Lightweight deception systems using honeypot techniques
Traditional defences against cyber threats such as Intrusion detection system or firewall were found to be lacking in this age and time. These defences lack the means to detect advanced persistent threats, zero-day vulnerabilities and rapid emergence of new malware variants. Honeypots were used t...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
2018
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/10356/74358 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-74358 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-743582023-03-03T20:49:51Z Lightweight deception systems using honeypot techniques Lee, Timothy Kok Kiang Lam Kwok Yan School of Computer Science and Engineering DRNTU::Engineering::Computer science and engineering::Information systems::Models and principles Traditional defences against cyber threats such as Intrusion detection system or firewall were found to be lacking in this age and time. These defences lack the means to detect advanced persistent threats, zero-day vulnerabilities and rapid emergence of new malware variants. Honeypots were used to supplement traditional defences as it is able to provide intelligence on an attacker’s Tactics Techniques and Procedures (TTP). However, the deployment of honeypot systems is usually complicated and costly causing it to be out of reach for smaller market players. This project aims to design a lightweight honeypot architecture and explain why a lightweight solution is desirable. Then, an evaluation of the proposed lightweight honeypot architecture is conducted based on its ability to handle the number of concurrent connections. Research is first conducted on different honeypot systems exploring several design factors before proposing a solution. Then, the proposed solution is implemented and tested for its performance. There are 2 core concepts in the proposed solution – cluster technology and container virtualization. Lightweight honeypot architecture showed much more flexibility compared to its traditional counterparts. By incorporating the 2 core concepts, the cost and complexity of deployment has been reduced making it a feasible solution for smaller market players. Further work could be done on hardening the security of the architecture or implementing a machine learning module to correlate Security Information and Events Management (SIEM) logs. Bachelor of Engineering (Computer Science) 2018-05-16T09:04:35Z 2018-05-16T09:04:35Z 2018 Final Year Project (FYP) http://hdl.handle.net/10356/74358 en Nanyang Technological University 38 p. application/pdf |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
DRNTU::Engineering::Computer science and engineering::Information systems::Models and principles |
| spellingShingle |
DRNTU::Engineering::Computer science and engineering::Information systems::Models and principles Lee, Timothy Kok Kiang Lightweight deception systems using honeypot techniques |
| description |
Traditional defences against cyber threats such as Intrusion detection system or firewall were
found to be lacking in this age and time. These defences lack the means to detect advanced
persistent threats, zero-day vulnerabilities and rapid emergence of new malware variants.
Honeypots were used to supplement traditional defences as it is able to provide intelligence on
an attacker’s Tactics Techniques and Procedures (TTP). However, the deployment of honeypot
systems is usually complicated and costly causing it to be out of reach for smaller market
players.
This project aims to design a lightweight honeypot architecture and explain why a lightweight
solution is desirable. Then, an evaluation of the proposed lightweight honeypot architecture is
conducted based on its ability to handle the number of concurrent connections.
Research is first conducted on different honeypot systems exploring several design factors
before proposing a solution. Then, the proposed solution is implemented and tested for its
performance. There are 2 core concepts in the proposed solution – cluster technology and
container virtualization.
Lightweight honeypot architecture showed much more flexibility compared to its traditional
counterparts. By incorporating the 2 core concepts, the cost and complexity of deployment has
been reduced making it a feasible solution for smaller market players. Further work could be
done on hardening the security of the architecture or implementing a machine learning module
to correlate Security Information and Events Management (SIEM) logs. |
| author2 |
Lam Kwok Yan |
| author_facet |
Lam Kwok Yan Lee, Timothy Kok Kiang |
| format |
Final Year Project |
| author |
Lee, Timothy Kok Kiang |
| author_sort |
Lee, Timothy Kok Kiang |
| title |
Lightweight deception systems using honeypot techniques |
| title_short |
Lightweight deception systems using honeypot techniques |
| title_full |
Lightweight deception systems using honeypot techniques |
| title_fullStr |
Lightweight deception systems using honeypot techniques |
| title_full_unstemmed |
Lightweight deception systems using honeypot techniques |
| title_sort |
lightweight deception systems using honeypot techniques |
| publishDate |
2018 |
| url |
http://hdl.handle.net/10356/74358 |
| _version_ |
1759854610421383168 |