloud users can learn from attacks which have targeted their VMs and discover current misconfigurations and unknown vulnerabilities. |
Year | DOI | Venue |
|---|---|---|
2012 | 10.1145/2381913.2381916 | CCSW |
Keywords | Field | DocType |
architecture deceives,new honeypot virtual machine,dynamic honeypot architecture,honeypot vm,additional cloud resource,cloud computing,modifying vm,cloud user,original vm,honeypot controller,proposed dynamic honeypot architecture,honeypot | Honeypot,Internet privacy,Architecture,Virtual machine,Data loss,Computer security,Computer science,Security as a service,Security service,Software,Operating system,Cloud computing | Conference |
Citations | PageRank | References |
6 | 0.51 | 8 |
Authors | ||
3 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Sebastian Biedermann | 1 | 82 | 7.98 |
| Martin Mink | 2 | 6 | 0.51 |
| Stefan Katzenbeisser | 3 | 1844 | 143.68 |