After the Mirai botnet was discovered in 2016, we decided to set up a honeypot for it and see how widespread it really was. In the process we discovered that many other malicious attackers were using similar attack vectors. This paper outlines the process we went through to pick the right honeypot and the supporting infrastructure (backend database, visualization). This article presents the statistics we have collected from this honeypot, the conclusions we have drawn from these statistics, as well as the tools we have developed to share the data.
BT - Information & Security: An International Journal DO - https://doi.org/10.11610/isij.4320 IS - 2 LA - eng N2 -After the Mirai botnet was discovered in 2016, we decided to set up a honeypot for it and see how widespread it really was. In the process we discovered that many other malicious attackers were using similar attack vectors. This paper outlines the process we went through to pick the right honeypot and the supporting infrastructure (backend database, visualization). This article presents the statistics we have collected from this honeypot, the conclusions we have drawn from these statistics, as well as the tools we have developed to share the data.
PY - 2019 SE - 264 SP - 264 EP - 282 T2 - Information & Security: An International Journal TI - Analysis of the Global Attack Landscape Using Data from a Telnet Honeypot VL - 43 ER -