Open AccessThe TaintDroid Based Honeypot Monitoring System for Embedded Device
Author(s) -
Kai Cheng,
Zhan Wu,
Dongkun Li,
Xin Li,
Mu Ren
Publication year - 2022
Publication title -
journal of physics. conference series
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.21
H-Index - 85
eISSN - 1742-6596
pISSN - 1742-6588
DOI - 10.1088/1742-6596/2203/1/012077
Subject(s) - honeypot , computer security , computer science , key (lock)
Honeypot is a proactive defense technology introduced by defenders. Through the honeypots, defenders can deceive attackers to illegally take advantage of the honeypots and capture and analyze the attack behaviors to understand the attack tools and methods. To build honeypots, defenders first imitate vulnerable systems to entice the attacker to attack, then deploy monitoring systems that is responsible for monitoring and recording the attacker’s behavior. It is of concern that monitoring system is the key to determine the performance of honeypots, because obtaining attackers’ behavior is the main purpose of deploying honeypots, and monitoring system’s performance determines whether attackers’ behavior can be accurately and comprehensively recorded. In this paper, we introduce a novel TaintDroid based honeypot monitoring system for embedded device. This system uses TaintDroid to mark the attackers who hack into the honeypot, monitors the behavior of the marked attackers and then records. Moreover, we tested the feasibility of this system by building a monitoring system based on TaintDroid.