Deploying and Analyzing Containerized Honeypots in the Cloud with T-Pot

Abstract

Honeypots (decoy systems) are effective tools to monitor cyberattack and intrusion attempts, but it is challenging to deploy enough of them to catch a sufficient amount of such activity. With cyberattacks on the rise, specifically those targeting critical infrastructure, better suspicious-traffic collection methods must be developed. This thesis explores the deployment and use of cloud-based honeypots within an open-source honeypot management framework, T-Pot. Instances of T-Pot ran honeypots that simulated a web server and an electrical-power distribution system, and their traffic was compared to previous local and cloud-based standalone honeypot deployments. The results showed that the cloud deployments received more traffic than local deployments and that the use of T-Pot did not discourage intrusions or attacks. T-Pot bundlessecurity analysis tools and services for analyzing cloud-scale data, enabling more robust cyber defense for critical infrastructure and Department of Defense networks.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Sep 01, 2021
Accession Number
AD1164506

Entities

People

  • Alexander D Washofsky

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies
  • Engineered Resilient Systems

DTIC Thesaurus Topics

  • Application Protocols
  • Cloud Computing
  • Computer Network Security
  • Computer Networks
  • Computer Science
  • Computers
  • Control Systems
  • Cyberattacks
  • Cybersecurity
  • Data Analysis
  • Department Of Defense
  • Detection
  • Geographic Regions
  • Governments
  • Intrusion Detectors
  • Load Monitoring
  • Network Protocols
  • Network Science
  • Power Distribution
  • Transport Protocols
  • United States

Fields of Study

  • Computer science

Readers

  • Cybersecurity.

Technology Areas

  • Cyber