Detection and Analysis Of Cyber Attacks Using Honeypot

Abstract

The field of technology and worldwide data exchange is constantly growing. One of its most promising outcomes has been the availability of powerful applications and low-cost internet. However, threats such as Port Scanning, DoS, and Web attacks are becoming much more of a concern due to such technological advancements. This has essentially rekindled the interest of engineers in technological security and has prompted them to conduct extensive research on the topic. Websites and systems hold vital documents about both the company and its clients. However, with the rise of cybersecurity attacks, they are being hacked more often, prompting administrators to look for ways to protect them from the black hat culture. The project "Detection and Analysis of Cyberattacks Using Honeypot" is about a raspberry pi honeypot built and deployed in a live network. The project aims to detect incoming requests in real-time using a Machine Learning detection engine and forward them to either the original system or to a honeypot. It is directed towards the server if it is a benign request; otherwise, it is routed to a honeypot, where it is analyzed. When implemented inside a network, this project can be beneficial for administrators and network security experts to gather valuable information about a hacker's operation and its footprints, which can substantially contribute to creating new rules and mechanisms to deter potential attacks.