-
Essay / Computer Crime Lure Systems: Honeypots - 923
In a world of computer crime, stolen identities and network sabotage, it seems that hackers are the ones who have the advantage, the rest 'of us playing defensively. There are a number of tools we use to fight back, such as: antivirus applications, firewalls and encryption. These are some of the most well-known defensive strategies, but there is also one that encourages attacks and is commonly called a honeypot. If you remember Winnie the Pooh's fondness for honey, the main idea behind a jar of honey shouldn't be difficult to understand. A honeypot is a luring system deliberately set up to lure attackers under the guise of trapping them or gaining information about who they are (Whitman and Mattord, 2011). A typical honeypot might be an insecure web server configured in such a way that it appears as if it is just waiting to be compromised. The reality is that, like a Venus flytrap, its sole purpose is to track the IP address of every person who enters without permission. A common use of such a device would be the same as a sting operation used by police to locate information on groups of people or individuals. Another honeypot installation tactic is to better understand the techniques attackers use to commit cybercrimes. These scenarios are then used to design future software and assist in security planning (Whitman & Mattord, 2011). A honeypot can take many forms: in fact, it can be almost anything you want to secure. For example, if you want to keep people away from your mail server, you can implement a virtual server that emulates all the real data without containing any of it. The attack can then assume that there is no need to ...... middle of paper ....... Works Cited Grimes, R. (2005). Honey jars for windows. (1st ed., p. 424). New York, New York: Éditions Apress. Retrieved from http://www.apress.com/9781590593356 Jens Grossklags & Jean Walrand (Eds.), Decision and Game Theory for Security: Third International Conference, GameSec 2012, Budapest, Hungary, November 5-6, 2012, Proceedings (Conference Notes in Computer Science/Security and Cryptology) (p. 324). New York, NY: Springer Publishing. Sabu M. Thampi, Pradeep K. Atrey, Chun I. Fan, Gregorio Martinez Perez (Eds.), Security in Computing and Communications: International Symposium, SSCC 2013, Mysore, India, August 22. 24, 2013. Proceedings (Communications in Computer and Information Sciences) (p. 418). New York, NY: Springer Publishing. Whitman, ME and Mattord, HJ (2011) Principles of Information Security. Boston: Course Technology. (Whitman and Mattord, 2011)