Design and implementation of honeypot systems based on open-source software

A honeypot is a type of information system that is used to obtain information on intruders in a network. When a honeypot is deployed in front of a firewall, it can serve as an early warning system. When deployed behind the firewall, it can serve as part of a defense-in-depth system and can be used to detect attackers who bypass the firewall and the intrusion detection system (IDS) or threats from insiders. Honeyd is an open-source honeypot; however, it uses a command-line interface and its configuration is difficult for beginners. The purpose of this study is to use the open-source tool to construct a graphic user interface (GUI) for honeyd. For the sake of portability and easy deployment, the whole system will be installed in a live USB stick. The end user can create a honeyd template by using the GUI or the result of the Nmap scan of a target computer. Moreover, the system will provide a log-review interface and real-time SMS functionality. Finally, we deployed the designed system in a campus network and presented an analytic result of a 60-day period with a Web-based data analysis system.