00998nas a2200193 4500000000100000000000100001008004100002653001100043653001300054653001200067653001000079653001100089100002200100700002000122245007800142300001200220490000700232520056500239 2019 d10abotnet10ahoneypot10amalware10aMirai10aTelnet1 aVesselin Bontchev1 aVeneta Yosifova00aAnalysis of the Global Attack Landscape Using Data from a Telnet Honeypot a264-2820 v433 a
After the Mirai botnet was discovered in 2016, we decided to set up a honeypot for it and see how widespread it really was. In the process we discovered that many other malicious attackers were using similar attack vectors. This paper outlines the process we went through to pick the right honeypot and the supporting infrastructure (backend database, visualization). This article presents the statistics we have collected from this honeypot, the conclusions we have drawn from these statistics, as well as the tools we have developed to share the data.