Uploaded byKirtiGoyal25
PPT, PDF189 views

Honeypot

A honeypot is a security mechanism designed to detect and counter unauthorized access to information systems by simulating real system vulnerabilities. They can be classified into low-interaction and high-interaction types, serving various purposes like prevention, detection, or research. While honeypots are effective for studying hacker behavior and gathering data, they require careful implementation and maintenance due to associated risks.

Embed presentation

Download to read offline
Honeypots
Introduction A honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems They are the highly flexible security tool with different applications for security. They don't fix a single problem. Instead they have multiple uses, such as prevention, detection, or information gathering A honeypot is an information system resource whose value lies in unauthorized or illicit use of that resource
What is a Honey Pot? • A Honey Pot is an intrusion detection technique used to study hackers movements
What is a Honey Pot?(cont.) • Virtual machine that sits on a network or a client • Goals  Should look as real as possible!  Should be monitored to see if its being used to launch a massive attack on other systems  Should include files that are of interest to the hacker
Classification By level of interaction • High • Low By Implementation • Virtual • Physical By purpose • Production • Research
Interaction Low interaction Honeypots •They have limited interaction, they normally work by emulating services and operating systems •They simulate only services that cannot be exploited to get complete access to the honeypot •Attacker activity is limited to the level of emulation by the honeypot •Examples of low-interaction honeypots include Specter, Honeyd, and KFsensor
Interaction High interaction Honeypots • They are usually complex solutions as they involve real operating systems and applications •Nothing is emulated, the attackers are given the real thing •A high-interaction honeypot can be compromised completely, allowing an adversary to gain full access to the system and use it to launch further network attacks •Examples of high-interaction honeypots include Symantec Decoy Server and Honeynets
• Physical • Real machines • Own IP Addresses • Often high-interactive • Virtual • Simulated by other machines that: – Respond to the traffic sent to the honeypots – May simulate a lot of (different) virtual honeypots at the same time Implementation
• Production honeypots are easy to use, capture only limited information, and are used primarily by companies or corporations • Prevention • To keep the bad elements out • There are no effective mechanisms • Deception, Deterrence, Decoys do NOT work against automated attacks: worms, auto-rooters, mass-rooters • Detection • Detecting the burglar when he breaks in • Response • Can easily be pulled offline Production
• Research honeypots are complex to deploy and maintain, capture extensive information, and are used primarily by research, military, or government organizations. • Collect compact amounts of high value information • Discover new Tools and Tactics • Understand Motives, Behavior, and Organization • Develop Analysis and Forensic Skills Research
Advantages • Small data sets of high value. • Easier and cheaper to analyze the data • Designed to capture anything thrown at them, including tools or tactics never used before • Require minimal resources • Work fine in encrypted or IPv6 environments • Can collect in-depth information • Conceptually very simple
Disadvantages • Can only track and capture activity that directly interacts with them • All security technologies have risk • Building, configuring, deploying and maintaining a high-interaction honeypot is time consuming • Difficult to analyze a compromised honeypot • High interaction honeypot introduces a high level of risk • Low interaction honeypots are easily detectable by skilled attackers
Working of Honeynet – High – interaction honeypot • Honeynet has 3 components:  Data control  Data capture  Data analysis
Working of Honeyd – Low – interaction honeypot  Open Source and designed to run on Unix systems  Concept - Monitoring unused IP space
Conclusion • Not a solution! • Can collect in depth data which no other technology can • Different from others – its value lies in being attacked, probed or compromised • Extremely useful in observing hacker movements and preparing the systems for future attacks
References http://www.authorstream.com/Presentation/juhi1988-111469-ppt- honeypot-honeypotppt1-science-technology-powerpoint/ http://www.tracking-hackers.com/papers/honeypots.html http://en.wikipedia.org/wiki/Honeypot_%28computing%29
Thank you Questions

More Related Content

PPSX
Honeypot and deception
bymilad saber
 
PPTX
Honeypot a trap to hackers
byBhaskarasai Chitturi
 
PPT
Honeypot
byAkhil Sahajan
 
PPTX
Honeypots and honeynets
byRasool Irfan
 
PDF
LT02 IDNOG04 - Charles Lim (Indonesia Honeynet Project) - Using Honeypot to d...
byIndonesia Network Operators Group
 
PPTX
Honeypot
byumarani95
 
PPTX
Honeypot
byChandrak Trivedi
 
PPTX
online investigation
byfortune777
 
Honeypot and deception
bymilad saber
 
Honeypot a trap to hackers
byBhaskarasai Chitturi
 
Honeypot
byAkhil Sahajan
 
Honeypots and honeynets
byRasool Irfan
 
LT02 IDNOG04 - Charles Lim (Indonesia Honeynet Project) - Using Honeypot to d...
byIndonesia Network Operators Group
 
Honeypot
byumarani95
 
Honeypot
byChandrak Trivedi
 
online investigation
byfortune777
 

What's hot

PPTX
Honey pots
byAlok Singh
 
PPT
Lesson 3- Effectiveness of IDPS
byMLG College of Learning, Inc
 
PPT
All about Honeypots & Honeynets
byMehdi Poustchi Amin
 
PDF
Visualizing Threats: Network Visualization for Cyber Security
byCambridge Intelligence
 
PPTX
CS8792 - Cryptography and Network Security
byvishnukp34
 
PPTX
Infosec 2015 - Using threat intelligence to improve security response
byHuntsman Security
 
PDF
Andrew kozma - security 101 - atlseccon2011
byAtlantic Security Conference
 
PPTX
IMA - Anatomy of an Attack - Presentation- 28Aug15
byBenjamin D. Brooks, CISSP
 
PPTX
DIGITAL FORENSICS_PRESENTATION
byAmina Baha
 
PPTX
Introduction to Cyber Forensics Module 1
byAnpumathews
 
PPTX
Advanced Persistent Threats (APTs) - Information Security Management
byMayur Nanotkar
 
PPTX
ETHICAL HACKING BY HRITIK JAGE
byHritik Jage
 
PPT
Select idps
byInfo-Tech Research Group
 
PPTX
Cyber security
byJahirUddinKomol
 
PPTX
Aegis Personal Cybersecurity 101
byNick Powers
 
PDF
Ansaldo STS at CPExpo 2013: "Risks and Security Management in Logistics and ...
byLeonardo
 
PPT
Lesson 1 - Technical Controls
byMLG College of Learning, Inc
 
PDF
Incident handling of cyber espionage
byMarie Elisabeth Gaup Moe
 
PPTX
Data protection and security
bynazar60
 
PPT
Information Security Lesson 2 - Attackers and Attacks - Eric Vanderburg
byEric Vanderburg
 
Honey pots
byAlok Singh
 
Lesson 3- Effectiveness of IDPS
byMLG College of Learning, Inc
 
All about Honeypots & Honeynets
byMehdi Poustchi Amin
 
Visualizing Threats: Network Visualization for Cyber Security
byCambridge Intelligence
 
CS8792 - Cryptography and Network Security
byvishnukp34
 
Infosec 2015 - Using threat intelligence to improve security response
byHuntsman Security
 
Andrew kozma - security 101 - atlseccon2011
byAtlantic Security Conference
 
IMA - Anatomy of an Attack - Presentation- 28Aug15
byBenjamin D. Brooks, CISSP
 
DIGITAL FORENSICS_PRESENTATION
byAmina Baha
 
Introduction to Cyber Forensics Module 1
byAnpumathews
 
Advanced Persistent Threats (APTs) - Information Security Management
byMayur Nanotkar
 
ETHICAL HACKING BY HRITIK JAGE
byHritik Jage
 
Select idps
byInfo-Tech Research Group
 
Cyber security
byJahirUddinKomol
 
Aegis Personal Cybersecurity 101
byNick Powers
 
Ansaldo STS at CPExpo 2013: "Risks and Security Management in Logistics and ...
byLeonardo
 
Lesson 1 - Technical Controls
byMLG College of Learning, Inc
 
Incident handling of cyber espionage
byMarie Elisabeth Gaup Moe
 
Data protection and security
bynazar60
 
Information Security Lesson 2 - Attackers and Attacks - Eric Vanderburg
byEric Vanderburg
 

Similar to Honeypot

PPT
Honeypots.ppt
byBhanuriBharathkumar
 
PPT
Description on Honeypots in Cyber Security
bySumaiyaSk
 
PPTX
Honey po tppt
byArya AR
 
PPT
Honey Pot
byiradarji
 
PPT
Honeypot
byAkhil Sahajan
 
PPTX
Honeypot ss
byKajal Mittal
 
DOCX
Honeypots
byJyoti Nagargoje
 
PPT
Honeypot honeynet
bySina Manavi
 
DOC
Honeypots
byShiva Krishna Chandra Shekar
 
PDF
Honeypots
byBilal ZIANE
 
PDF
IJET-V3I2P16
byIJET - International Journal of Engineering and Techniques
 
PDF
Honeypots for Network Security
byKiruba buri R
 
PDF
Olll
bynannukaur
 
PPTX
Honey pots
byDivya korrapati
 
PPTX
Honeypot
bySushan Sharma
 
PDF
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...
byIJERD Editor
 
PPTX
Honeypots (Ravindra Singh Rathore)
byRavindra Singh Rathore
 
PPTX
honey pots introduction and its types
byVishal Tandel
 
PPTX
Honeypot
byShashwat Shriparv
 
PPTX
Honeypot ppt1
bysamrat saurabh
 
Honeypots.ppt
byBhanuriBharathkumar
 
Description on Honeypots in Cyber Security
bySumaiyaSk
 
Honey po tppt
byArya AR
 
Honey Pot
byiradarji
 
Honeypot
byAkhil Sahajan
 
Honeypot ss
byKajal Mittal
 
Honeypots
byJyoti Nagargoje
 
Honeypot honeynet
bySina Manavi
 
Honeypots
byShiva Krishna Chandra Shekar
 
Honeypots
byBilal ZIANE
 
IJET-V3I2P16
byIJET - International Journal of Engineering and Techniques
 
Honeypots for Network Security
byKiruba buri R
 
Olll
bynannukaur
 
Honey pots
byDivya korrapati
 
Honeypot
bySushan Sharma
 
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...
byIJERD Editor
 
Honeypots (Ravindra Singh Rathore)
byRavindra Singh Rathore
 
honey pots introduction and its types
byVishal Tandel
 
Honeypot
byShashwat Shriparv
 
Honeypot ppt1
bysamrat saurabh
 

Recently uploaded

PDF
Networking 2 Syllabus using cisco packet tracer simulator
byODINARARCH
 
PPTX
Mind Sound Resonance Technique (MSRT) Teacher Training Course.pptx
byKaruna Yoga Vidya Peetham
 
PDF
AI Girlfriend Platforms Compared 2026 AI Angels Janitor AI Character AI Candy AI
byAi Angels
 
PDF
HYBRID APP DEVELOPMENT AND TECHNOLOGY 01
bydavidjohansen1597
 
PDF
Think before you Click (Ligap Project) - SI Ebhonu at FGGC.pdf
bySylvester Ebhonu
 
PPTX
Cybersecurity cyber incident Weeks_7_to_9.pptx
byriaz59
 
Networking 2 Syllabus using cisco packet tracer simulator
byODINARARCH
 
Mind Sound Resonance Technique (MSRT) Teacher Training Course.pptx
byKaruna Yoga Vidya Peetham
 
AI Girlfriend Platforms Compared 2026 AI Angels Janitor AI Character AI Candy AI
byAi Angels
 
HYBRID APP DEVELOPMENT AND TECHNOLOGY 01
bydavidjohansen1597
 
Think before you Click (Ligap Project) - SI Ebhonu at FGGC.pdf
bySylvester Ebhonu
 
Cybersecurity cyber incident Weeks_7_to_9.pptx
byriaz59
 

Honeypot

  • 1.
  • 2.
    Introduction A honeypot is a trapset to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems They are the highly flexible security tool with different applications for security. They don't fix a single problem. Instead they have multiple uses, such as prevention, detection, or information gathering A honeypot is an information system resource whose value lies in unauthorized or illicit use of that resource
  • 3.
    What is aHoney Pot? • A Honey Pot is an intrusion detection technique used to study hackers movements
  • 4.
    What is aHoney Pot?(cont.) • Virtual machine that sits on a network or a client • Goals  Should look as real as possible!  Should be monitored to see if its being used to launch a massive attack on other systems  Should include files that are of interest to the hacker
  • 5.
    Classification By level ofinteraction • High • Low By Implementation • Virtual • Physical By purpose • Production • Research
  • 6.
    Interaction Low interaction Honeypots •Theyhave limited interaction, they normally work by emulating services and operating systems •They simulate only services that cannot be exploited to get complete access to the honeypot •Attacker activity is limited to the level of emulation by the honeypot •Examples of low-interaction honeypots include Specter, Honeyd, and KFsensor
  • 7.
    Interaction High interaction Honeypots • Theyare usually complex solutions as they involve real operating systems and applications •Nothing is emulated, the attackers are given the real thing •A high-interaction honeypot can be compromised completely, allowing an adversary to gain full access to the system and use it to launch further network attacks •Examples of high-interaction honeypots include Symantec Decoy Server and Honeynets
  • 8.
    • Physical • Realmachines • Own IP Addresses • Often high-interactive • Virtual • Simulated by other machines that: – Respond to the traffic sent to the honeypots – May simulate a lot of (different) virtual honeypots at the same time Implementation
  • 9.
    • Production honeypots areeasy to use, capture only limited information, and are used primarily by companies or corporations • Prevention • To keep the bad elements out • There are no effective mechanisms • Deception, Deterrence, Decoys do NOT work against automated attacks: worms, auto-rooters, mass-rooters • Detection • Detecting the burglar when he breaks in • Response • Can easily be pulled offline Production
  • 10.
    • Research honeypots arecomplex to deploy and maintain, capture extensive information, and are used primarily by research, military, or government organizations. • Collect compact amounts of high value information • Discover new Tools and Tactics • Understand Motives, Behavior, and Organization • Develop Analysis and Forensic Skills Research
  • 11.
    Advantages • Small datasets of high value. • Easier and cheaper to analyze the data • Designed to capture anything thrown at them, including tools or tactics never used before • Require minimal resources • Work fine in encrypted or IPv6 environments • Can collect in-depth information • Conceptually very simple
  • 12.
    Disadvantages • Can onlytrack and capture activity that directly interacts with them • All security technologies have risk • Building, configuring, deploying and maintaining a high-interaction honeypot is time consuming • Difficult to analyze a compromised honeypot • High interaction honeypot introduces a high level of risk • Low interaction honeypots are easily detectable by skilled attackers
  • 13.
    Working of Honeynet– High – interaction honeypot • Honeynet has 3 components:  Data control  Data capture  Data analysis
  • 14.
    Working of Honeyd– Low – interaction honeypot  Open Source and designed to run on Unix systems  Concept - Monitoring unused IP space
  • 15.
    Conclusion • Not asolution! • Can collect in depth data which no other technology can • Different from others – its value lies in being attacked, probed or compromised • Extremely useful in observing hacker movements and preparing the systems for future attacks
  • 16.
  • 17.