01667nas a2200217 4500000000100000000000100001008004100002653003000043653001900073653001300092653001300105653002000118100002200138700002000160700001900180700001700199245011100216300001200327490000700339520110300346 2018 d10aattack surface parameters10aattack-surface10ahoneypot10aPageRank10aweb application1 aBanyatsang Mphago1 aDimane Mpoeleng1 aShedden Masupe1 aOteng Tabona00aSelf-Advertising Attack Surfaces for Web Application Honeypots: New Technology to Managing Cyber Disasters a189-2020 v403 a

Honeypots are security tools often used to attract and learn attackers’ methods or divert their attention to unimportant resources. In order to achieve their goal, honeypots need to be identified by the attackers, and this is often the challenge with most deployments of honeypots. This paper therefore explores the use of attack surface sizes in web application honeypots to self-advertise their honeypots to the attackers. PageRank, which is a system that ranks pages on the web through outward link analysis, ranks important pages as seen by their users at the top of the search results. Therefore, the paper argues that vulnerable pages on the web, thus applications with large attack surface, are also important to attackers. Therefore, if pages are ranked based on their importance as seen by their users, pages with large attack surface should rank high when attackers search for them. To design a large attack surface, attack surface parameters can be strategically placed in a template as different parameters affect the attack surface differently when placed in a particular way.