Advertisement

Dynamic Container Virtualization as a Method of IoT Infrastructure Security Provision

  • Andrey IskhakovEmail author
  • Anastasia Iskhakova
  • Roman Meshcheryakov
Conference paper
Part of the Lecture Notes in Networks and Systems book series (LNNS, volume 95)

Abstract

This article proposes an approach to security provision of one of the key bases of digital transformation – the technology of the Internet of things (IoT). The effective technology of carrying out the information security audit with application of Honeypot systems is the cornerstone of the article and the offered method. The main advantages of the use of container virtualization, unlike application of traps on the basis of virtual machines, are formulated by the authors. The method of protection of a similar infrastructure by means of integration of dynamic container virtualization of network traps is considered. The article contains information on implementation of the offered method, comparison of results with existing solutions, and a summary table with the actual results of an experiment. A detailed flowchart of functioning of the offered method is also provided in the work. The proposed solutions allow to increase efficiency of the malefactor’s actions analysis. The administrator of IoT devices network can obtain information about the priority purposes, the used by malefactor means, and vulnerabilities of various elements of network. These circumstances give an opportunity to quickly take measures for increase in security of network and to avoid its compromise.

Keywords

Internet of Things Container virtualization HoneyPot Information security Audit of network infrastructure 

Notes

Acknowledgments

The reported study was partially funded by RFBR according to the research project № 19-01-00767.

References

  1. 1.
    Alosefer, Y., Rana, O.: Honeyware: a web-based low interaction client honeypot. In: 2010 Third International Conference on Software Testing, Verification, and Validation Workshops (ICSTW), pp. 410–417 (2010)Google Scholar
  2. 2.
    Cabaj, K., Denis, M., Buda, M.: Management and analytical software for data gathered from HoneyPot system. Inf. Syst. Manag. 2 (2013)Google Scholar
  3. 3.
    Chawda, K., Patel, A.D.: Dynamic & hybrid honeypot model for scalable network monitoring. In: International Conference on Information Communication and Embedded Systems (ICICES2014), Chennai, pp. 1–5 (2014)Google Scholar
  4. 4.
    Cleary, M., Corpin, M., Cox, O., Lau, H., Nahorney, B., O’Brien, D., O’Gorman, B., Power, J.-P., Wallace, S., Wood, P., Wueest, C.: ISTR. Internet Security Threat Report (Symantec), vol. 23. Symantec Corporation, Mountain View, USA (2018)Google Scholar
  5. 5.
    Eftimie, S., Răcuciu, C.: Honeypot system based on software containers Mircea cel Batran. Naval Acad. Sci. Bull. 19(2), 415–418 (2016)Google Scholar
  6. 6.
    Fraunholz, D., Zimmermann, M., Schotten, H.D.: An adaptive honeypot configuration, deployment and maintenance strategy. In: 19th International Conference on Advanced Communication Technology (ICACT), pp. 53–57 (2017)Google Scholar
  7. 7.
    Iskhakov, A., Meshcheryakov, R., Ekhlakov, Yu.: The Internet of Things in the security industry. In: Interactive Systems Problems of Human-Computer Interaction: Collection of Scientific Papers, pp. 161–168 (2017)Google Scholar
  8. 8.
    Iskhakova, A., Meshcheryakov, R., Iskhakov, A., Timchenko, S.: Analysis of the vulnerabilities of the embedded information systems of IoT-devices through the honeypot network implementation. In: Proceedings of the IV International Research Conference “Information Technologies in Science, Management, Social Sphere and Medicine” (ITSMSSM 2017), pp. 363–367 (2017)Google Scholar
  9. 9.
    Kuskov, V., Kuzin, M., Shmelev, Ya., Makrushin, D., Grachev, I.: Traps of “Internet of things”. The analysis of the data collected on IoT-traps of Kaspersky Lab. SecureList (2017)Google Scholar
  10. 10.
    Kyriakou, A., Sklavos, N.: Container-based honeypot deployment for the analysis of malicious activity. In: 2018 Global Information Infrastructure and Networking Symposium (GIIS), Thessaloniki, Greece, pp. 1–4 (2018)Google Scholar
  11. 11.
    Lihet, M., Dadarlat, P.D.V.: Honeypot in the cloud. Five years of data analysis. In: 17th RoEduNet Conference Networking in Education and Research (RoEduNet), Cluj-Napoca, pp. 1–6 (2018)Google Scholar
  12. 12.
    Lipatnikov, V.A., Shevchenko, A.A., Yatskin, A.D., Semenova, E.G.: Information security management of integrated structure organization based on a dedicated server with container virtualization. Inf. Control Syst. 89(4), 67–76 (2017). (in Russia)Google Scholar
  13. 13.
    Luo, T., Xu, Z., Kin, X., Jia, Y., Ouyang, X.: IoTCandyJar. Towards an Intelligent-Interaction Honeypot for IoT Devices, pp. 1–11. Blackhat (2017) Google Scholar
  14. 14.
    Pa, Y.M.P., Suzuki, S., Yoshioka, K., Matsumoto, T., Kasama, T., Rossow, C.: IoTPOT analysing the rise of IoT compromises. USENIX WOOT (2015)Google Scholar
  15. 15.
    Pauna, A., Bica, I.: RASSH – Reinforced adaptive SSH honeypot. In: 10th International Conference on Communications (COMM), Bucharest, pp. 1–6 (2014)Google Scholar
  16. 16.
    Sekar, K.R., Gayathri, V., Anisha, G., Ravichandran, K.S., Manikandan, R.: Dynamic honeypot configuration for intrusion detection. In: 2nd International Conference on Trends in Electronics and Informatics (ICOEI), Tirunelveli, pp. 1397–1401 (2018)Google Scholar
  17. 17.
    Sembiring, I.: Implementation of honeypot to detect and prevent distributed denial of service attack. In: 3rd International Conference on Information Technology, Computer, and Electrical Engineering (ICITACEE), Semarang, pp. 345–350 (2016)Google Scholar
  18. 18.
    Sever, D., Kišasondi, T.: Efficiency and security of docker based honeypot systems. In: 41st International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), Opatija, pp. 1167–1173 (2018)Google Scholar
  19. 19.
    Yagi, T., Tanimoto, N., Hariu, T., Itoh, M.: Enhanced attack collection scheme on high-interaction web honeypots. In: The IEEE Symposium on Computers and Communications (ISCC), pp. 81–86 (2010)Google Scholar
  20. 20.
    Yatskin, A.D.: Dynamic honeypot-systems based on container virtualization, diploma work of a specialist. (in Russian). http://elib.spbstu.ru/dl/2/v16-128.pdf/download/v16-128.pdf

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  • Andrey Iskhakov
    • 1
    Email author
  • Anastasia Iskhakova
    • 1
  • Roman Meshcheryakov
    • 1
  1. 1.V. A. Trapeznikov Institute of Control Sciences of Russian Academy of SciencesMoscowRussia

Personalised recommendations