 |
7th Annual IEEE Information Assurance Workshop 21-23 June 2006 "The West Point Workshop" United States Military Academy, West Point, New York |
| Chair: LTC Ronald Dodge, Ronald.Dodge@usma.edu | |
|
|
|
Fake Honeypots: A Defensive Tactic for CybespaceNeil Rowe, Binh Duong and E. John CustyThe 7th IEEE Information Assurance Workshop (IAWorkshop 2006)West Point, New York, USA, June 21-23, 2006
AbstractCyber-attackers are becoming more aware of honeypots. They generally want to avoid honeypots since it is hard to spread attacks from them, attacks are thoroughly monitored on them, and some honeypots contain planted false information. This suggests that it could be useful for a computer system to pretend it is a honeypot, to encourage smarter attackers to go away without a fight. We examine here from a number of perspectives how this could be accomplished as a kind of “vaccination” of systems to reduce numbers of attacks and their severity. We develop a mathematical model of what would make an attacker give up. We report experiments with deliberate distortions on text to see at what point people could detect deception, and discover they can respond to subtle clues. We also report experiments with real attackers against a honeypot of increasing obviousness. Results show that attacks on it decreased over time which may indicate that attackers are being scared away. We conclude with some speculation about the escalation of honeypot-antihoneypot techniques.
|
|
