Honeypots: Sweet OR Sour spot in Network Security?

Abstract

In the past few years, there has been a dramatic escalation of cyber and network attacks. In the next generation of attacks, attackers are more likely to use less malware and instead find valid credentials online. A lot of traditional defensive technologies like intrusion detection, firewalls and prevention systems, anti-malware scanners, fail to detect such breaches. Therefore, there is a need for sophisticated anomaly detection or a deception trap, designed to entice an attacker and when deployed correctly can serve as an early warning and security surveillance tool. The deception trap can be in the form of a server attached to the internet which acts as a decoy, luring in potential hackers and monitoring their activities. Such a system is called a honeypot. Honeypots are designed to mimic the actual systems that the intruder wants to break into but limiting the intruder from accessing the entire network. Despite of several advantages, Honeypots cannot be the ultimate security solution for networks. This paper discusses about the pros and cons of using honeypots as a network security solution for overcoming breaches of information security.