IJWMT Vol. 14, No. 6, 8 Dec. 2024
Cover page and Table of Contents: PDF (size: 698KB)
PDF (698KB), PP.1-14
Views: 0 Downloads: 0
Honeypot, Web Application Security, Cybersecurity, Attack Mitigation, Decoy Server
Web application honeypots are security tools used to act as a decoy server. Over the past decades, various researches have been done on the topic. Security breaches can cause simple individual user account impersonation to bank database breaches and illegal transactions. Cybersecurity faces the daily challenge of adapting to attackers' evolving methods, including zero-day attacks. This makes intrusion detection and prevention tools unable to detect these attacks. The existing trend within the honeypot technology relies on a predefined and static level of interaction either low, medium, or high. This approach fails to account for the unpredictable nature of attack vectors and makes web application honeypots ineffective against sophisticated attacks. Application logging and request fingerprinting also have no proven methods to employ within a honeypot. A dynamic level of interaction makes the web application honeypot technology better by presenting scalable and manageable control over the attackers. We develop a modular and dynamically interactive web application honeypot capable of detecting broken access control, standard query language injection, cross-site scripting, and path traversal attack targets for web apps. We also incorporate a robust logging and fingerprinting module capable of tracing attacker requests. The proposed web application honeypot achieves an average response time of 523 milliseconds, a throughput of 105 requests per second, and an average engagement of 769.38 seconds. Improving the web application Honeypot helps organizations keep themselves ahead of attackers by empowering the significance of Honeypot. Developing a web application honeypot with a newly designed approach helps other scholars and researchers extend their work.
Yinebeb T. Abewa, Solomon Z. Melese, "Dynamic Interactive Honeypot for Web Application Security", International Journal of Wireless and Microwave Technologies(IJWMT), Vol.14, No.6, pp. 1-14, 2024. DOI:10.5815/ijwmt.2024.06.01
[1]X. Yang, J. Yuan, H. Yang, Y. Kong, H. Zhang, and J. Zhao, "A Highly Interactive Honeypot-Based Approach to Network Threat Management," Future Internet, vol. 15, no. 4, p. 127, 2023.
[2]S. Srinivasa, J. M. Pedersen, and E. Vasilomanolakis, "Gotta catch’em all: a Multistage Framework for honeypot fingerprinting," Digital Threats: Research and Practice, vol. 4, no. 3, pp. 1-28, 2023.
[3]"OWASP Top Ten." Internet: https://owasp.org/www-project-top-ten/ (accessed [May 17, 2023]).
[4]F. Cremer et al., "Cyber risk and cybersecurity: a systematic review of data availability," The Geneva Papers on risk and insurance-Issues and practice, vol. 47, no. 3, pp. 698-736, 2022.
[5]S. Fowler and V. Stanwick, "What is web application?," in Web application design handbook: Best practices for web-based software: Morgan Kaufmann, 2004, pp. 1-24.
[6]L. Shklar and R. Rosen, "Web browsers," in Web Application Architecture: Principles, Protocols and Practices: Wiley, 2009, ch. 5, pp. 103-112.
[7]L. Shklar and R. Rosen, "Web server," in Web Application Architecture: Principles, Protocols and Practices: Wiley, 2009, ch. 4, pp. 65-69.
[8]L. Spitzner, Honeypots: Tracking Hackers. Addison-Wesley, 2003.
[9]M. Baykara and R. Das, "A novel honeypot based security approach for real-time intrusion detection and prevention systems," Journal of Information Security and Applications, vol. 41, pp. 103-116, 2018.
[10]C. Moore, "Detecting ransomware with honeypot techniques," in 2016 Cybersecurity and Cyberforensics Conference (CCC), 2016: IEEE, pp. 77-81.
[11]M. Baykara and R. Daş, "A survey on potential applications of honeypot technology in intrusion detection systems," International Journal of Computer Networks and Applications (IJCNA), vol. 2, no. 5, pp. 203-211, 2015.
[12]N. Kambow and L. K. Passi, "Honeypots: The need of network security," International Journal of Computer Science and Information Technologies, vol. 5, no. 5, pp. 6098-6101, 2014.
[13]L. Spitzner, "Classifying Honeypot by level of interaction," in Honeypots: tracking hackers, vol. 1: Addison-Wesley Reading, 2003, pp. 87-102.
[14]M. Rabzelj, L. Š. Južnič, M. Volk, A. Kos, M. Kren, and U. Sedlar, "Designing and Evaluating a Flexible and Scalable HTTP Honeypot Platform: Architecture, Implementation, and Applications," Electronics, vol. 12, no. 16, p. 3480, 2023.
[15]A. Nursetyo, E. H. Rachmawanto, and C. A. Sari, "Website and network security techniques against brute force attacks using honeypot," in 2019 Fourth International Conference on Informatics and Computing (ICIC), 2019: IEEE, pp. 1-6.
[16]Q. Liu, H. Zhang, J. Wan, and X. Chen, "An access control model for resource sharing based on the role-based access control intended for multi-domain manufacturing internet of things," IEEE access, vol. 5, pp. 7001-7011, 2017.
[17]S. Dowling, M. Schukat, and E. Barrett, "New framework for adaptive and agile honeypots," Electronics and Telecommunications Research Institute(ETRI) Journal, vol. 42, no. 6, pp. 965-975, 2020.
[18]M. Abualhija, N. Al-Shaf’i, N. M. Turab, and A. Hussein, "Encountering social engineering activities with a novel honeypot mechanism," International Journal of Electrical & Computer Engineering (2088-8708), vol. 13, no. 6, 2023.
[19]R. Bin Sulaiman and M. Ahmed Rahi, "A Detailed Study on Web-Based-Honeypot To Propose Mitigation Framework in Web Application," EngRN: Computer-Aided Engineering (Topic), 2019.
[20]D. K. Rahmatullah, S. M. Nasution, and F. Azmi, "Implementation of low interaction web server honeypot using cubieboard," 2016 International Conference on Control, Electronics, Renewable Energy and Communications (ICCEREC), pp. 127-131, 2016.
[21]P. D. Ali and T. G. Kumar, "Malware capturing and detection in dionaea honeypot," in 2017 Innovations in Power and Advanced Computing Technologies (i-PACT), 2017: IEEE, pp. 1-5.
[22]W. Zhang, H. He, and T.-h. Kim, "Xen-based virtual honeypot system for smart device," Multimedia Tools and Applications, vol. 74, pp. 8541-8558, 2015.
[23]T. Alyas et al., "Multi-Cloud integration security framework using honeypots," Mobile Information Systems, vol. 2022, pp. 1-13, 2022.
[24]R. M. Karp, "An introduction to randomized algorithms," Discrete Applied Mathematics, vol. 34, no. 1-3, pp. 165-201, 1991.
[25]R. Agrawal et al., "Long-Term Study of Honeypots in a Public Cloud," in 2022 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks-Supplemental Volume (DSN-S), 2022: IEEE, pp. 1-4.
[26]W. Sun, C. Yuan, and W. Fan, "A Measurement of Real-world Attack Connections toward Honeypots," in 2022 IEEE International Symposium on Measurements & Networking (M&N), 2022: IEEE, pp. 1-6.