An Application of Jeeves for Honeypot Sanitization

Loading...
Thumbnail Image

Files

CS-TR-5057.pdf (290.61 KB)
No. of downloads: 201

Publication or External Link

Date

2018-02-15

Advisor

Citation

Abstract

Being able to quickly create realistic honeypots is very useful for obtaining accurate information about attacker behavior. However, creating realistic honeypots requires sanitization of the original system from which the honeypot is derived. To achieve this the use of the Jeeves, a language based on faceted values, is extended to rapidly replace secret values with believable and non-interfering sanitized values. By making several changes to the source code of Jelf, a web server implemented in Jeeves, we are able to quickly and easily create sanitized honeypots. Our experiments show that the sanitized and unsanitized versions of Jelf only differ in response times by less than 1%.

Notes

Rights