HONEYPOTS IN DIGITAL ECONOMY: AN ANALYSIS OF INTRUSION DETECTION AND PREVENTION

Abstract

Today, many organisations are moving their subscriptions to the cloud because the number of clients is increasing day by day. To provide better services to users with less cost, cloud computing is a fair solution. However, use of cloud services has resulted in different issues such as: hosting service, hardware failure and memory allocation of data, in other words - data loss. There is the risk of security breaches by malicious users. Different sets of new security risks and difficulties have occurred in cloud architectures. Most intrusion detection systems (IDS) and intrusion prevention systems (IPS) are designed to deal with multiple types of attacks and there is no single system that can guarantee security from future attacks. Therefore, there is a need for an integrated system that can provide strong insurance against various risks. In this paper, a detailed review of the role of the firewall, intrusion detection and prevention (IDPS), honeypot, and integration of IDPS with honeypot in the security domain of the cloud is illustrated. One way is that an IDPS will look for data packets, if the data is found to be malicious, the system will be transferred to the honeypot via firewall. In the case of integration of IDPS, honeypot is being used to divert the malicious traffic away from the system. Honeypot is a non-violent infrastructure with limited network information. The attacker will understand it as a real environment and go here and there to get basic information. At this point, we can easily find the attacker. Our analysis goal is to provide an easy and concise view of the different security models for cloud architecture.