A review of dynamic and intelligent honeypots

Zakaria, Wira Zanoramy A.; Kiah, Miss Laiha Mat

doi:10.2306/scienceasia1513-1874.2013.39s.001

Cited by 8 publications

(1 citation statement)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…GPTpowered honeypots offer the following advantages: Realistic Interaction: GPT models can generate realistic conversations, making the honeypot more persuasive when interacting with attackers. This helps improve the effectiveness of the honeypot, allowing for the collection of more information about the attacker [15] [16].…”

Section: Construct Effective Honeypotsmentioning

confidence: 99%

The power of generative AI in cybersecurity: Opportunities and challenges

Wen

2024

ACE

View full text Add to dashboard Cite

This paper undertakes a comprehensive exploration of the potential and challenges presented by Generative Artificial Intelligence, with particular emphasis on the GPT models, in the field of cybersecurity. Through a meticulous examination of existing literature and pertinent case studies, the paper evaluates the capabilities of these models in the detection and rectification of vulnerabilities, as well as in identifying malicious code. It also highlights the pivotal role of generative AI in enhancing honeypot technology, which has shown promising results in proactive threat detection. While underscoring the significant advantages of utilizing generative AI in bolstering cybersecurity measures, the paper does not shy away from shedding light on the accompanying security exposures. These range from traditional threats like vulnerabilities and privacy breaches to novel dangers such as jailbreaking, prompt injection, and prompt leakage that are associated with the deployment of these AI models. The overarching objective of this paper is to contribute to the ongoing dialogue about the integration of advanced AI technologies into cybersecurity strategies while emphasizing the importance of vigilance against potential misuse. The paper concludes with a call for continued research and development to ensure a safer and more secure cyberspace for all.

show abstract

Section: Construct Effective Honeypotsmentioning

confidence: 99%

The power of generative AI in cybersecurity: Opportunities and challenges

Wen

2024

ACE

View full text Add to dashboard Cite

show abstract

Three decades of deception techniques in active cyber defense - Retrospect and outlook

Zhang¹,

Thing²

2021

Computers & Security

View full text Add to dashboard Cite

On Designing Low-Risk Honeypots Using Generative Pre-Trained Transformer Models With Curated Inputs

Ragsdale,

Boppana

2023

IEEE Access

View full text Add to dashboard Cite

Honeypots are utilized as defensive tools within a monitored environment to engage attackers and gather artifacts for the development of indicators of compromise. However, once these honeypots are deployed, they are rarely updated, making them obsolete and easier to fingerprint as time passes. Furthermore, using fully functional computing and networking devices as honeypots presents the risk of an attacker breaking out from the controlled environment. Large-scale text-generating models, commonly referred to as Large Language Models (LLMs), have seen wide implementation using generative-pretrained transformer (GPT) models. These models have seen an explosion in popularity and have been tuned for various use cases. This paper investigates the use of these models to simulate honeypots that are adaptive to threat engagement without the risk of unintended breakouts. This investigation finds that the method these models use to generate output has limitations that can reveal the deception to a dedicated attacker in extended sessions. To overcome this challenge, this paper presents a method to manage the inputs and outputs to reduce non-deterministic output and token usage of a model generating text in a way that simulates a terminal. An example honeypot is evaluated against a traditional low-risk honeypot, Cowrie, where greater similarity to an actual machine for single commands is achieved. Furthermore, in several multi-step attack scenarios, the proposed architecture reduced the token usage by up to 77% when compared to a baseline scenario that did not manage the inputs to and outputs from an example model. A discussion on the utilization of LLMs for cyber deception, as well as the limitations hindering their broader adoption indicates that LLMs exhibit promise for cyber deception but necessitate further research before achieving widespread implementation.

show abstract

A review of dynamic and intelligent honeypots

Cited by 8 publications

References 16 publications

The power of generative AI in cybersecurity: Opportunities and challenges

The power of generative AI in cybersecurity: Opportunities and challenges

Three decades of deception techniques in active cyber defense - Retrospect and outlook

On Designing Low-Risk Honeypots Using Generative Pre-Trained Transformer Models With Curated Inputs

Contact Info

Product

Resources

About