A security test suite for benchmarking and fingerprinting honeypot systems
External reference persons Giulia Milan - DET
Idilio Drago - UNITO
Research Groups Smartdata, Telecommunication Networks Group
Description Honeypots are decoy systems deployed to study cyberattacks. They mimic the behavior of real systems, trying to engage attackers and obtain as much information as possible about attacking tools and scripts. Many honeypots exist and their realism and level of interaction vary considerably. Moreover, some honeypot systems present clear fingerprints, which differ from the real systems, thus easily leaking the fact that the system is a honeypot.
The goal of this thesis is to develop a set of test tools to fingerprint and benchmark honeypots. Using existing penetration testing environments, such as Metasploit and Burp Suite, the student will develop an environment to validate the effectiveness of different honeypots from several angles, including their capacity to reproduce real systems as well as whether they can hide from tools built to uncover the presence of honeypots.
Required skills - Computer Science or Computer Engineering
- Interest in cyber-security and penetration testing
- Good programming skill (desirable Python)
Deadline 18/11/2022 PROPONI LA TUA CANDIDATURA