@inproceedings{7366b88a3ec64ecdb0f16f3765c1473d,
title = "HoneyMix: Toward SDN-based intelligent honeynet",
abstract = "Honeynet is a collection of honeypots that are set up to at- tract as many attackers as possible to learn about their pat- terns, tactics, and behaviors. However, existing honeypots suffer from a variety of fingerprinting techniques, and the current honeynet architecture does not fully utilize features of residing honeypots due to its coarse-grained data control mechanisms. To address these challenges, we propose an SDN-based intelligent honeynet called HoneyMix. HoneyMix leverages the rich programmability of SDN to cir- cumvent attackers' detection mechanisms and enables fine- grained data control for honeynet. To do this, HoneyMix simultaneously establishes multiple connections with a set of honeypots and selects the most desirable connection to inspire attackers to remain connected. In this paper, we present the HoneyMix architecture and a description of its core components.",
keywords = "Honeynet, Honeypot, Network function virtualiza-tion, Software-defined networking",
author = "Wonkyu Han and Ziming Zhao and Adam Doupe and Gail-Joon Ahn",
year = "2016",
month = mar,
day = "11",
doi = "10.1145/2876019.2876022",
language = "English (US)",
series = "SDN-NFV Security 2016 - Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, co-located with CODASPY 2016",
publisher = "Association for Computing Machinery, Inc",
pages = "1--6",
booktitle = "SDN-NFV Security 2016 - Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, co-located with CODASPY 2016",
note = "2016 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, SDN-NFV Security 2016 ; Conference date: 11-03-2016",
}