Peer-reviewed article
In a digitized world even critical infrastructure relies on computers controlled via networks. Attacking these sensitive infrastructures is highly attractive for intruders, who are frequently a step ahead of defenders. Honey systems (honeypots, honeynets, honeywalls, and honeytoken) seek to counterbalance this situation. Honey systems trap attackers by generating phoney services, nets, or data, thereby preventing them from doing damage to production systems and enable defenders to study attackers without letting intruders initially notice. This paper provides an overview of existing technologies, their use cases, and pitfalls to bear in mind by illustrating various examples. Furthermore, it shows the recent efforts made in the field and examines the challenges that still need to be solved.
@conference{iceis21,
author={Paul Lackner},
title={How to Mock a Bear: Honeypot, Honeynet, Honeywall & Honeytoken: A Survey},
booktitle={Proceedings of the 23rd International Conference on Enterprise Information Systems - Volume 2: ICEIS},
year={2021},
pages={181-188},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010400001810188},
isbn={978-989-758-509-8},
issn={2184-4992},
}
Published: 2021-04-26