New York

LondonBeijing

Special Offers
- Charleston Conference Discount
  We are offering a 15% discount on all books across our three subjects: Business & Management; Science, Technology, & Medicine; and Education & Social Sciences. Use Code CC2025 at checkout to receive 15% off your order of print or e-books on our Online Bookstore. When hosted on the InfoSci^® Platform, e-books feature no DRM, no additional cost for unlimited-user licensing, full-text PDF & HTML formats, and more.
  Browse Titles
- IGI Global Scientific Publishing Launches International Brand Ambassador Program
  IGI Global Scientific Publishing has launched a new Ambassador Program, designed to empower research professionals to help spread scholarly resources and foster global research engagement. As a local, mid-sized publisher, this initiative offers IGI Global Scientific Publishing an exciting opportunity to expand its global presence in the academic community and foster meaningful connections among scholars around the world. With currently over 130 ambassadors worldwide, these scholarly experts are dedicated to supporting the publisher’s initiative of disseminating cutting-edge research.
  Learn More
- Our e-Book Collection
  Access the IGI Global Scientific Publishing e-Book Collection and explore 10,000+ e-Books (175,000+ chapters) spanning Business & Management; Science, Technology, & Medicine; and Education & Social Sciences. Hosted on the InfoSci^® platform, the collection features no DRM, no hosting or maintenance fees, no additional cost for unlimited-user licensing, full-text PDF & HTML format, and more. Use AI-Powered Search Engine to explore the latest research findings.
  Access Now
Books
- - Books by Subject
  - Business, Administration, & Management
  - Scientific, Technical, & Medical (STM)
  - Education & Social Sciences
  - Books by Field
Journals
- - Journals
  - OnDemand Journal Articles
  - Journals by Subject
  - Business, Administration, & Management
  - Scientific, Technical, & Medical (STM)
  - Education & Social Sciences
  - Journals by Field
e-Collections
OnDemand
Open Access
- View All Open Access Opportunities
  Search across all available IGI Global Scientific Publishing open access publishing opportunities to unleash your research potential.
  Find an Open Access Journal for Your Next Manuscript
  Search across all available IGI Global Scientific Publishing open access publishing opportunities to unleash your research potential.
  Submit an Open Access Book Proposal
  Learn more about open access book publishing and how it can propel your research forward in the field.
  Convert Your Work to Open Access
  Already published? You can convert your work to open access to increase its impact through the IGI Global Scientific Publishing Restrospective Open Access Program.
  Utilize Open Access Collection Database
  Open up your research potential by utilizing our open access content or integrating the open access collection into your library
  Consider Open Access Agreements
  For Libraries: consider no-cost or investment-level open access agreements with IGI Global Scientific Publishing to support your faculty's research endeavors.
  Search Funding Resources
  Looking for additional funding resources to support your open access endeavors? View industry resources compiled by our open access team.
  Review Open Access Policies & Ethical Guidelines
  Considering IGI Global Scientific Publishing to publish your work under open access? Review the IGI Global Scientific Publishing open access policies and ethical guidelines
Publish with Us
Resources
- - Instructors
  - Course Adoption
  - Teaching Cases
  - K-12 Online Learning Collection
  - Authors and Editors
  - eEditorial Discovery^® System
  - Peer Review Process
  - Ethics and Malpractice
  - COPE Membership
  - Fair Use Policy
  - Open Access Publishing
  - FAQ
Catalogs
About Us

The Role of Deception in Securing Our Cyberspace: Honeypots Are a Viable Option

Banyatsang Mphago (Botswana International University of Science and Technology, Botswana), Dimane Mpoeleng (Botswana International University of Science and Technology, Botswana), and Shedden Masupe (Botswana Institute for Technology Research and Innovation, Botswana)

Source Title: Applications of Machine Learning and Deep Learning for Privacy and Cybersecurity

DOI: 10.4018/978-1-7998-9430-8.ch005

OnDemand:

(Individual Chapters)

Available

$37.50

Current Special Offers

No Current Special Offers

Abstract

The use of deception systems is a viable option in reducing the never-ending tussle between the attackers and the defenders. The deception systems give the defenders an edge over their counterparts since they provide the platform to learn the methods and techniques the attackers use. However, the effectiveness of the deception system is highly dependent on how they truly hide their identity. A deceptive honeypot has the capacity to persuade and change the cognitive behavior of an attacker. An attacker whose cognitive behavior has been altered by the deception capabilities of a honeypot is more likely to reveal his attack methods; hence, the defenders are able to learn how to defend against those future attacks.

Chapter Preview

Top

Background

Honeypot Definitions

Honeypots are special systems designed to track and trap attackers and learn their attack methods. They are special in the sense that they are not a solution but rather a general technology that do not solve a specific security problem which is continuously changing, and can be involved in many facets of security such as information gathering, detection, and prevention (Verizon, 2019). Security researchers and administrators often use honeypots to unobtrusively track and monitor what malicious attackers are doing in order to compromise computer resources. A honeypot is a tool designed to learn the attack methods the adversaries use to query and exploit vulnerabilities in a system. So, a honeypot is a security resource whose value lies in being probed, attacked, or compromised (WhiteHatSecurity, 2016).

Several definitions for the term `honeypot' have been proposed, and below we present some of those definitions:

•
Definition 1: “a honeypot is a security resource whose value lies in being probed, attacked and compromised” (Spitzner, 2002).
•
Definition 2: “a honeypot is a computer which has been configured to some extent to seem normal to an attacker, but actually logs and observes what the attacker does” (Gibbens, 1999).
•
Definition 3: “a honeypot is a general computing resource whose sole task is to be probed, attacked, and compromised, used or accessed in any other unauthorized way” (Grudziecki et al., 2012).

For the purpose of this chapter, we adopt definition 1 mainly because rather than being specific to a particular security resource like the rest, the definition describes a honeypot in a more general sense, of which we believe a general term `honeypot' should be defined.

Key Terms in this Chapter

Local Descriptor Table (LDT): A memory table used in the x86 architecture in protected mode and containing memory segment descriptors: address start in linear memory, size, executability, writability, access privilege, actual presence in memory, etc.

Decision Theory: A branch of applied probability theory concerned with the theory of making decisions based on assigning probabilities to various factors and assigning numerical consequences to the outcome.

Global Descriptor Table (GDT): A data structure used by Intel x86-family processors starting with the 80286 to define the characteristics of the various memory areas used during program execution, including the base address, the size, and access privileges like executability and writability.

User-Mode Linux: An architectural port of the Linux kernel to its own system call interface, which enables multiple virtual Linux kernel-based operating systems to run as an application within a normal Linux system.

Complete Chapter List

Search this Book:

Reset

MLA

APA

Chicago

Export Reference