An Advanced Hybrid Honeypot for Providing Effective Resistance in Automatic Network Generation

Increasing usage of Internet and computer networks by individuals and organizations and also attackers’ usage of new methods and tools in an attempt to endanger network security, have led to the emergence of a wide range of threats to networks. A honeypot is one of the basic techniques employed for network security improvement. It is basically designed to be attacked so as to get the attackers’ information and trap them. By using a vulnerable scanner in this paper, we obtained the required network vulnerabilities and normalized them via the proposed method. Then, a dynamic hybrid honeypot has proposed by high and low interaction honeypots. Also, in the proposed method, by footprinting and scanning of an integrated network, a detailed picture of the production network and a honeypot configuration file are generated. As a result, more devices could be detected via automated production by the proposed method. This method could accelerate honeypot production and reduce the users’ mistakes during their manual production. Monitoring network traffic, collecting the information of network machines, determining network operating systems, and storing data in a database are the specific features of this system that could be performed by using the selected network scanning tools and modules.