BALKÜPLERİNİN SALDIRI VE SAVUNMA AÇISINDAN İNCELENMESİ

Year 2023, Volume: 22 Issue: 43, 15 - 32, 29.06.2023

Muhammed Sadık Karabay , Can Eyüpoğlu

https://doi.org/10.55071/ticaretfbd.1245975

Abstract

Geçtiğimiz son 20 yıldaki teknolojik gelişmelerle beraber bilgisayar ağlarının kapasitesi ve bağlanan cihaz sayısı sürekli artmaktadır. Özellikle nesnelerin interneti (Internet of Things-IoT) teknolojisi ile internete bağlı cihaz sayısının 50 milyarı aşması beklenmektedir. Son kullanıcı tarafından kullanılan akıllı cihazlar ve bu cihazların kullanımındaki artış beraberinde devasa boyutlardaki veri akışını da getirmiştir. Covid-19 süreci ile uzaktan çalışma, çevrimiçi eğitim vb. durumlar neredeyse tüm işlemleri internet üzerinden yürütmeye ve verilere internet üzerinden erişime olanak vermiştir. Tüm bunlarla beraber, verilerin saklandığı, yürütüldüğü ve işlendiği sistemler saldırganların hedefi haline gelmiştir. Bu çalışmada olası siber saldırı senaryolarında saldırganların kurumsal ağ sisteminin içine sızması durumunda saldırganların dikkatini başka yöne çekmesine olanak sağlayacak balküpü sistemleri, hem saldırgan hem de savunan bakış açısıyla ele alınmıştır.

Keywords

Balküpü, Siber Saldırı, Tuzak Sistemler, Kızıl Takım

EXAMINATION OF HONEYPOTS FROM OFFENSIVE AND DEFENSIVE PERSPECTIVE

Abstract

With the technological developments in the last two decades, the capacity of computer networks and the number of connected devices are constantly increased. Especially with the Internet of Things (IoT) technology, the number of devices connected to the Internet is expected to exceed 50 billion. The smart devices used by the end users and the increase in the use of these devices have brought with them huge data flow. With the Covid-19 process, remote work, online education, etc. systems have made it possible to do almost all activities online and to access data over the internet. With all this, the systems in which data is stored, executed and processed have become the target of attackers. In this study, honeypot systems, which will allow attackers to divert the attention of attackers in case of infiltration into the corporate network system in possible cyber attack scenarios, are discussed from both the attacker and the defender perspective.

Keywords

Cyber attack, honeypot, red team, trap systems

References

• Al-Jameel, S., & Alanazi, A. A. (2021). Honeypots Tools Study and Analysis. International Journal of Computer Science & Network Security, 21(1), 162-173.
• Amal, M. R., & Venkadesh, P. (2023). H-Doctor: Honeypot based firewall tuning for attack prevention. Measurement: Sensors, 25, 100664.
• Bagyalakshmi, G., Rajkumar, G., Arunkumar, N., Easwaran, M., Narasimhan, K., Elamaran, V., & Ramirez-Gonzalez, G. (2018). Network vulnerability analysis on brain signal/image databases using Nmap and Wireshark tools. IEEE Access, 6, 57144-57151.
• Borkar, A., Salunke, A., Barabde, A., & Karlekar, N. P. (2011, February, 25-26). Honeypot: a survey of technologies, tools and deployment. Proceedings of the International Conference & Workshop on Emerging Trends in Technology, India, 1357-1357.
• Bringer, M. L., Chelmecki, C. A., & Fujinoki, H. (2012). A survey: Recent advances and future trends in honeypot research. International Journal of Computer Network and Information Security, 4(10), 63-75.
• Campbell, R. M., Padayachee, K., & Masombuka, T. (2015, December, 14-16). A survey of honeypot research: Trends and opportunities. In 10th International Conference for Internet Technology and Secured Transactions (ICITST), IEEE, 208-212.
• Chen, P. T., Laih, C. S., Pouget, F., & Dacier, M. (2005, November, 07-09). Comparative survey of local honeypot sensors to assist network forensics. In First International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE'05), IEEE, 120-132.
• Dalamagkas, C., Sarigiannidis, P., Ioannidis, D., Iturbe, E., Nikolis, O., Ramos, F., ... & Tzovaras, D. (2019, June, 24-28). A survey on honeypots, honeynets and their applications on smart grid. In 2019 IEEE Conference on Network Softwarization (NetSoft), IEEE, 93-100.
• Denis, M., Zena, C., & Hayajneh, T. (2016, April, 29-29). Penetration testing: Concepts, attack methods, and defense strategies. In 2016 IEEE Long Island Systems, Applications and Technology Conference (LISAT), IEEE, 1-6.
• Fan, W., Du, Z., Fernández, D., & Villagra, V. A. (2017). Enabling an anatomic view to investigate honeypot systems: A survey. IEEE Systems Journal, 12(4), 3906-3919.
• Grimes, R. A. (2005). Honeyd Configuration. Honeypots for Windows. Apress Berkeley, CA.
• Hong-Xia, L., Pu, W., Jian, Z., & Xiao-Qiong, Y. (2010, May, 7-9). Exploration on the connotation of management honeypot. In 2010 International Conference on E-Business and E-Government, IEEE, 1152-1155.
• Nawrocki, M., Wählisch, M., Schmidt, T. C., Keil, C., & Schönfelder, J. (2016). A survey on honeypot software and data analysis, arXiv preprint arXiv:1608.06249.
• Ng, C. K., Pan, L., & Xiang, Y. (2018). Honeypot frameworks and their applications: a new framework. Springer, Singapore.
• Perevozchikov, V. A., Shaymardanov, T. A., & Chugunkov, I. V. (2017, February, 1-3). New techniques of malware detection using FTP Honeypot systems. In 2017 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus), IEEE, 204-207.
• Priya, V. D., & Chakkaravarthy, S. S. (2023). Containerized cloud-based honeypot deception for tracking attackers. Scientific Reports, 13(1), 1437.
• Sembiring, I. (2016, October, 19-20). Implementation of honeypot to detect and prevent distributed denial of service attack. In 2016 3rd International Conference on Information Technology, Computer, and Electrical Engineering (ICITACEE), IEEE, 345-350.
• Sochor, T., & Zuzcak, M. (2014, June, 23-27). Study of internet threats and attack methods using honeypots and honeynets. In International Conference on Computer Networks, Springer, Cham, 118-127.
• Uitto, J., Rauti, S., Laurén, S., & Leppänen, V. (2017, April, 04-06). A survey on anti-honeypot and anti-introspection methods. In World Conference on Information Systems and Technologie, Springer, Cham, 125-134.
• Yang, X., Yuan, J., Yang, H., Kong, Y., Zhang, H., & Zhao, J. (2023). A Highly Interactive Honeypot-Based Approach to Network Threat Management. Future Internet, 15(4), 127.
• Zimmerman, C. (2014). Ten Strategies of a World-Class Cybersecurity Operations Centre. The Mitre Corporation, Ukrainian.