Honeypots and knowledge for network defense

Abstract

Computer networks as part of critical infrastructure facilities and assets for most organizations are facing increasing challenges in defending against various and sophisticated cyber threats, intrusions, and attacks. Knowledge is a key factor in cyber defense, and honeypots could be an effective tool for gaining knowledge for cyber defense. This research paper draws upon a cyber defense knowledge model based on the classic of The Art of War and focuses on the use of honeypots for network intrusion detection. The cyber defense model highlights the role of knowledge (and the lack of knowledge) of strengths and vulnerabilities of yourself and your opponent in cyber defense. This study illustrates the dynamics of the knowledge and its network security benefits using honeypots in a simulation of detection of intrusions and distributed denial of service (DDoS) attacks on a virtual network.