Hybrid H-DOC: A bait for analyzing cyber attacker behavior

Cyber security is a vital concern for companies with internet-based cloud networks. These networks are constantly vulnerable to attack, whether from inside or outside organization. Due the ever-changing nature of cyber world, solutions must be updated regularly in order keep infrastructure secure. With use attack detection approaches, systems such as antivirus, firewalls, intrusion have become more effective. However, conventional unable detect zero-day attacks behavioral changes. drawbacks can overcome by setting up honeypot. In this paper, hybrid Honeynet model deployed Docker (H-DOC) bait has been proposed that comprises both low interaction and high honeypot attract malicious attacker analyze patterns. This form bait, designed block attacks, divert an attacker's attention away legitimate services. It focuses only on SSH protocol, it widely used remote system access popular target attacks. The Hybrid H-DOC method identify ransomware activity, trends, timely decision-making through effective rule tunes firewall. accuracy when compared IDH, Decepti-SCADA, AS-IDS HDCM 13.97%, 11.82%, 8.60% 5.07% respectively.