Advancing Cybersecurity with Honeypots and Deception Strategies
Cybersecurity threats are becoming more intricate, requiring preemptive actions to safeguard digital assets. This paper examines the function of honeypots as critical instruments for threat detection, analysis, and mitigation. A novel methodology for comparative analysis of honeypots is presented, o...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2025-01-01
|
| Series: | Informatics |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2227-9709/12/1/14 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849342708195262464 |
|---|---|
| author | Zlatan Morić Vedran Dakić Damir Regvart |
| author_facet | Zlatan Morić Vedran Dakić Damir Regvart |
| author_sort | Zlatan Morić |
| collection | DOAJ |
| description | Cybersecurity threats are becoming more intricate, requiring preemptive actions to safeguard digital assets. This paper examines the function of honeypots as critical instruments for threat detection, analysis, and mitigation. A novel methodology for comparative analysis of honeypots is presented, offering a systematic framework to assess their efficacy. Seven honeypot solutions, namely Dionaea, Cowrie, Honeyd, Kippo, Amun, Glastopf, and Thug, are analyzed, encompassing various categories, including SSH and HTTP honeypots. The solutions are assessed via simulated network attacks and comparative analyses based on established criteria, including detection range, reliability, scalability, and data integrity. Dionaea and Cowrie exhibited remarkable versatility and precision, whereas Honeyd revealed scalability benefits despite encountering data quality issues. The research emphasizes the smooth incorporation of honeypots with current security protocols, including firewalls and incident response strategies, while offering comprehensive insights into attackers’ tactics, techniques, and procedures (TTPs). Emerging trends are examined, such as incorporating machine learning for adaptive detection and creating cloud-based honeypots. Recommendations for optimizing honeypot deployment include strategic placement, comprehensive monitoring, and ongoing updates. This research provides a detailed framework for selecting and implementing honeypots customized to organizational requirements. |
| format | Article |
| id | doaj-art-ba50bf02ba7346d18b12eeed2ccd0876 |
| institution | Kabale University |
| issn | 2227-9709 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Informatics |
| spelling | doaj-art-ba50bf02ba7346d18b12eeed2ccd08762025-08-20T03:43:16ZengMDPI AGInformatics2227-97092025-01-011211410.3390/informatics12010014Advancing Cybersecurity with Honeypots and Deception StrategiesZlatan Morić0Vedran Dakić1Damir Regvart2Department of System Engineering and Cybersecurity, Algebra University, 10000 Zagreb, CroatiaDepartment of System Engineering and Cybersecurity, Algebra University, 10000 Zagreb, CroatiaDepartment of System Engineering and Cybersecurity, Algebra University, 10000 Zagreb, CroatiaCybersecurity threats are becoming more intricate, requiring preemptive actions to safeguard digital assets. This paper examines the function of honeypots as critical instruments for threat detection, analysis, and mitigation. A novel methodology for comparative analysis of honeypots is presented, offering a systematic framework to assess their efficacy. Seven honeypot solutions, namely Dionaea, Cowrie, Honeyd, Kippo, Amun, Glastopf, and Thug, are analyzed, encompassing various categories, including SSH and HTTP honeypots. The solutions are assessed via simulated network attacks and comparative analyses based on established criteria, including detection range, reliability, scalability, and data integrity. Dionaea and Cowrie exhibited remarkable versatility and precision, whereas Honeyd revealed scalability benefits despite encountering data quality issues. The research emphasizes the smooth incorporation of honeypots with current security protocols, including firewalls and incident response strategies, while offering comprehensive insights into attackers’ tactics, techniques, and procedures (TTPs). Emerging trends are examined, such as incorporating machine learning for adaptive detection and creating cloud-based honeypots. Recommendations for optimizing honeypot deployment include strategic placement, comprehensive monitoring, and ongoing updates. This research provides a detailed framework for selecting and implementing honeypots customized to organizational requirements.https://www.mdpi.com/2227-9709/12/1/14honeypotsdeception technologycybersecuritythreat detectiondeception |
| spellingShingle | Zlatan Morić Vedran Dakić Damir Regvart Advancing Cybersecurity with Honeypots and Deception Strategies Informatics honeypots deception technology cybersecurity threat detection deception |
| title | Advancing Cybersecurity with Honeypots and Deception Strategies |
| title_full | Advancing Cybersecurity with Honeypots and Deception Strategies |
| title_fullStr | Advancing Cybersecurity with Honeypots and Deception Strategies |
| title_full_unstemmed | Advancing Cybersecurity with Honeypots and Deception Strategies |
| title_short | Advancing Cybersecurity with Honeypots and Deception Strategies |
| title_sort | advancing cybersecurity with honeypots and deception strategies |
| topic | honeypots deception technology cybersecurity threat detection deception |
| url | https://www.mdpi.com/2227-9709/12/1/14 |
| work_keys_str_mv | AT zlatanmoric advancingcybersecuritywithhoneypotsanddeceptionstrategies AT vedrandakic advancingcybersecuritywithhoneypotsanddeceptionstrategies AT damirregvart advancingcybersecuritywithhoneypotsanddeceptionstrategies |