An Application of Jeeves for Honeypot Sanitization

Webster, Ashton

View/Open

CS-TR-5057.pdf (290.6Kb)
No. of downloads: 131

Date

2018-02-15

Author

Webster, Ashton

DRUM DOI

https://doi.org/10.13016/M2KW57K85

Metadata

Show full item record

Abstract

Being able to quickly create realistic honeypots is very useful for obtaining accurate information about attacker behavior. However, creating realistic honeypots requires sanitization of the original system from which the honeypot is derived. To achieve this the use of the Jeeves, a language based on faceted values, is extended to rapidly replace secret values with believable and non-interfering sanitized values. By making several changes to the source code of Jelf, a web server implemented in Jeeves, we are able to quickly and easily create sanitized honeypots. Our experiments show that the sanitized and unsanitized versions of Jelf only differ in response times by less than 1%.

URI

http://hdl.handle.net/1903/20500

Collections

Technical Reports of the Computer Science Department