Document Type
Thesis
Degree
Master of Science (MS)
Major/Program
Computer Engineering
First Advisor's Name
Selcuk Uluagac
First Advisor's Committee Title
Committee chair
Second Advisor's Name
Kemal Akkaya
Second Advisor's Committee Title
committee member
Third Advisor's Name
Alexander Perez-Pons
Third Advisor's Committee Title
committee member
Keywords
Honeypot, Honeynet, SDN, Cryptojacking, IoT, IIoT, CPS, Network Security, IDPS, Docker, ML
Date of Defense
6-14-2022
Abstract
The purpose of this thesis is to explore honeypot-based security enhancements for information systems. First, we provide a comprehensive survey of the research that has been carried out on honeypots and honeynets for Internet of Things (IoT), Industrial Internet of Things (IIoT), and Cyber-physical Systems (CPS). We provide a taxonomy and extensive analysis of the existing honeypots and honeynets, state key design factors for the state-of-the-art honeypot/honeynet research and outline open issues. Second, we propose S-Pot, a smart honeypot framework based on open-source resources. S-Pot uses enterprise and IoT honeypots to attract attackers, learns from attacks via ML classifiers, and dynamically configures the rules of SDN. Our performance evaluation of S-Pot in detecting attacks using various ML classifiers shows that it can detect attacks with 97% accuracy using J48 algorithm. Third, for securing host-based Docker containers from cryptojacking, using honeypots, we perform a forensic analysis to identify indicators for the detection of unauthorized cryptomining, present measures for securing them, and propose an approach for monitoring host-based Docker containers for cryptojacking detection. Our results reveal that host temperature, combined with container resource usage, Stratum protocol, keywords in DNS requests, and the use of the container’s ephemeral ports are notable indicators of possible unauthorized cryptomining.
Identifier
FIDC010839
Previously Published In
Javier Franco, Ahmet Aris, Berk Canberk, A. Selcuk Uluagac, “A Survey of Honeypots and Honeynets for Internet of Things, Industrial Internet of Things, and Cyber-Physical Systems”, IEEE Communications Surveys & Tutorials, 23(4):2351- 2383, 202
Recommended Citation
Franco, Javier R., "Honeypot-based Security Enhancements for Information Systems" (2022). FIU Electronic Theses and Dissertations. 5113.
https://digitalcommons.fiu.edu/etd/5113
Rights Statement
In Copyright. URI: http://rightsstatements.org/vocab/InC/1.0/
This Item is protected by copyright and/or related rights. You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s).