Abstract: A security tool is called a honeypot help to spot and stop unwanted behavior on a computer or network. In essence, it is a trap that is set up to entice attackers by simulating weak systems or sensitive information, and then watching and analyzing their behavior. A honeypot's objective is to acquire details about the methods, tactics, and techniques used by attackers so that the network's overall security can be enhanced. In addition to identifying and isolating compromised systems, honeypots can be used to divert attackers away from more valuable systems. Security experts and researchers utilize honeypots to better understand the tactics and motives of attackers. They are able to acquire data that will help strengthen network security, as well as to detect and monitor novel sorts of threats. There are various kinds of honeypots, such as low-interaction ones that just imitate a tiny section of a system and high-interaction ones that simulate an entire system. Low-interaction honeypots are frequently simpler to install and keep up, but they reveal less about the attacker's activities. On the other side, high-interaction honeypots offer more comprehensive data but demand more resources and are more difficult to set up and manage. In general, a honeypot is a useful tool for enhancing network security and guarding against cyberattacks.
IndexTerms – Honeypot, sockets, TCP, UDP Honeynet, Honeywall, Intrusion Detection
| DOI: 10.17148/IJARCCE.2023.12358