Web Application Honeypot Published in the Wild

Abstract

The goal of this project is to create an intelligent system that will be installed under a cybernetic infrastructure, with the purpose of detecting cyber-attacks and learning about their methods of scanning and penetrating. For this project, we aim to examine data generated by the attacker's actions and highlight the value of information provided by them. Thus, we create honeypots that hold “Capture the Flag” type of games in the area of web applications. These games have multiple challenges of varying difficulties aiming to keep the attacker busy in order to learn his behavior. We created a web application with multiple vulnerabilities and published the honeypot in the exposed internet for about 2 months. During this period, we discovered a lot of noise produced by the bots and scrappers that tried to find out relevant information from the machine. Besides this, we found 2 attempts of human interaction that succeeded to solve a couple of vulnerabilities and gave up at one point leaving the challenges unfinished.