A clustered hybrid honeypot architecture

Abstract

Nowadays, when computers and computer systems are almost omnipresent and are part of most households and most people have access to them, they are more vulnerable than ever. Today, protection and security of computer networks and systems using passive protection does not suffice anymore. One has to anticipate attacks and be a step ahead of the attackers. To achieve this type of security, one has to employ active protection techniques, such as digital baits – honeypots. The primary goal of using honeypots is to divert the interest of potential attackers from other really important targets within a particular computer network. The secondary goal is to acquire information about the attackers' activities and methods. Subsequently, these data are thoroughly analysed. By analysing the attacks, security improvement measures aimed at the particular network and/or computer system may be proposed in order to prevent threats. The goal of this paper is to contribute to computer security by proposing a clustered, high-interaction-honeypot-based security system.