HoneyKube: Designing and Deploying a Microservices-based Web Honeypot

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

36 Downloads (Pure)

Abstract

Over the past few years, we have witnessed a radical change in the architectures and infrastructures of web applications. Traditional monolithic systems are nowadays getting replaced by microservices-based architectures, which have become the natural choice for web application development due to portability, scalability, and ease of deployment. At the same time, due to its popularity, this architecture is now the target of specific cyberattacks. In the past, honeypots have been demonstrated to be valuable tools for collecting real-world attack data and understanding the methods that attackers adopt. However, to the best of our knowledge, there are no existing honeypots based on microservices architectures, which introduce new and different characteristics in the infrastructure. In this paper, we propose HoneyKube, a novel honeypot design that employs the microservices architecture for a web application. To address the challenges introduced by the highly dynamic nature of this architecture, we design an effective and scalable monitoring system that builds on top of the well-known Kubernetes orchestrator. We deploy our honeypot and collect approximately 850 GB of network and system data through our experiments. We also evaluate the fingerprintability of HoneyKube using a state-of-the-art reconnaissance tool. We will release our data and source code to facilitate more research in this field.

Original languageEnglish
Title of host publicationProceeding - 44th IEEE Symposium on Security and Privacy Workshops, SPW 2023
Place of PublicationPiscataway, NJ
PublisherIEEE
Pages1-11
Number of pages11
ISBN (Electronic)979-8-3503-1236-2
ISBN (Print)979-8-3503-1237-9
DOIs
Publication statusPublished - 2023
Event44th IEEE Symposium on Security and Privacy Workshops, SPW 2023 - San Francisco, United States
Duration: 22 May 202325 May 2023
Conference number: 44

Publication series

NameProceeding - IEEE Symposium on Security and Privacy Workshops (SPW)
PublisherIEEE
Volume2023
ISSN (Print)2639-7862
ISSN (Electronic)2770-8411

Conference

Conference44th IEEE Symposium on Security and Privacy Workshops, SPW 2023
Abbreviated titleSPW
Country/TerritoryUnited States
CitySan Francisco
Period22/05/2325/05/23

Keywords

  • Honeypots
  • Kubernetes
  • Microservices
  • Web applications
  • Web security

Fingerprint

Dive into the research topics of 'HoneyKube: Designing and Deploying a Microservices-based Web Honeypot'. Together they form a unique fingerprint.

Cite this