HoneyCY: a configurable unified management framework for open-source honeypot services

Abstract

Given the sophisticated nature of cyber attacks, existing passive defensive techniques may soon deemed to be inadequate to protect network and data assets at a satisfactory level. On the other hand, active defenses are promising techniques that are based on a proactive strategy where one anticipates attacks and prepares for the neutralization of the threats. Honeypots are systems, either isolated production systems or emulated ones, that are configured to be deliberately vulnerable, with the ultimate goal to be probed and exploited by attackers. Honeypots are powerful tools, however the inadequate (or lack of) documentation and the high degree of configuration complexity are prohibitive factors in their deployment. In this paper, we present honeyCY, a system that integrates existing honeypots into a single system, offering visualization features via a web interface or an Android app.