IT security education is enhanced by analyzing Honeynet data

Honeynets have increasingly been deployed by information technology (IT) professionals in industry for studying the methods and tools of malicious attackers. Educational institutions, because of their open access, offer a particularly enticing setting for connecting a Honeynet. The specific challenge for educational institutions is maintaining continuity in Honeynet research and operation as both undergraduate and graduate students complete their studies and leave. Furthermore, the analysis of Honeynet data requires a broad spectrum of security experience and skills. In this research, students installed an anonymous generation II Honeynet in the IT Security Lab at Brigham Young University (BYU) to assist in their educational experience in information assurance and security (IAS). The lab provides a secure setting for students to configure and monitor a honey wall connected to the Internet with its networked Windows and Linux honeypots. The objective of this research was to enhance undergraduate security training by 1) determining the impact of a Honeynet upon BYU security best practices, 2) assisting students to conduct personal research on the BYU Honeynet, and 3) providing live vulnerability training.