By Milica D. Djekic
The private computers, as well as computer’s networks, are the assets that could get equally used in the everyday life and business environment, so far. So many of these systems would deal with the confidential and valuable data, files, folders, and applications and there would be a strong need to assure those devices. Also, the emerging technologies would bring the connected objects that would show the tendency to get secured as well. Well, the highest priority in such a matter is to think a bit about both – device and network security. As it’s well-known, the IT infrastructure could get protected relying on passive and active techniques of defense. Some people would believe that it’s enough to get some anti-malware software being installed on your machine, but that’s not sufficient at all. That’s only the preventive measure and additionally – we should think hard about the monitoring and incident response is the active ways of security. Also, there would be so many methods to track the hacker’s behavior or investigate any cyber incident using the well-known cyber security assessment and auditing methodologies. So, would there be the way to secure your computer or the entire network using any kind of intelligent defense? It’s well-known that the bees like anything being sweet and especially the honey. In other words, if you offer the honey to your bees they would not sting you and they would rather get pleased and simply stick with such a sweet meal. The similar situation is with the cyber defense. The hackers could get assumed as the bees that got the capacity to attack, but they could also get lured with some delicious portion of the feed. The aim of this article is to explain a bit how such an approach could get applied in cyber security and why the good portion of honey could get the best way to protect from those insects’ attacks.
What are the honeypots and honeynets?
The honeypots are the computer that is as any other computing units whose purpose is to attract the hackers to leave their trace within them. On the other hand, the honeynets are the computer’s networks which are similar to any computing network and they also serve as the network security weapon. The both – honeypots and honeynets – are only the trap to the cybercrime individuals who would want to exploit the vulnerabilities of some infrastructure. Those assets would use the files, folders, and applications as any other similar assets and their purpose would be to catch the hackers into such a grid and make them demonstrate some sort of malicious behavior. The honeypots could be the part of some computing network that would use the other computers serving – let’s say – for business purposes. No one can guarantee that the hackers would simply fall into such a trap, but if you find the way to drag their attention to those IP addresses you would undoubtedly get the chance to trick them and once you get them – you would become familiar with their tactics and strategies. The fact is you need to be the clever strategist who would make the perfect plans on how to lure the cybercriminals to such a trap.
Deception technologies in cyber security
As it’s well-known, the hacker’s community would make a deep dig on the internet in order to find the information about some well-protected IT systems. They would feel such a task as the challenge and they would be proud of themselves once they discover some confidential IP address. There are so many phishing and scamming tactics that would get widely applied by the cybercrime underground and the bad guys would enjoy dealing in such a fashion. The cybercrime professionals would see the financial advantage as the main motive to commit the cybercrime and they could work for some transnational crime and terrorist organizations. The Darknet is the deep web spot being full of those sorts of people and the cybercriminals would so generously offer their service to anyone being willing to pay for so. On the other hand, so skillful defense professionals would count on some kind of deception techniques and technologies in order to trick the hackers to choose the honeypots machines as their ultimate destination. For instance, if you publish on the web some IP addresses suggesting they are so confidential and no one should even try to cope with them – that could be the smart way to attract the bad guys to taste the good portion of honey.
How active defense works and why it matters
The active defense is the method of dealing with the hackers who have made the breach to some cyber environment and the good tactics would suggest trying to follow the hacker’s behavior in the cyberspace in order to make them being delusional about what it’s happening for real. Even the honeypots could get assumed as the helpful active defense weapons for a reason they would definitely fool anyone to try to do anything he wants to attempt leaving the trace about his activities. The real advantage of such an approach is that if you adopt such techniques you would clearly get an opportunity to deeply understand the criminal behavior and even get into the cyber criminal’s mind getting in position to predict any further step in such an offense.
The link between network security and digital forensics
The honeypots could serve to protect some critical and business assets, but they can also get applied for research, prevention, detection and incident response needs. The ways to play with the honeypots systems could be so numerous and once you catch someone getting into your honeypots trap – you could try to investigate such an incident. For such a purpose, so many cyber professionals and experts would recommend the forensics analyses and the entire teams of forensics detectives could get invoked to conduct such an investigation in order to collect the findings and evidence. Next, those folks would reconstruct what has happened at the crime scene and skillfully report about everything they have figured out about that incident.
The next generation cyber defense approaches
The main question here is what we could expect in the future in terms of honeypots and deception technologies. Well, such a question literally can open the Pandora’s Box and offer us so many suggestions. In our opinion, we can expect the more sophisticated methods of those techniques and methodologies, so we believe the strategists of the coming times could get much wiser and a bit smarter, so far. In such a manner, we mean that the luring tactics could get better developed and the entire honeypots and honeynets systems could become much more covered and protected. The point is to trick the hackers in such a sense to make them hardly recognize they are in the trap. We believe that anyone could get sooner or later that he got delusional, but let make him getting so far more lately. That’s a good challenge for a tomorrow, isn’t it?
About The Author
Milica D. Djekic is an Independent Researcher from Subotica, Republic of Serbia. She received her engineering background from the Faculty of Mechanical Engineering, University of Belgrade. She writes for some domestic and overseas presses and she is also the author of the book “The Internet of Things: Concept, Applications and Security” being published in 2017 with the Lambert Academic Publishing. Milica is also a speaker with the BrightTALK expert’s channel and Cyber Security Summit Europe being held in 2016 as well as CyberCentral Summit 2019 being one of the most exclusive cyber defense events in Europe. She is the member of an ASIS International since 2017 and contributor to the Australian Cyber Security Magazine since 2018. Milica’s research efforts are recognized with Computer Emergency Response Team for the European Union (CERT-EU). Her fields of interests are cyber defense, technology and business. Milica is a person with disability.