Honeypot Testbed for Network Defence Strategy Evaluation

Warning

This publication doesn't include Faculty of Arts. It includes Institute of Computer Science. Official publication website can be found on muni.cz.

Authors	MEDKOVÁ Jana HUSÁK Martin VIZVÁRY Martin ČELEDA Pavel
Year of publication	2017
Type	Article in Proceedings
Conference	2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)
MU Faculty or unit	Institute of Computer Science
Citation
Web	http://ieeexplore.ieee.org/document/7987397/
Doi	http://dx.doi.org/10.23919/INM.2017.7987397
Field	Informatics
Keywords	honeypot;testbed;game theory;cyber security
Attached files	2017-IM-Honeypot-Testbed-for-Network-Defence-Strategy-Evaluation-paper.pdf 2017-IM-Honeypot-Testbed-for-Network-Defence-Strategy-Evaluation-poster.pdf
Description	In this paper, we describe a network defence strategy testbed, which could be utilized for testing the strategy decision logic against simulated attacks or real attackers. The testbed relies on a network of honeypots and the high level of logging and monitoring the honeypots provide. Its main advantage is that only the decision logic implementation is needed in order to test the strategy. The testbed also evaluates the tested network defence strategy. We demonstrate an example of network defence strategy implementation, the test setup, progress, and results. The source code of the testbed is available on GitHub.
Related projects:	Simulation, Detection, and Mitigation of Cyber Threats Endangering Critical Infrastructure Applied research at FI: search systems, security, data visualization and virtual reality