Christopher Kelly
A Comparative Analysis of Honeypots on Different Cloud Platforms
Kelly, Christopher; Pitropakis, Nikolaos; Mylonas, Alexios; McKeown, Sean; Buchanan, William J.
Authors
Dr Nick Pitropakis N.Pitropakis@napier.ac.uk
Associate Professor
Alexios Mylonas
Dr Sean McKeown S.McKeown@napier.ac.uk
Lecturer
Prof Bill Buchanan B.Buchanan@napier.ac.uk
Professor
Abstract
In 2019, the majority of companies used at least one cloud computing service and it is expected that by the end of 2021, cloud data centres will process 94% of workloads. The financial and operational advantages of moving IT infrastructure to specialised cloud providers are clearly compelling. However, with such volumes of private and personal data being stored in cloud computing infrastructures, security concerns have risen. Motivated to monitor and analyze adversarial activities, we deploy multiple honeypots on the popular cloud providers, namely Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure, and operate them in multiple regions. Logs were collected over a period of three weeks in May 2020 and then comparatively analysed, evaluated and visualised. Our work revealed heterogeneous attackers’ activity on each cloud provider, both when one considers the volume and origin of attacks, as well as the targeted services and vulnerabilities. Our results highlight the attempt of threat actors to abuse popular services, which were widely used during the COVID-19 pandemic for remote working, such as remote desktop sharing. Furthermore, the attacks seem to exit not only from countries that are commonly found to be the source of attacks, such as China, Russia and the United States, but also from uncommon ones such as Vietnam, India and Venezuela. Our results provide insights on the adversarial activity during our experiments, which can be used to inform the Situational Awareness operations of an organisation.
Citation
Kelly, C., Pitropakis, N., Mylonas, A., McKeown, S., & Buchanan, W. J. (2021). A Comparative Analysis of Honeypots on Different Cloud Platforms. Sensors, 21(7), Article 2433. https://doi.org/10.3390/s21072433
Journal Article Type | Article |
---|---|
Acceptance Date | Mar 26, 2021 |
Online Publication Date | Apr 1, 2021 |
Publication Date | 2021-04 |
Deposit Date | Apr 1, 2021 |
Publicly Available Date | Apr 1, 2021 |
Journal | Sensors |
Electronic ISSN | 1424-8220 |
Publisher | MDPI |
Peer Reviewed | Peer Reviewed |
Volume | 21 |
Issue | 7 |
Article Number | 2433 |
DOI | https://doi.org/10.3390/s21072433 |
Keywords | cloud computing; cybersecurity; honeypot; Google Cloud; AWS; Microsoft Azure |
Public URL | http://researchrepository.napier.ac.uk/Output/2758486 |
Publisher URL | https://www.mdpi.com/1424-8220/21/7/2433 |
Files
A Comparative Analysis Of Honeypots On Different Cloud Platforms
(1.4 Mb)
PDF
Publisher Licence URL
http://creativecommons.org/licenses/by/4.0/
You might also like
Towards The Creation Of The Future Fish Farm
(2023)
Journal Article
Using Social Media & Sentiment Analysis to Make Investment Decisions
(2022)
Journal Article
Downloadable Citations
About Edinburgh Napier Research Repository
Administrator e-mail: repository@napier.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2025
Advanced Search