Keywords – Honeypot, Honeynet IntroductionAdvances in Technology and the dependency on them is rapidly increasing gradually. Apart from this, the number of devices connected to a Network is also on its peak. With these ever changing technologies, threats are also increasing day by day. Therefore, it becomes necessary to protect the systems on a network from attackers.There are possibilities of many loopholes in a network. A hacker tries to detect these vulnerabilities in the network and then attack it in order to access the important and confidential information stored on the network. The hacker can also manipulate the sensitive information or can delete the important records.
Hackers can attack using various types of attacks such as denial of service attack, brute force attack, phishing attack, IP Spoofing and many more. These attacks can manipulate the system data or use it for malicious activities. They can also add or delete records of the system.There are various technologies developed for preventing the systems from these attacks.
One of such technology is the Intrusion Detection System. The Intrusion Detection System runs in the background which monitors the system and detects malicious activities on it. However it does not obtain information about the attackers.
Another drawback of the Intrusion Detection System is that in case of heavy traffic on the network, it is difficult to determine which packets are deviated.Honeypot is a system which is deployed on a network in order to detect malicious activities and protect the system from various attacks. Honeypot detects malicious activities and tries to deceive the attacker. The attacker thinks that the system which is being attacked is a real system whereas it is a trap created by the Honeypot. In this process the Honeypot tries to obtain the information about the attacker and also prevent the network from the attacks. In other terms, Honeypot is basically a decoy or a trap.This paper gives an overview of Honeypot and its application in real time systems.
The objective of this paper is to represent the various trends and opportunities for Honeypot researchers. Basic TheoryHoneypotIn a network, if there are too many honeypots deployed then it is known as a Honeynet.According to their use and their involvement, Honeypots can be classified as production and research honeypots.Production Honeypot – Production Honeypots are primary honeypots which only detect the attacks and provide a warning to the attackers.
These honeypots are easy to deploy and provide minimum information about the attacks and attackers, Research Honeypot – Research Honeypots are high level honeypot which are used by researchers or professionals. These honeypots are capable of obtaining information about the attackers as well as the techniques used by the attacker. These honeypot gather as much information as possible. They provide information which can be used for statistical study or investigation.