This research paper analyses the usage of honeynets and whether practical honeynets could replace the conventional honeynets in Pakistan. Along with that, virtualization is besides an of import factor which is addressed here. In Pakistan, virtualization and honeynets are non common therefore this paper tries to happen out the grounds and so provides solutions as to how the consciousness could be created. A literature reappraisal is done to happen out if virtualization is mature plenty to be used in professional universe and besides whether practical honeynets have the capableness to execute like traditional honeynets.
After the literature reappraisal, a study was carried out to happen the replies with regard to the conditions of Pakistan. Some inquiries addressed are why honeynets are non common, whether virtualization is a good solution, can practical honeynets perform the occupations of conventional honeynets and etc. A decision is drawn after looking at both study and literature reappraisal along with some proposed recommendations.
Index Terms- Honeypots, Honeynets, Virtualization, Virtual Honeynets, Information Security, Network onslaughts
There are so many exposures on the cyberspace. Attacks like burlesquing, whiffing, denial of service, listen ining may destruct the web of any company and through these onslaughts hackers can chop the whole web and steal the of import information of the company. Therefore, to protect information a good mechanism is needed. Virtual honeynets are non merely cost effectual but besides a good beginning to larn methods of onslaughts which could be used to specify bar methods.
To understand practical honeynets and its advantages, there is a demand to acknowledge what honeynets are. Honeynets are particular web created which is meant to be compromised. They are high interaction honeypots. [ 7. ] A Honeypot, harmonizing to Lance Spitzner is, “ aˆ¦ an information system resource whose value lies in unauthorised or illicit usage of that resource. ” [ 17. ]
The king proteas are made into webs known as honeynets that are applied behind a crystalline gateway, which is known as honeywall so that aggressors can easy irrupt the system and their onslaughts can be monitored. [ 7. ] It is kind of a silent person web created in order to salvage the existent web from acquiring hacked. That is why honeynets are most popularly referred to as security through misrepresentation. [ 18. ]
Making such a web is really expensive and consumes a batch of power and care cost. In order to back up green IT and salvage costs practical Honeynets came into being. It is a complete Honeynet running on a individual computing machine in practical environment. They can be developed with the aid of practical machines on package such as VMware. [ 7. ]
In Pakistan, honeynets itself are non a common phenomenon and virtualization is still new here. Other than that, non many houses would be willing plenty to pass so much cost to make honeynets. Therefore practical honeynets can give them security with really low cost and few resources. Therefore, our research is based on whether practical honeynets can replace traditional honeynets. However Pakistan Chapter of honeynet undertaking is working hard to make the consciousness, by carry oning workshops and seminars, and assist deploy honeynet substructures where possible. [ 12. ]
Traditional Honeypots and Honeynets
How are they helpful
Honeynets are designed specifically for the intent of being compromised so the informations collected on interlopers is traveling to be analyzed. Honeynets are largely for web analysts ‘ involvement and analysing common onslaughts on webs. Along with that, Honeypots can be besides used for exposure sensing that was non yet found. [ 8. ] [ 16. ] . Honeypots delay the onslaught on the existent mark and do the aggressor waste clip [ 1. ] . Similarly the better the integrating of Honey Pot into your system, the more effectual it will be and expert suggests that puting the Honey Pot machine on its ain web and behind a firewall or router.
The of import advantage of honeynet is to observe the stairss of how interlopers attack. [ 11. ] Information collected from these honeynets can non merely be used to analyse and supervise attack the onslaught tendencies but besides can used to educate people. [ 18 ]
The better the integrating of Honey Pot into your system, the more effectual it will be and expert suggests that puting the Honey Pot machine on its ain web and behind a firewall or router. [ 9. ]
However, there are some hazards involved with king proteas and honeynets. Honeypots have limited position which means it tracks and/or gaining controls merely those activities that interacts with them straight. That ‘s why they can non capture attacks other systems
The hazard with king proteas by deploying them could make extra hazards and set whole organisation IT security at hazard. Depending on the type of king protea anyone can take over the systems and can assail on other systems. This could do to serious legal effects.
How virtualization can profit concerns
Virtualization is a engineering that allows running of a figure of machines, practical or simulated, on a individual machine. Each practical machine Acts of the Apostless as an independent operating system. Installation and running at the same time with others. This is done by sharing the machine ‘s physical resources such as memory, storage, CPU and peripherals through specialised package. This reduces hardware costs. Virtualization engineering has served as an of import tool and engineering for the design and evolutionary development of computing machine systems. [ 7. ]
A practical king protea has the capableness to emulate several king proteas on merely one machine, which provides more flexibleness. [ 11. ] Virtual honeynets can be created utilizing VMware and Linux distributions. It is a solution that allows us to run everything we need on a individual computing machine. [ 7. ]
How are they different from traditional honeynets
Traditional honeynets are really dearly-won. To turn to the demand for protection for each machine are installed king protea system costs excessively many jobs, you can utilize engineering to imitate practical Honeypot multiple systems in order to pull more onslaughts or interlopers. [ 1. ]
Harmonizing to the article Design of Virtual Honeynet Collaboration System in Existing Security Research Networks, “ Virtualization engineerings ( VTs ) are a mature and of import engineering. ” [ 1. ] Along with that many other beginnings suggest that practical king proteas are honeynets can work good. [ 1. ] [ 7. ] [ 9. ] However, the inquiry is about Pakistan. In many states, virtualization and honeynets have become mature but non in Pakistan. Organizations still have n’t accepted both the constructs. To back up this and to happen out if honeynets could be used by Pakistani houses, we carried out this research.
The survey fills the spread of cognition approximately honeynets every bit good as about practical honeynets and their advantages and besides why practical honey cyberspaces are better solution for web security. Along with that, we aim to advance the advantages of virtualization. With this, we tend to advance and promote concerns in Pakistan to choose for virtualization and practical honeynets to acquire the same benefits of the traditional methods with lesser the cost, resources and country required.
“ Can Virtual Honeynets replace traditional honeynets with the credence of virtualization? ”
The chief aims of honeynets is to non merely deflect the hacker and maintain it occupy in acquiring information which is of no value, but besides to garner information of all the stairss that the interloper follows. To better information security and prevent from zero twenty-four hours onslaughts, honeynets could be used. However, practical honeynets can be a cost effectual solution for Pakistani houses to choose for and remain cognizant of the demand for information security.
Our hypothesis is that “ Virtualization can be accepted and hence practical honeynets will replace traditional honeynets ” .
In order to compare the traditional Honeynets and Virtual Honeynets we need to analyze about them. Analyze how these two things are different from each other than conclude if our hypothesis is right or non. So far as per our perceptual experience Virtual Honeynets are a major discovery in the technological and virtualization universe as it is meant to heighten security in a cost effectual manner.
So our research was based on assorted geographic expeditions sing the two engineerings by and large and applications in these countries. This enabled us to give a bird ‘s oculus position of both the engineerings and we will be able to see to what extent these engineerings are similar and how they are different.
Explanatory Research ( Literature Review )
We started off with specifying the major job statement out of the sphere described supra. This was an built-in part of our hypothesis phase.
We browsed through assorted writers, magazines and cyberspace. This gave us a clear apprehension and a differentiation between the two related engineerings. Our hunts and surveies provided us with proficient groundss of to what extent the virtualization, honeynets and practical honeynets are being developed. This enabled us to meet the possibilities that practical honeynets will replace traditional honeynets or non?
We even studied the IEEE and ACM publications to acquire a clearer image of our thought and its practicality. Our motivation was to roll up adequate grounds to back up our hypothesis. Furthermore we are looking at work done in Honeynet undertaking web site [ 21. ] and Pakistan chapter web site. [ 12. ]
One of the major facets of our survey was to analyse the extent to which companies in Karachi are ready to follow the alteration and accept Virtualization and Virtual Honeynets. This is extremely impossible for us to carry on a general survey and take a feedback from samples of people. However, we can certainly carry on our surveies to a little degree. For this we conducted studies from assorted people who are presently working in IT and calculating field! We communicated with some people through on-line questionnaire ( Google Docs ‘ Form ) [ 23. ] and with others we met them personally and got the questionnaires filled.
Our motivation was to acquire an thought of how much people are cognizant of honeynet engineering and virtualization. Along with that, we wanted to garner their positions on if they are of import and how it can be promoted. The decisions drawn enabled us to make towards our end.
Since we wanted to garner the positions of people working in the field of IT and calculating, therefore we prepared a precise questionnaire so that it does non take much clip for them to make full. We had even sent our questionnaire to international research workers and professionals who are working in the field of IT and Information Security.
Target Audience ( Sample )
Our mark was to make people within the undermentioned chart:
Fig. 1 Target Respondents Our purpose was to garner at least 45 respondents so that we could come to a decision.
Analysis and Findingss
A sum of 50 people filled our questionnaire. The combined consequence helped us to come to a decision. Many of the respondents were pupils, IT professionals, IT/Network Support and etc. However, we tried to acquire through some of the concern related professionals so that the importance of procuring information could be found.
Need for Information security
Our first inquiry was asked to happen out whether people have a high demand for information security or non. The literature reappraisal suggested that information security is a really of import facet for many. [ 1. ] [ 16. ] However, as this survey is related to Pakistan, hence positions of locals were required. If there is a high demand for information security, so there is besides a high demand for procuring it.
Harmonizing to our research, 88 % people believe that information security is highly of import for their organisation. This is the ground that companies invest so much merely to procure their informations. If security is to be implemented, so methods of onslaughts are to be known. Such methods could be known by utilizing honeynets.
Honeynets is non a really uncommon phenomenon in many parts of the universe. However, in Pakistan it is still non really much known. Merely the proficient and related people are cognizant of it. This is what we had assumed at the start of our research. After our research, it can be concluded that there exist a immense ball in the population here who have small or no cognition about honeynets. From our respondents, 50 % knew about honeynets and the other 50 % of the respondents knew small or nil about them.
The point of concern is that some people even from calculating or related field even had small or no thought about king proteas and honeynets. Therefore, there is a deficiency of awareness amongst people sing this engineering. That is why there were about 28 % of people who did non cognize if honeynets are used in Pakistan or non. The figure below shows that merely 14 % of people feel that organisations here use honeynets. On the other manus, 36 % believe that they are non used at all. And 22 % people are of the position that honeynets are used to merely some extend and non wholly.
Fig. 2 Are Honeynets used in Pakistan?
Utility and relevancy of utilizing honeynets in Pakistani industries
An of import inquiry, harmonizing to us, is whether honeynets are really relevant for Pakistani industries. And if they are so why are they non used.
Our analysis shows that around 54 % suggests that honeynets are utile in Pakistan to procure information. Whereas about 26 % people think it is highly utile. Others are non excessively positive of its utility. Even so maximal population favours honeynet due to its characteristics. These consequences are besides shown in the figure below.
The inquiry now arises that if honeynets are that utile, so why they are non used to a great extend? We had given the respondents a few picks that we believed were the grounds and besides kept an option unfastened where if they do n’t hold with the list can set in their position. This inquiry besides allowed multiple options to be selected, therefore the amount of per centums exceed 100. It is rather clear from the figure below that most of the people, in fact 83 % of the people, believe that this is all due to the deficiency of consciousness. Merely below this is the ground of cost, to which 52 % people believe is the ground. A few people who chose to compose their point in others gave the ground that information security is non considered as a serious issue by the directions, which is why honeynets are non used.
Fig. 3 Why honeynets are non used in Pakistan?
Fig. 4 Full statistics of why honeynets are non used in Pakistan
The ground for utilizing practical honeynets is non merely cost decrease but besides easier deployment and direction. [ 1. ] [ 9. ] Our earlier premises are now supported with this analysis of our respondents. Around 51 % of people do believe that cost is an issue due to which traditional honeynets are non deployed. Harmonizing to us, if consciousness is created for something which is expensive and can acquire hard to deploy, so many would retrieve the engineering, but wo n’t use it before it gets low-cost. Whereas, solutions like practical honeynets can promote even medium sized houses to deploy it.
Along with that, information collected from these practical honeynets could be used to make the consciousness amongst people of the demand for information security, as some respondents suggests that direction does non take it earnestly. [ 18. ]
Virtualization consciousness and utility in Pakistani industries
The construct of practical honeynets came after the outgrowth of virtualization. Harmonizing to our literature reappraisal and explanatory research, it is clear that virtualization is non a new thought. In fact, it has emerged and now a really mature engineering. It non merely follows the Green IT political orientation, but besides provides a flexible and cost effectual solution. [ 1. ] [ 7. ]
Using this to implement honeynets would non merely salvage a batch of cost but besides provide all the advantages of virtualization such as flexibleness and portability. [ 9. ] [ 11. ] [ 8. ]
However, in Pakistan virtualization is still non really much accepted and people are non cognizant of it as much. We asked our respondents as to whether they believe it is utile and can replace the traditional methods of work or non. Around 42 % people were of the position that is utile to a great extent. Along with that, other 34 % respondents besides felt that to an extent it is really much utile and can replace the conventional patterns. Merely about 10 % people considered virtualization non that utile. Therefore, we can reason that maximal figure of people consider virtualization as an of import engineering.
Virtual honeynets ‘ pertinence in Pakistan
Many of the respondents were of the position that honeynets are non popular in Pakistan and therefore they are non used. The inquiry here is that whether practical honeynets solve the jobs that companies face due to which they do n’t put in conventional honeynets. When asked, around 58 % people said yes it can work out the jobs. Merely 8 % were of the position that they can non work out the issues. Rest of them either did non cognize or they believed that merely to an extent the issues could be solved. Overall respondents ‘ answer goes in favour of practical honeynets. Their thought is that it can work out the issues due to which companies do n’t put in the traditional honeynets.
Fig. 5 Virtual Honeynets a possible solution of jobs due to which companies does n’t utilize conventional honeynets
Replacing traditional honeynets with practical honeynets
The literature reappraisal assured that practical honeynets are capable of executing up to the grade. However, to back up this we needed our respondents ‘ positions as good. When asked to them whether practical honeynets can make work of the traditional honeynets or non, merely 2 % people said that it can non make it. However, around 54 % people said that it can execute merely like a conventional honeynet. Of the remainder, 18 % did non cognize and 26 % were of the position that to some extent it capable of making all the traditional honeynets ‘ occupations.
Fig. 6 Virtual Honeynets capable of making all traditional honeynets ‘ occupations
One of the major concerns that came from the respondents was that there is deficiency of awareness amongst people non merely sing king proteas and honeynets, but besides sing the importance of information security. This was besides one of our premises. Therefore, we had put a inquiry in the study where the respondents could non merely supply their position point but besides suggest ways in which these could be promoted and consciousness could be created.
About all the respondents suggested the undermentioned things:
Keeping consciousness workshops,
Publication of enlightening articles
Use of electronic and print media
Some even suggested in doing such consciousness workshops where net income is linked. This means that people should cognize that by puting in such tools they are non blowing money but salvaging it. Loss of valuable information could take to major crisis. Therefore, to heighten security honeynets should be implemented. Virtual honeynets is one of those solutions which non merely costs a batch lesser but besides provides more flexibleness.
Consequences And Recommendations
The consequences of our study and explanatory research were all prefering the usage of practical honeynets as they are non merely flexible but cost effectual every bit good. Information security is one of the top concerns for any organisation, as loss of valuable information could take to serious amendss. Therefore, an effectual solution such as honeynets is really much needed.
However, due to cost and deficiency of awareness amongst people sing information security and honeynets it is non popularly used in Pakistan. In fact many respondents believed that it is non used at all. Thus practical honeynets come as a savior to replace conventional honeynets by supplying advantages similar to conventional honeynets and added characteristics of virtualization. This provides flexibleness and portability.
Harmonizing to our study, virtualization to a great extent is a really cost effectual solution that has the capableness to replace traditional methods. Sing all this and study responses, practical honeynets therefore becomes a solution to the jobs that most houses face due to which they do n’t put in honeynets. It besides has the capableness to work like a traditional honeynet and therefore proves to be a solution that could be adopted.
However consciousness is yet to be created for which things like workshop and seminars could be opted where demand for information security and honeynets is realized.
To happen out if all this is applicable for Pakistan, we conducted a study where respondents were asked to make full a little questionnaire. Their responses suggested that there is a strong demand for information security and therefore honeynets will be highly good. However, due to miss of consciousness and costs, they are non used to a great extent. However, virtualization is engineering that comes to deliver by supplying honeynet services at lower costs with added advantages such as flexibleness. Virtual honeynets can work similar to traditional honeynets and can be a solution to the jobs which is why companies do n’t put in honeynets. Nevertheless consciousness of the demand of both honeynets and information security is needed to be realized amongst the people of Pakistan.
In non so distant hereafter, virtualization and practical honeynets would be used even in Pakistan. This is because of the portability required and higher demand for information security. As choping becomes easy, security becomes hard. Therefore, mechanism such as practical honeynets are required which can non merely provide security but besides provide tendency analysis of onslaughts in lower costs and more flexibleness.
We would wish to thank Almighty Allah for his changeless support and approvals. Then we would thank our parents for everything we can perchance believe off!
Thank you Mr. Asim Riaz, BS Computing Coordinator and class teacher for actuating us, steering us, assisting us, knocking us and being a beginning of inspiration for us.
This article would hold been uncomplete without the positions, counsel and support of Dr. Husnain Mansoor Ali, MS Computing Coordinator.
Last and non the least we would wish to thank all the participants who gave us their cherished clip during our observation and experiment phase, the institutes we visited, our friends, familiarities and category chaps for assisting us, edify us, knocking us and giving their changeless support. Without all of them this research study would hold been wholly impossible.