Feedback

Faculté des Sciences appliquées
Faculté des Sciences appliquées
MASTER THESIS
VIEW 218 | DOWNLOAD 509

Master thesis : Honeypot Evolution: Creation Guidelines and Implementation for Third-Party Application Behavior Study Using Cisco SecureX as Monitoring Toolkit

Download
Deflandre, Guilian ULiège
Promotor(s) : Donnet, Benoît ULiège ; De Pra, Hugues
Date of defense : 27-Jun-2022/28-Jun-2022 • Permalink : http://hdl.handle.net/2268.2/14580
Details
Title : Master thesis : Honeypot Evolution: Creation Guidelines and Implementation for Third-Party Application Behavior Study Using Cisco SecureX as Monitoring Toolkit
Author : Deflandre, Guilian ULiège
Date of defense  : 27-Jun-2022/28-Jun-2022
Advisor(s) : Donnet, Benoît ULiège
De Pra, Hugues 
Committee's member(s) : Leduc, Guy ULiège
Mathy, Laurent ULiège
Language : English
Keywords : [en] honeypot
[en] SecureX
[en] honeytoken
[en] monitoring
[en] Elasticsearch
[en] RDP
[en] service monitoring
Discipline(s) : Engineering, computing & technology > Computer science
Target public : Researchers
Professionals of domain
Student
General public
Institution(s) : Université de Liège, Liège, Belgique
Degree: Master : ingénieur civil en informatique, à finalité spécialisée en "computer systems security"
Faculty: Master thesis of the Faculté des Sciences appliquées

Abstract

[en] In a world where the cyber threat has never been higher, getting to know the adversary is more important than ever. While traditional computer security technologies strive to keep insiders outside the perimeter they defend, honeypots try at all cost to be the primary targets of cyber attacks. They attempt not only to detect these last but also to collect useful information about the black hat community. This thesis aims at defining strong frameworks to create and monitor efficiently the limitless technology that honeypots represent. Through two practical implementations, these frameworks will be used to create two different type of these devices. A first low interaction honeypot will simulate Microsoft's remote desktop protocol for both detection and research. The second is a medium interaction research one feigning an Elastic stack deployment. Relying on the elaborated powerful monitoring framework, efficient strategies will be elaborated using industry IT toolkit to ensure the proper monitoring of these security tools, thus drastically reducing the risk which is too often unfairly associated with them. The data accumulated by these two deployments will show that in a short amount of time, a significant quantity of valuable information, not only for the research community but also for the corporate world, can already be collected by these devices, pointing to their promising future.

Author

  • Deflandre, Guilian ULiège Université de Liège > Master ingé. civ. info., à fin.

Promotor(s)

Committee's member(s)

  • Leduc, Guy ULiège Université de Liège - ULiège > Dép. d'électric., électron. et informat. (Inst.Montefiore) > Réseaux informatiques
    ORBi View his publications on ORBi
  • Mathy, Laurent ULiège Université de Liège - ULiège > Dép. d'électric., électron. et informat. (Inst.Montefiore) > Systèmes informatiques répartis et sécurité
    ORBi View his publications on ORBi
  • Total number of views 218
  • Total number of downloads 509










All documents available on MatheO are protected by copyright and subject to the usual rules for fair use.
The University of Liège does not guarantee the scientific quality of these students' works or the accuracy of all the information they contain.