Honeypots, for a more secure network

By, Lediano DOSKU

Abstract
The ever-increasing reliance on networked systems has brought about a heightened need for robust network security measures. This diploma thesis aims to explore the effectiveness and practicality of employing honeypots as a means to enhance network security. Honeypots are decoy systems that are strategically deployed to attract potential attackers and gather valuable information about their tactics, techniques, and motives. By analyzing the data collected from honeypots, network administrators can gain crucial insights into emerging threats and vulnerabilities, thereby enabling them to fortify their network defenses. This research project will commence with an in-depth examination of honeypot concepts and classifications. It will delve into the various types of honeypots, including high-interaction, low-interaction, and hybrid honeypots, and their respective strengths and weaknesses. Furthermore, the study will explore the deployment strategies and legal considerations associated with honeypots, addressing ethical concerns and potential implications. Case studies will be conducted to showcase the practical applications of honeypots in real world, that help in detecting, deflecting, and mitigating potential cyber threats. In addition to their defensive capabilities, honeypots can play a vital role in understanding attacker behavior, such as their tactics, motives, and skill levels. This thesis will explore the potential of honeypots as early warning systems, enabling network administrators to proactively adapt their security measures and effectively counteract emerging threats.

Key words: high-interaction, low-interaction, hybrid, hacker, firewall, cyber threat, data, log, threat intelligence, false positive, false negative, IPS, IDS, SIEM, OSINT.

https://doi.org/10.58944/zsqz4632