Alvin Ferreira’s Expanded Definition of “Honeypot”

To: Professor Jason Ellis

From: Alvin Ferreira

Date: 10/20/20

Subject: Expanded definition of Honeypot

Introduction

When it relates to information technology and cybersecurity, this paper includes an expanded description of the word honeypot. I address several meanings of the word in this paper, several uses of the term in context, and finally, provide a working definition of the term. The document will inform the reader how important and necessary honeypot is. Furthermore, the document will include the benefits of honeypot in corporations and my overall thoughts.

Definition

      Honeypot provide fake information to intruders to watch their behavior. The authors Miguel A. Leguizamon-Paez, Maria A. Bonilla-Diaz, and Camilo A. Leon-Cuervo (2020) quoted “Honeypots in their most basic form are fake information servers, strategically positioned in a test network, which are fed with false information that is disguised as files of a confidential nature. In turn, these servers are initially configured in such a way that it is difficult, but not impossible, to be penetrated by a computer attacker, deliberately exposing them and making them highly attractive to a target hacker”. “The quote basically describes how honeypot is constructed to feed information that are not accurate to intruders.  Allowing the person controlling the honeypot to evaluate the intruder’s behavior

     Honeypot could be applied to benefit the companies’ strength. The authors Muhammet Baykara and Resul Das quoted “Honeypot systems are security tools that have recently been used in vulnerable information systems. They gain their security advantage as they are being attackable. These honeypot systems simulate real systems such as web, application, and database servers used in information systems, and they are trapping systems for attacker”. The quote states in small terms how honeypot looks for certain vulnerability within the system. The article discusses when literature finding are analyzed, it is possible to find three specific mechanisms related to the placement of honeypot schemes. In specific, honeypot networks can be located on the Local Area Network, the telephone and the Demilitarized Zone. There are benefits and pitfalls of any of these placement conditions. Depending on where they are located, honeypots are structured in forms and shapes that do not endanger network protection.   

Are Honeypot reliable in all businesses? The authors Anand Gupta, S.K.Gupta, IshaManu Ganesh, Pankhuri Gupta, Vikram Goyal and Sangeeta Sabharwal  cited “Though honeypot technology is not widely accepted, we feel it can be successful in certain environments. This leads to a new kind of honeypot called context dependent honeypot based on databases (S.K. Gupta et al., 2008). It is useful in a situation where there is a need to lure and quietly observe the actions of suspected masqueraders (for privacy violation). Such a pre-event scenario, where we act on the basis of apriori knowledge, before the violation actually occurs, has not yet been explored”. So by the article standards in a case where there is a need to lure and secretly monitor the behavior of accused masqueraders, it is beneficial. Such a pre-event situation has not yet been discussed; in which one behave on the basis of apriori information before the breach eventually happens.

The difference between the three article presented above is as followed; the first article discusses how false information is shared on honeypot to study behavior. The second article examines the strength of Honeypot in general. Lastly in the third article it explains if all corporations should rely in honeypot. The similarities between all quotes are they all described honeypot as being use to deceive an intruder and study their behavior.

Context

      The authors Anand Gupta, S.K.Gupta, IshaManu Ganesh, Pankhuri Gupta, Vikram Goyal and Sangeeta Sabharwal  quoted “Therefore, it is necessary to protect all types of information, in order to use it completely and at the same time, it can be protected and kept safe against any possible eventualities involving loss, distortion and/or use by unwanted entities.” The quote means all forms of information must be secured inorder to be fully used and, at the same time, secure and safeguarded against potential eventualities including misuse, manipulation and/or usage by unauthorized individuals.

     The authors  Muhammet Baykara and Resul Das stated “Information security has been one of the most important areas of research in the world of information in recent years. Many tools or software are used in computer network systems to provide corporate or personal information security”.The statement means digital security has been one of the most notable fields of study in the information sector. There are software being used in computer network systems for companies, or personal information protections.

     The author John Clay stated“Microsoft announced vulnerability CVE-2020-0601 and has already released a patch to protect against any exploits stemming from the vulnerability. Understanding how difficult it can be to patch systems in a timely manner, Trend Micro created a valuable tool that will test endpoints to determine if they have been patched against this latest threat or if they are still vulnerable”. The quote explains how Microsoft has confirmed the CVE-2020-0601 vulnerability and has already released a fix to protect against vulnerabilities triggered by the vulnerability. Trend Micro has built a helpful method that can monitor endpoints to assess if they have been patched against this new vulnerability or whether they are already vulnerable, recognizing how difficult it can be to repair devices in a timely way.

All the quotes above relate to each other. They all pertain to the function of honeypot. In this case, the honeypot normally finds out vulnerability and fixes the errors by studying intruders behavior.

In conclusion, through all the different articles obtained honeypot carried the same structure. Honeypot is supposed to deceive intruders and protect valuable information. So, are honeypot important? In my opinion, they are. Honeypot helps corporations notice their strength and weaknesses to keep their important information protected. In my career, I.T. operations. I will be attending Administrative protocols and hardware and software assistance. My responsibilities include technology management and quality assurance, as well as infrastructure maintenance and ensuring that finished goods fulfill both the demands and requirements of the customers.

Reference

Anand Gupta, S.K. Gupta, IshaManu Ganesh, Pankhuri Gupta, Vikram Goyal, & Sangeeta Sabharwal. (2010) Opaqueness Characteristic of a Context Honeypot System. Information Security Journal: A Global Perspective.vol.19 Issue 3, p142-152. 11p.
http://web.b.ebscohost.com.citytech.ezproxy.cuny.edu/ehost/detail/detail?vid=21&sid=b110f4ca-b64a-4c7a-aa3b-f7491114517c%40pdc-v-sessmgr01&bdata=JnNpdGU9ZWhvc3QtbGl2ZSZzY29wZT1zaXRl#db=a9h&AN=51253514

Miguel A. Leguizamon-Paez, Maria A. Bonilla-Diaz, & Camilo A. Leon-Cuervo (2020). Analysis of computer attacks through Honeypots in the District University Francisco Jose de caldas.Ingenieria y Competitvidad,jul2020, Vol.22 Issue 2, p1-13. 13p.
http://web.b.ebscohost.com.citytech.ezproxy.cuny.edu/ehost/detail/detail?vid=15&sid=b110f4ca-b64a-4c7a-aa3b-f7491114517c%40pdc-v-sessmgr01&bdata=JnNpdGU9ZWhvc3QtbGl2ZSZzY29wZT1zaXRl#AN=143694090&db=a9h

 John Clay. (2020, January 24). Trend Micro Creates Factory Honeypot to Trap Attackers. Retrieved October 07, 2020, from https://www.trendmicro.com/en_us/research/20/a/this-week-in-security-news-trend-micro-creates-factory-honeypot-to-trap-malicious-attackers-and-microsoft-leaves-250m-customer-service-records-open-to-the-web.html

Muhammet Baykara & Resul Das (2019)SoftSwitch: a centralized honeypot-based security approach using software-defined switching for secure management of VLAN networks.Turkish Journal of Electrical Engineering & Computer Sciences. Vol.27 Issue 5, pg 3309-3325. 17p. http://web.b.ebscohost.com.citytech.ezproxy.cuny.edu/ehost/detail/detail?vid=42&sid=4e66af52-c8d3-46b8-b3f9-615720b8f216%40pdc-v-sessmgr03&bdata=JnNpdGU9ZWhvc3QtbGl2ZSZzY29wZT1zaXRl#db=a9h&AN=138875578

Rouse, M. (2019, November 22). What is IT Operations and Why is it Important? Retrieved October 21, 2020, from https://searchitoperations.techtarget.com/definition/IT-operations

Summary of Devendra Kumar et al.’s”AN ANALYTICAL STUDY OF IOT BASED APPLICATIONS”

TO: Professor Ellis

FROM: Alvin Ferreira

DATE: September 22,2020

SUBJECT: 500-Word Summary

This is a 500-word summary of ” AN ANALYTICAL STUDY OF IOT BASED APPLICATIONS” by Devendra Kumar that discusses the effects that IoT will provide over time to businesses, home and building owners, cities, transportation and the environment.  The IoT basically is a system that has the ability to transfer data over the network without the need for human –to- human or computer –to- human interaction. Internet of things may obtain data from various segment or they could be involved in different administrations.

      According to Devendra Kumar, IoT will improve urban communities reassuring open traffic reducing business security and protecting population. IoT will include transport framework, human service framework, climate control framework that will provide access to airport, rail and transit data from local sites for transmission. The Internet will provide a smart building management framework that will consist of big data source that office managers could monitor the use of energy. A smart grid will control two-way exchanges between supplier and buyers. Smart grit key data and matching innovation elements will include progress detection and monitoring for management streams; a base station computerized for to transmit information via the Internet.

Then; afterwards Devendra Kumar speaks upon Smart Health that was created for hospital’s use to monitor patients’ physical condition with IoT. The IoT will use sensors to collect all physical data, in order to test and store data, and send remote information to do later testing and reviews. Smart Health uses mechanism to secure confident sensor health information distribution, use complex calculation to break up information share it with physicians via remote network.

    Further on, Devendra Kumar explains how smart mobility and transportation will be managed by the IoT application to apply the standards of purchase and research participation.  The smart mobility and transportation arrangement was implemented with a variety of capabilities, e.g. testing for Li-on batteries, remote control with online troubleshooting and a fault-free ad covering supports costs.

      We are told about how Smart factory will help to integrate other feature, including computer-based logic, machine learning and computer information tracking tasks, and to coordinate assembly process with M2M. The M2M keys chosen through the “Mechanical” sections will place a heavy emphasis on smart factory line and key concept data. Smart factory Mechanical processes will include less time support, less obscurity and less efficiency on spare. There have been numerous inquires about efforts to tackle natural pollution and waste. IoT research can provide a compelling method to communicate the resources of each of these sensors and to highlight the choice of suitable alternative to those sources of use. IoT innovation can monitor and manage air quality and gather information from urban areas.

Devendra Kumar ends by explaining how IoT is an innovation that connects things to people and the web. Furthermore, that it requires a structured approach for designing, accrediting, certifying programs, conference and events, each with a single and specific use.

Reference

Kumar, Devendra.(2020) AN ANALYTICAL STUDY OF IOT BASED APPLICATION. Acta Technica Corvininesis-Bulletin of Engineering. Vol 13 Issue 1, 73-78.