Modeling Malware-driven Honeypots

TitleModeling Malware-driven Honeypots
Publication TypeConference Paper
Year of Publication2017
AuthorsG. Fernandez, A. Nieto, and J. Lopez
Conference Name14th International Conference On Trust, Privacy & Security In Digital Business (TrustBus 2017)
Volume10442
Pagination130-144
Date Published08/2017
PublisherSpringer International Publishing
Conference LocationLyon (France)
Keywordsadaptive, dynamic, Honeypot, intelligence, IOC, malware
Abstract

In this paper we propose the Hogney architecture for the deployment of malware-driven honeypots. This new concept refers to honeypots that have been dynamically configured according to the environment expected by malware. The adaptation mechanism designed here is built on services that offer up-to-date and relevant intelligence information on current threats. Thus, the Hogney architecture takes advantage of recent Indicators Of Compromise (IOC) and information about suspicious activity currently being studied by analysts. The information gathered from these services is then used to adapt honeypots to fulfill malware requirements, inviting them to unleash their full strength.

Citation Key1656
Paper File: 
https://www.nics.uma.es/sites/default/files/papers/1656.pdf

Supported by