Análisis de intrusiones cibernéticas con el uso del Honeypots. Una revisión sistemática / Análise de invasões cibernéticas usando Honeypots. Uma revisão sistemática

Authors

  • Henrry Javier Rentería Macias
  • Jimmy Fernando Ramírez Márquez
  • Carlos Simón Plata Cabrera
  • Jonathan Patricio Cárdenas Ruperti
  • Rómulo Sandino Jurado Calero

DOI:

https://doi.org/10.34115/basrv5n6-012

Keywords:

Honeypots, detección de intrusiones, seguridad informática, sistema de detección de intrusiones.

Abstract

Honeypot o sistema señuelo diseñado para ser el objetivo de un atacante en las intrusiones cibernéticas además puede recopilar información sobre técnicas y comportamientos de ataque. Se ha realizado una gran cantidad de trabajo en el campo de la detección de intrusiones en la red durante las últimas tres décadas. Con las redes cada vez más rápidas y con la creciente dependencia de Internet tanto a nivel personal como comercial, la detección de intrusos se convierte en un proceso desafiante. El desafío aquí no es solo poder monitorear activamente un gran número de sistemas, sino también poder reaccionar rápidamente a diferentes eventos. Antes de desplegar un honeypot es recomendable tener una idea clara de lo que debe y no debe hacer el honeypot. Debe haber una comprensión clara de los sistemas operativos que se utilizarán y los servicios (como un servidor web, servidor ftp, etc.) que ejecutará un honeypot. Se deben tener en cuenta los riesgos involucrados y se deben comprender los métodos para abordar o reducir estos riesgos. También es recomendable tener un plan sobre qué hacer en caso de que el honeypot se vea comprometido. La presente revisión sistemática aborda el estado actual de la investigación ligada a la detección de intrusiones usando honeypots. La recopilación de información científica se apoyó en el sistema Mendeley, seleccionándose 32 artículos luego de la evaluación de calidad que tuvo como base criterios de inclusión y exclusión previamente establecidos.

References

Abe, S., Tanaka, Y., Uchida, Y., & Horata, S. (2017). Tracking attack sources based on traceback honeypot for ICS network. Paper presented at the 2017 56th Annual Conference of the Society of Instrument and Control Engineers of Japan (SICE).

Agrawal, N., & Tapaswi, S. J. I. J. o. W. I. N. (2017). The performance analysis of honeypot based intrusion detection system for wireless network. 24(1), 14-26.

Ali, P. D., & Kumar, T. G. (2017). Malware capturing and detection in dionaea honeypot. Paper presented at the 2017 Innovations in Power and Advanced Computing Technologies (i-PACT).

Anirudh, M., Thileeban, S. A., & Nallathambi, D. J. (2017). Use of honeypots for mitigating DoS attacks targeted on IoT networks. Paper presented at the 2017 International conference on computer, communication and signal processing (ICCCSP).

Bhagat, N., & Arora, B. (2018). Intrusion detection using honeypots. Paper presented at the 2018 Fifth International Conference on Parallel, Distributed and Grid Computing (PDGC).

Campbell, R. M., Padayachee, K., & Masombuka, T. (2015). A survey of honeypot research: Trends and opportunities. Paper presented at the 2015 10th international conference for internet technology and secured transactions (ICITST).

Carrasco, A., Ropero, J., de Clavijo, P. R., Benjumea, J., & Luque, A. (2018). A Proposal for a New Way of Classifying Network Security Metrics: Study of the Information Collected through a Honeypot. Paper presented at the 2018 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C).

Dodson, M., Beresford, A. R., & Vingaard, M. (2020). Using global honeypot networks to detect targeted ICS attacks. Paper presented at the 2020 12th International Conference on Cyber Conflict (CyCon).

Fan, W., Du, Z., Fernández, D., & Villagrá, V. A. J. I. S. J. (2017). Enabling an anatomic view to investigate honeypot systems: A survey. 12(4), 3906-3919.

Fraunholz, D., Zimmermann, M., Anton, S. D., Schneider, J., & Schotten, H. D. (2017). Distributed and highly-scalable wan network attack sensing and sophisticated analysing framework based on honeypot technology. Paper presented at the 2017 7th International Conference on Cloud Computing, Data Science & Engineering-Confluence.

Fraunholz, D., Zimmermann, M., & Schotten, H. D. (2017). An adaptive honeypot configuration, deployment and maintenance strategy. Paper presented at the 2017 19th International Conference on Advanced Communication Technology (ICACT).

Innab, N., Alomairy, E., & Alsheddi, L. (2018). Hybrid system between anomaly based detection system and honeypot to detect zero day attack. Paper presented at the 2018 21st Saudi Computer Society National Computer Conference (NCC).

Jeremiah, J. (2019). Intrusion detection system to enhance network security using raspberry pi honeypot in kali linux. Paper presented at the 2019 International Conference on Cybersecurity (ICoCSec).

Kemppainen, S., & Kovanen, T. (2018). Honeypot utilization for network intrusion detection. In Cyber Security: Power and Technology (pp. 249-270): Springer.

Kılınç, H. H., & Acar, O. F. (2018). Analysis of attack and attackers on VoIP Honeypot environment. Paper presented at the 2018 26th Signal Processing and Communications Applications Conference (SIU).

Krishnaveni, S., Prabakaran, S., Sivamohan, S. J. J. o. C., & Nanoscience, T. (2018). A survey on honeypot and honeynet systems for intrusion detection in cloud environment. 15(9-10), 2949-2953.

Kumar, S., Janet, B., & Eswari, R. (2019). Multi platform honeypot for generation of cyber threat intelligence. Paper presented at the 2019 IEEE 9th International Conference on Advanced Computing (IACC).

Lacerda, A., Rodrigues, J., Macedo, J., & Albuquerque, E. (2017). Deployment and analysis of honeypots sensors as a paradigm to improve security on systems. Paper presented at the 2017 Internet Technologies and Applications (ITA).

Martínez Santander, C., Yoo, S. G., Moreno, H. O. J. C. i. C., & Information Science, vol. CITI , p. 186-198. Analysis of traditional web security solutions and proposal of a web attacks cognitive patterns classifier architecture.

Mushtakov, R. E., Silnov, D. S., Tarakanov, O. V., & Bukharov, V. A. (2018). Investigation of modern attacks using proxy honeypot. Paper presented at the 2018 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus).

Naik, N., & Jenkins, P. (2018). Discovering hackers by stealth: Predicting fingerprinting attacks on honeypot systems. Paper presented at the 2018 IEEE International Systems Engineering Symposium (ISSE).

Pandire, P. A., & Gaikwad, V. B. (2018). Attack detection in cloud virtual environment and prevention using honeypot. Paper presented at the 2018 International Conference on Inventive Research in Computing Applications (ICIRCA).

Polyakov, V. V., & Lapin, S. A. (2018). Architecture of the Honeypot System for Studying Targeted Attacks. Paper presented at the 2018 XIV International Scientific-Technical Conference on Actual Problems of Electronics Instrument Engineering (APEIE).

Sekar, K., Gayathri, V., Anisha, G., Ravichandran, K., & Manikandan, R. (2018). Dynamic honeypot configuration for intrusion detection. Paper presented at the 2018 2nd International Conference on Trends in Electronics and Informatics (ICOEI).

Sembiring, I. (2016). Implementation of honeypot to detect and prevent distributed denial of service attack. Paper presented at the 2016 3rd International Conference on Information Technology, Computer, and Electrical Engineering (ICITACEE).

Sharma, P., & Nagpal, B. J. I. J. o. I. T. (2018). HONEYDOS: a hybrid approach using data mining and honeypot to counter denial of service attack and malicious packets. 1-10.

Surnin, O., Hussain, F., Hussain, R., Ostrovskaya, S., Polovinkin, A., Lee, J., & Fernando, X. (2019). Probabilistic estimation of honeypot detection in Internet of things environment. Paper presented at the 2019 International Conference on Computing, Networking and Communications (ICNC).

Taran, A., & Silnov, D. S. (2017). Research of attacks on MySQL servers using HoneyPot technology. Paper presented at the 2017 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus).

Uitto, J., Rauti, S., Laurén, S., & Leppänen, V. (2017). A survey on anti-honeypot and anti-introspection methods. Paper presented at the World Conference on Information Systems and Technologies.

Veena, K., & Meena, K. J. C. C. (2019). Implementing file and real time based intrusion detections in secure direct method using advanced honeypot. 22(6), 13361-13368.

Vishwakarma, R., & Jain, A. K. (2019). A honeypot with machine learning based detection framework for defending IoT based Botnet DDoS attacks. Paper presented at the 2019 3rd International Conference on Trends in Electronics and Informatics (ICOEI).

Wafi, H., Fiade, A., Hakiem, N., & Bahaweres, R. B. (2017). Implementation of a modern security systems honeypot honey network on wireless networks. Paper presented at the 2017 International Young Engineers Forum (YEF-ECE).

Zobal, L., Kolář, D., & Fujdiak, R. (2019). Current state of honeypots and deception strategies in cybersecurity. Paper presented at the 2019 11th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT).

Published

2021-12-28

How to Cite

Macias, H. J. R., Márquez, J. F. R., Cabrera, C. S. P., Ruperti, J. P. C., & Calero, R. S. J. (2021). Análisis de intrusiones cibernéticas con el uso del Honeypots. Una revisión sistemática / Análise de invasões cibernéticas usando Honeypots. Uma revisão sistemática. Brazilian Applied Science Review, 5(6), 2218–2248. https://doi.org/10.34115/basrv5n6-012

Issue

Section

Original articles