Self-Advertising Attack Surfaces for Web Application Honeypots

New Technology to Managing Cyber Disasters

Research output: Contribution to journalArticle

Abstract

Honeypots are security tools often used to attract and learn attacker’s methods or divert attacker’s attention to other unimportant resources. In order to achieve their goal, honeypots need to be identified by the attackers, and this is often the challenge with most honeypots deployments. This paper therefore explores the use of attack surface sizes in web application honeypots to self-advertise their honeypots to the attackers. PageRank, which is a system that ranks pages on the web through outward link analysis, ranks important pages as seen by their users at the top of the search results. Therefore, the paper argues that vulnerable pages on the web, thus applications with large attack surface, are also important to attackers. Therefore, if pages are ranked based on their importance as seen by their users, pages with large attack surface should rank high when attackers search for them. To design a large attack surface, attack surface parameters can be strategically placed in a template as different parameters affect the attack surface differently when placed in a particular way.
Original languageEnglish
JournalInformation & Security: An International Journal
Volume40
Publication statusPublished - 2018

Fingerprint

Disasters
Marketing

Cite this

@article{9144e28ac1f84bcc9b9f97fa64bc12c2,
title = "Self-Advertising Attack Surfaces for Web Application Honeypots: New Technology to Managing Cyber Disasters",
abstract = "Honeypots are security tools often used to attract and learn attacker’s methods or divert attacker’s attention to other unimportant resources. In order to achieve their goal, honeypots need to be identified by the attackers, and this is often the challenge with most honeypots deployments. This paper therefore explores the use of attack surface sizes in web application honeypots to self-advertise their honeypots to the attackers. PageRank, which is a system that ranks pages on the web through outward link analysis, ranks important pages as seen by their users at the top of the search results. Therefore, the paper argues that vulnerable pages on the web, thus applications with large attack surface, are also important to attackers. Therefore, if pages are ranked based on their importance as seen by their users, pages with large attack surface should rank high when attackers search for them. To design a large attack surface, attack surface parameters can be strategically placed in a template as different parameters affect the attack surface differently when placed in a particular way.",
author = "Banyatsang Mphago and Dimane Mpoeleng and S. Masupe and Oteng Tabona",
year = "2018",
language = "English",
volume = "40",
journal = "Information & Security: An International Journal",

}

TY - JOUR

T1 - Self-Advertising Attack Surfaces for Web Application Honeypots

T2 - New Technology to Managing Cyber Disasters

AU - Mphago, Banyatsang

AU - Mpoeleng, Dimane

AU - Masupe, S.

AU - Tabona, Oteng

PY - 2018

Y1 - 2018

N2 - Honeypots are security tools often used to attract and learn attacker’s methods or divert attacker’s attention to other unimportant resources. In order to achieve their goal, honeypots need to be identified by the attackers, and this is often the challenge with most honeypots deployments. This paper therefore explores the use of attack surface sizes in web application honeypots to self-advertise their honeypots to the attackers. PageRank, which is a system that ranks pages on the web through outward link analysis, ranks important pages as seen by their users at the top of the search results. Therefore, the paper argues that vulnerable pages on the web, thus applications with large attack surface, are also important to attackers. Therefore, if pages are ranked based on their importance as seen by their users, pages with large attack surface should rank high when attackers search for them. To design a large attack surface, attack surface parameters can be strategically placed in a template as different parameters affect the attack surface differently when placed in a particular way.

AB - Honeypots are security tools often used to attract and learn attacker’s methods or divert attacker’s attention to other unimportant resources. In order to achieve their goal, honeypots need to be identified by the attackers, and this is often the challenge with most honeypots deployments. This paper therefore explores the use of attack surface sizes in web application honeypots to self-advertise their honeypots to the attackers. PageRank, which is a system that ranks pages on the web through outward link analysis, ranks important pages as seen by their users at the top of the search results. Therefore, the paper argues that vulnerable pages on the web, thus applications with large attack surface, are also important to attackers. Therefore, if pages are ranked based on their importance as seen by their users, pages with large attack surface should rank high when attackers search for them. To design a large attack surface, attack surface parameters can be strategically placed in a template as different parameters affect the attack surface differently when placed in a particular way.

M3 - Article

VL - 40

JO - Information & Security: An International Journal

JF - Information & Security: An International Journal

ER -