Abstract
Recent news have raised concern regarding the security on the IoT field. Vulnerabilities in devices are arising and honeypots are an excellent way to cope with this problem. In this work, current solutions for honeypots in the IoT context, and other solutions adaptable to it are analyzed in order to set the basis for a methodology that allows deployment of IoT honeypots. This methodology aims to cover all the aspects needed, including which devices are interesting, how can attackers be attracted to the honeypot, and how to obtain useful info from the deployment.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Danova, T.: 75 billion devices will be connected to the internet of things by 2020. Business Insider, vol. 2 (2013)
Roman, R., Najera, P., Lopez, J.: Securing the internet of things. Computer 44(9), 51–58 (2011)
Kambourakis, G., Kolias, C., Stavrou, A.: The mirai botnet and the IoT zombie armies. In: Military Communications Conference (MILCOM) MILCOM 2017 IEEE, pp. 267–272. IEEE (2017)
Business Insider: This one chart explains why cybersecurity is so important. Retriev. August 16, 2016 (2016)
Nawrocki, M., Wählisch, M., Schmidt, T.C., Keil, C., Schönfelder, J.: A survey on honeypot software and data analysis, arXiv preprint arXiv:1608.06249 (2016)
Pa, Y.M.P., Suzuki, S., Yoshioka, K., Matsumoto, T., Kasama, T., Rossow, C.: IOTPOT: analysing the rise of IOT compromises. EMU 9, 1 (2015)
Guarnizo, J.D., et al.: SIPHON: Towards scalable high-interaction physical honeypots. In: Proceedings of the 3rd ACM Workshop on Cyber-Physical System Security, pp. 57–68. ACM (2017)
Luo, T., Xu, Z., Jin, X., Jia, Y., Ouyang, X.: IoTCandyJar: towards an intelligent-interaction honeypot for IoT devices. Black Hat (2017)
Krishnaprasad, P.: Capturing attacks on IoT devices with a multi-purpose IoT honeypot. Ph.D. dissertation, Indian Institute of Technology Kanpur (2017)
Radice, A.: Playing with a mirai honeypot: Mtpot (2017)
Wang, M., Santillan, J., Kuipers, F.: ThingPot: an interactive Internet-of-Things honeypot (2017)
Dowling, S., Schukat, M., Melvin, H.: A ZigBee honeypot to assess IoT cyberattack behaviour. In: Signals and Systems Conference (ISSC) : 28th Irish IEEE 2017, pp. 1–6 (2017)
Jicha, A., Patton, M., Chen, H.: SCADA honeypots: an in-depth analysis of Conpot. In: Intelligence and Security Informatics (ISI) IEEE Conference on 2016, pp. 196–198. IEEE (2016)
Singh, J.P., Chauhan, A.: Detection and prevention of non-pc Botnets
Wardak, H., Zhioua, S., Almulhem, A.: PLC access control: a security analysis. In: World Congress on 2016 Industrial Control Systems Security (WCICSS), pp. 1–6. IEEE (2016)
Trujano, G.B.R.R.F., Chan, B., Beams, G., Rivera, R.: Security analysis of DJI phantom 3 standard. Mass. Inst. Technol. (2016)
Szabo, M.: Drone hacking (2017)
Fox-Brewster, T.: Watch a very vulnerable USD140 Quadcopter drone get hacked out of the sky (2017)
Hughes, M.: Why the iKettle hack should worry you (even if you don’t own one) (2015)
PenTestPartners: Hacking defcon 23’s IoT village samsung fridge (2015)
Munro, K.: Extracting your WPA-PSK from bathroom scales (2015)
Ronen, E., Shamir, A., Weingarten, A.-O., O’Flynn, C.: IoT goes nuclear: creating a ZigBee chain reaction. In: IEEE Symposium on 2017 Security and Privacy (SP), pp. 195–212. IEEE (2017)
Hern, A.: CloudPets stuffed toys leak details of half a million users (2017)
Lab, K.: A windows-based spreader for MIRAI malware has been discovered (2017)
Edwards, S., Profetis, I.: Hajime: analysis of a decentralized internet worm for IoT devices. Rapidity Netw. 16 (2016)
Acknowledgement
This work has been financed by Ministerio de Economía y Competitividad through the projects IoTest (TIN2015-72634-EXP) and SMOG (TIN2016-79095-C2-1-R). The second author has been financed by INCIBE through the grant program for excellency in advanced cybersecurity research teams.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Acien, A., Nieto, A., Fernandez, G., Lopez, J. (2018). A Comprehensive Methodology for Deploying IoT Honeypots. In: Furnell, S., Mouratidis, H., Pernul, G. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2018. Lecture Notes in Computer Science(), vol 11033. Springer, Cham. https://doi.org/10.1007/978-3-319-98385-1_16
Download citation
DOI: https://doi.org/10.1007/978-3-319-98385-1_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-98384-4
Online ISBN: 978-3-319-98385-1
eBook Packages: Computer ScienceComputer Science (R0)