Будь ласка, використовуйте цей ідентифікатор, щоб цитувати або посилатися на цей матеріал:
http://ds.knu.edu.ua/jspui/handle/123456789/5512
Назва: | The sweet taste of IoT deception: an adaptive honeypot framework for design and evaluation |
Автори: | Morozov, Dmytro S. Yefimenko, Andrii A. Nikitchuk, Tetiana M. Kolomiiets, Roman O. Semerikov, Serhiy O. |
Ключові слова: | adaptive honeypots IoT security deception technology machine learning intrusion detection evaluation metrics critical infrastructure protection cyber threat intelligence software-defined networking collaborative defence |
Дата публікації: | 21-лис-2024 |
Видавництво: | Academy of Cognitive and Natural Sciences |
Бібліографічний опис: | Morozov D. S. The sweet taste of IoT deception: an adaptive honeypot framework for design and evaluation / Dmytro S. Morozov, Andrii A. Yefimenko, Tetiana M. Nikitchuk, Roman O. Kolomiiets, Serhiy O. Semerikov // Journal of Edge Computing. – 2024. – Vol. 3. – Iss. 2. – P. 207–223. – DOI : https://doi.org/10.55056/jec.607 |
Короткий огляд (реферат): | The rapid proliferation of Internet of Things (IoT) devices has introduced unprecedented security challenges for critical infrastructure systems. Honeypots and honeynets have emerged as promising deception technologies for detecting, deflecting, and investigating IoT-specific threats. In this paper, we propose an integrated framework for the design, implementation, and evaluation of adaptive honeypots in IoT environments. The framework consists of two key components: (1) an adaptive honeypot architecture that dynamically adjusts its behaviour based on observed attack patterns and (2) an evaluation methodology with quantitative metrics to assess the effectiveness of IoT honeypots. We discuss the current usage and future potential of this integrated framework in the context of critical infrastructure protection, highlighting challenges and opportunities for collaborative defence against evolving cyber threats. |
Опис: | [1] Abay, N.C., Akcora, C.G., Zhou, Y., Kantarcioglu, M. and Thuraisingham, B., 2019. Using Deep Learning to Generate Relational HoneyData. In: E. Al-Shaer, J. Wei, K.W. Hamlen and C. Wang, eds. Autonomous Cyber Deception: Reasoning, Adaptive Planning, and Evaluation of HoneyThings. Cham: Springer International Publishing, pp.3–19. Available from: https://doi.org/10.1007/978-3-030-02110-8_1. [2] Ahmed, Y., Beyioku, K. and Yousefi, M., 2024. Securing smart cities through machine learning: A honeypot-driven approach to attack detection in Internet of Things ecosystems. IET Smart Cities. Available from: https://doi.org/10.1049/smc2.12084. [3] Antonioli, D. and Tippenhauer, N.O., 2015. MiniCPS: A Toolkit for Security Research on CPS Networks. Proceedings of the First ACM Workshop on Cyber-Physical Systems-Security and/or PrivaCy. New York, NY, USA: Association for Computing Machinery, CPS-SPC ’15, pp.91–100. Available from: https://doi.org/10.1145/2808705.2808715. [4] Balas, E.G., 2004. Honeynet Data Analysis – A Technique For Correlating Sebek And Network Data. DFRWS USA 2004: The fourth annual Digital Forensics Research Workshop. Available from: https://dfrws.org/presentation/honeynet-data-analysis-a-technique-for-correlating-sebek-and-network-data/. [5] Bringer, M.L., Chelmecki, C.A. and Fujinoki, H., 2012. A Survey: Recent Advances and Future Trends in Honeypot Research. International Journal of Computer Network and Information Security, 4(10), p.63–75. Available from: https://doi.org/10.5815/ijcnis.2012.10.07. [6] Conpot: ICS/SCADA Honeypot, 2024. Available from: https://github.com/mushorg/conpot. [7] De, S. and Kar, A.K., 2023. Exploring IoT Applications in Industry 4.0—Insights from Review of Literature. In: P.K. Singh, S.T. Wierzchoń, W. Pawłowski, A.K. Kar and Y. Kumar, eds. IoT, Big Data and AI for Improving Quality of Everyday Life: Present and Future Challenges: IOT, Data Science and Artificial Intelligence Technologies. Cham: Springer International Publishing, pp.15–38. Available from: https://doi.org/10.1007/978-3-031-35783-1_2. [8] dionaea, 2021. Available from: https://github.com/DinoTools/dionaea. [9] Dowling, S., Schukat, M. and Melvin, H., 2017. A ZigBee honeypot to assess IoT cyberattack behaviour. 2017 28th Irish Signals and Systems Conference, ISSC 2017. Institute of Electrical and Electronics Engineers Inc. Available from: https://doi.org/10.1109/ISSC.2017.7983603. [10] Farris, I., Taleb, T., Khettab, Y. and Song, J., 2019. A Survey on Emerging SDN and NFV Security Mechanisms for IoT Systems. IEEE Communications Surveys & Tutorials, 21(1), pp.812–837. Available from: https://doi.org/10.1109/COMST.2018.2862350. [11] Fawaz, A., Bohara, A., Cheh, C. and Sanders, W.H., 2016. Lateral Movement Detection Using Distributed Data Fusion. 2016 IEEE 35th Symposium on Reliable Distributed Systems (SRDS). pp.21–30. Available from: https://doi.org/10.1109/SRDS.2016.014. [12] Felix, M., Safitri, C. and Mandala, R., 2022. Framework for Analyzing Intruder Behavior of IoT Cyber Attacks Based on Network Forensics by Deploying Honeypot Technology. ICOIACT 2022 - 5th International Conference on Information and Communications Technology: A New Way to Make AI Useful for Everyone in the New Normal Era, Proceeding. Institute of Electrical and Electronics Engineers Inc., pp.423–428. Available from: https://doi.org/10.1109/ICOIACT55506.2022.9971886. [13] Hakim, M.A., Aksu, H., Uluagac, A.S. and Akkaya, K., 2018. U-PoT: A Honeypot Framework for UPnP-Based IoT Devices. 2018 ieee 37th international performance computing and communications conference, ipccc 2018. Institute of Electrical and Electronics Engineers Inc. Available from: https://doi.org/10.1109/PCCC.2018.8711321. [14] Huang, L. and Zhu, Q., 2019. Adaptive Honeypot Engagement Through Reinforcement Learning of Semi-Markov Decision Processes. In: T. Alpcan, Y. Vorobeychik, J.S. Baras and G. Dán, eds. Decision and Game Theory for Security. Cham: Springer International Publishing, Lecture Notes in Computer Science, vol. 11836, pp.196–216. Available from: https://doi.org/10.1007/978-3-030-32430-8_13. [15] Jony, A.I. and Arnob, A.K.B., 2024. A long short-term memory based approach for detecting cyber attacks in IoT using CIC-IoT2023 dataset. Journal of Edge Computing, 3(1), p.28–42. Available from: https://doi.org/10.55056/jec.648. [16] Kala, S. and Nalesh, S., 2022. Security and challenges in IoT-enabled systems. In: P. Johri, A. Anand, J. Vain, J. Singh and M. Quasim, eds. System Assurances. Academic Press, Emerging Methodologies and Applications in Modelling, chap. 24, pp.437–445. Available from: https://doi.org/10.1016/B978-0-323-90240-3.00024-2. [17] Kour, K., Goswami, S., Sharma, M., Sivasankar, P.T., Vekariya, V. and Kumari, A., 2022. Honeynet Implementation in Cyber Security Attack Prevention with Data Monitoring System Using AI Technique and IoT 4G Networks. International Journal of Communication Networks and Information Security, 14(3), pp.163–175. Available from: https://doi.org/10.17762/ijcnis.v14i3.5603. [18] Lantz, B., Heller, B. and McKeown, N., 2010. A network in a laptop: rapid prototyping for software-defined networks. Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks. New York, NY, USA: Association for Computing Machinery, Hotnets-IX. Available from: https://doi.org/10.1145/1868447.1868466. [19] Luo, T., Xu, Z., Jin, X., Jia, Y. and Ouyang, X., 2017. IoTCandyJar: Towards an Intelligent-Interaction Honeypot for IoT Devices. BlackHat USA. Available from: https://www.blackhat.com/docs/us-17/thursday/us-17-Luo-Iotcandyjar-Towards-An-Intelligent-Interaction-Honeypot-For-IoT-Devices.pdf. [20] Lygerou, I., Srinivasa, S., Vasilomanolakis, E., Stergiopoulos, G. and Gritzalis, D., 2022. A decentralized honeypot for IoT Protocols based on Android devices. International Journal of Information Security, 21(6), pp.1211–1222. Available from: https://doi.org/10.1007/s10207-022-00605-7. [21] McKeown, N., Anderson, T., Balakrishnan, H., Parulkar, G., Peterson, L., Rexford, J., Shenker, S. and Turner, J., 2008. OpenFlow: enabling innovation in campus networks. SIGCOMM Comput. Commun. Rev., 38(2), p.69–74. Available from: https://doi.org/10.1145/1355734.1355746. [22] Mokube, I. and Adams, M., 2007. Honeypots: concepts, approaches, and challenges. Proceedings of the 45th Annual ACM Southeast Conference. New York, NY, USA: Association for Computing Machinery, ACMSE ’07, p.321–326. Available from: https://doi.org/10.1145/1233341.1233399. [23] Morozov, D.S., Vakaliuk, T.A., Yefimenko, A.A., Nikitchuk, T.M. and Kolomiiets, R.O., 2023. Honeypot and cyber deception as a tool for detecting cyber attacks on critical infrastructure. In: T.A. Vakaliuk and S.O. Semerikov, eds. Proceedings of the 3rd Edge Computing Workshop, Zhytomyr, Ukraine, April 7, 2023. CEUR-WS.org, CEUR Workshop Proceedings, vol. 3374, pp.81–96. Available from: https://ceur-ws.org/Vol-3374/paper06.pdf. [24] Nawrocki, M., Wählisch, M., Schmidt, T.C., Keil, C. and Schönfelder, J., 2016. A Survey on Honeypot Software and Data Analysis. 1608.06249, Available from: https://arxiv.org/abs/1608.06249. [25] Oosterhof, M., 2024. Cowrie SSH/Telnet Honeypot. Available from: https://github.com/cowrie/cowrie. [26] Pa, Y.M.P., Suzuki, S., Yoshioka, K., Matsumoto, T., Kasama, T. and Rossow, C., 2016. IoTPOT: A novel honeypot for revealing current IoT threats. Journal of Information Processing, 24(3), pp.522–533. Available from: https://doi.org/10.2197/ipsjjip.24.522. [27] Pedregosa, F., Varoquaux, G., Gramfort, A., Michel, V., Thirion, B., Grisel, O., Blondel, M., Prettenhofer, P., Weiss, R., Dubourg, V., Vanderplas, J., Passos, A., Cournapeau, D., Brucher, M., Perrot, M. and Duchesnay Édouard, 2011. Scikit-learn: Machine Learning in Python. Journal of Machine Learning Research, 12(85), pp.2825–2830. Available from: http://jmlr.org/papers/v12/pedregosa11a.html. [28] Prathapani, A., Santhanam, L. and Agrawal, D.P., 2009. Intelligent honeypot agent for blackhole attack detection in Wireless Mesh Networks. 2009 IEEE 6th International Conference on Mobile Adhoc and Sensor Systems. pp.753–758. Available from: https://doi.org/10.1109/MOBHOC.2009.5336925. [29] Provos, N., 2004. A Virtual Honeypot Framework. 13th USENIX Security Symposium (USENIX Security 04). San Diego, CA: USENIX Association. Available from: https://www.usenix.org/conference/13th-usenix-security-symposium/virtual-honeypot-framework. [30] Redwood, O., Lawrence, J. and Burmester, M., 2015. A Symbolic Honeynet Framework for SCADA System Threat Intelligence. In: M. Rice and S. Shenoi, eds. Critical Infrastructure Protection IX. Cham: Springer International Publishing, IFIP Advances in Information and Communication Technology, vol. 466, pp.103–118. Available from: https://doi.org/10.1007/978-3-319-26567-4_7. [31] Sayed, M.A., Anwar, A.H., Kiekintveld, C. and Kamhoua, C., 2023. Honeypot Allocation for Cyber Deception in Dynamic Tactical Networks: A Game Theoretic Approach. Available from: https://doi.org/10.48550/arXiv.2308.11817. [32] Semerikov, S., Zubov, D., Kupin, A., Kosei, M. and Holiver, V., 2024. Models and Technologies for Autoscaling Based on Machine Learning for Microservices Architecture. In: V. Lytvyn, A. Kowalska-Styczen and V. Vysotska, eds. Proceedings of the 8th International Conference on Computational Linguistics and Intelligent Systems. Volume I: Machine Learning Workshop, Lviv, Ukraine, April 12-13, 2024. CEUR-WS.org, CEUR Workshop Proceedings, vol. 3664, pp.316–330. Available from: https://ceur-ws.org/Vol-3664/paper22.pdf. [33] Sokol, P., Míšek, J. and Husák, M., 2017. Honeypots and honeynets: issues of privacy. EURASIP Journal on Information Security, 2017(1), p.4. Available from: https://doi.org/10.1186/s13635-017-0057-4. [34] Spitzner, L., 2002. Honeypots: Tracking Hackers. USA: Addison-Wesley Longman Publishing Co., Inc. [35] Tabari, A.Z., Liu, G., Ou, X. and Singhal, A., 2023. Revealing Human Attacker Behaviors Using an Adaptive Internet of Things Honeypot Ecosystem. In: G. Peterson and S. Shenoi, eds. Advances in Digital Forensics XIX: 19th IFIP WG 11.9 International Conference, ICDF 2023, Arlington, Virginia, USA, January 30-31, 2023, Revised Selected Papers. Cham: Springer Nature Switzerland, pp.73–90. Available from: https://doi.org/10.1007/978-3-031-42991-0_5. [36] Tuptuk, N. and Hailes, S., 2018. Security of smart manufacturing systems. Journal of Manufacturing Systems, 47, pp.93–106. Available from: https://doi.org/10.1016/j.jmsy.2018.04.007. [37] Vasilomanolakis, E., Srinivasa, S., Cordero, C.G. and Mühlhäuser, M., 2016. Multi-stage attack detection and signature generation with ICS honeypots. NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium. pp.1227–1232. Available from: https://doi.org/10.1109/NOMS.2016.7502992. [38] Vetterl, A. and Clayton, R., 2019. Honware: A Virtual Honeypot Framework for Capturing CPE and IoT Zero Days. 2019 APWG Symposium on Electronic Crime Research (eCrime). pp.1–13. Available from: https://doi.org/10.1109/eCrime47957.2019.9037501. [39] Vishwakarma, R. and Jain, A.K., 2019. A honeypot with machine learning based detection framework for defending IoT based botnet DDoS attacks. Proceedings of the International Conference on Trends in Electronics and Informatics, ICOEI 2019. Institute of Electrical and Electronics Engineers Inc., pp.1019–1024. Available from: https://doi.org/10.1109/ICOEI.2019.8862720. [40] Wang, M., Santillan, S. and Kuipers, F., 2018. ThingPot: an interactive Internet-of-Things honeypot. Available from: https://doi.org/10.48550/arXiv.1807.04114. |
URI (Уніфікований ідентифікатор ресурсу): | https://acnsci.org/journal/index.php/jec/article/view/607 https://doi.org/10.55056/jec.607 http://ds.knu.edu.ua/jspui/handle/123456789/5512 |
ISSN: | 2837-181X |
Розташовується у зібраннях: | Кафедра професійної та соціально-гуманітарної освіти |
Файли цього матеріалу:
Файл | Опис | Розмір | Формат | |
---|---|---|---|---|
JEC_607_Morozov_et_al.pdf | 801.44 kB | Adobe PDF | Переглянути/Відкрити |
Усі матеріали в архіві електронних ресурсів захищені авторським правом, всі права збережені.