Title :
A Virtual Honey Net as a Teaching Resource
Author :
Lanoy, Aaron ; Romney, Gordon W.
Author_Institution :
Brigham Young Univ., Provo, UT
Abstract :
The Honeynet Project is the open source contribution of computer security professionals focused on making the Internet community a more aware and safer place. It defines the purpose of the honeypot, the basic component of a honeynet, as "an information system resource whose value lies in unauthorized or illicit use of that resource". The objective of a honeynet is to attract malicious attackers, study their offensive strategy, and track every movement they make. The honeynet becomes a useful tool as one analyzes the data gathered from it to build new security into their system. Including a honeynet project in a Brigham Young University IT security curriculum provides hands-on experience with the dynamic Internet and all of the security components that go into securing a network. A VMware environment was used to create a virtual honeynet (Virtual) and compare its effectiveness to a network of physical computers (Real). This allowed students to learn the strengths and weaknesses of both Real and Virtual systems, and better prepare them to work with both. The areas in which Virtual and Real were compared are setup, deployment, maintenance, data collection, and data analysis. Virtual required only one computer whereas Real required one for each honeynet function. Setup was the area of greatest difference as Virtual dealt with virtual components whereas Real involved physical components. The issue of not being able to disguise a virtual network to appear "real" is the major concern as a honeynet is only as effective as it appears to be a real, functioning network. Likewise, it is only as good as the data it collects. Maintenance of the networks is where Virtual gained the advantage over Real. One must constantly rebuild the honeypots as they get attacked and trashed. This returning to a base build is much more efficient in the Virtual realm. Gaining experience with a Virtual honeynet, also, was found to be most effective to train teams to more efficiently implement a Rea- l honeynet
Keywords :
computer aided instruction; computer science education; security of data; teaching; Honeynet Project; IT security curriculum; Internet community; VMware environment; attack data analysis; computer security; honey wall; honeypot; information system resource; malicious attackers; network security; teaching resource; virtual honey net; Computer networks; Computer security; Data analysis; Data security; Education; IP networks; Information systems; Internet; Physics computing; Tracking; Attack Data Analysis; Honey Net; Honey Pot; Honey Wall; Maintenance; Security Curriculum; Virtualization;
Conference_Titel :
Information Technology Based Higher Education and Training, 2006. ITHET '06. 7th International Conference on
Conference_Location :
Ultimo, NSW
Print_ISBN :
1-4244-0405-3
Electronic_ISBN :
1-4244-0406-1
DOI :
10.1109/ITHET.2006.339685
