Usage of proposed autonomous hybrid honeypot for distributed heterogeneous computer systems in education process

Abstract

With the rapid spread of the Internet, information technologies (ITs) and inadequate basic security of computer systems, it is only a matter of time when the computer systems will be attacked after revealing its existing vulnerabilities and programme weak points. At present the presence of such a potential threat agitates a greater and greater interest in various possibilities for enhancing its security. Currently exerted defence system based on the use of firewall, antivirus software and Intrusion Detection System (IDS) represents a necessary minimum. This traditional approach to security of computer systems is primarily oriented to the defence against already existing threats. It is essential to adapt the security system to this trend as the current threats have much more aggressive forms. The use of decoy based security technology - Honeypot - represents an adequate form of defence. However, even this technology is not a “security panacea” as its 100% functionality is proportionally dependent on the specific installation process. This article is focused on the technology called Honeypot and the issue of implementation process of its autonomous version, which is able to create virtual Honeypots and thus rapidly increase a security level of distributed heterogeneous computer systems. The proposed autonomous Honeypot can be used in the educational process in computer security laboratories for demonstrating security, simulations of different types of attacks, as well as in monitoring, respectively in observation of behaviour of computer system during the attacks.