Abstract:
In today computer security field, honeypot technology is rapidly maturing and various types of honeypots are establishing their role of countermeasure as viable and useful in modern network defense system. In this paper, we proposed the anti network scanning honeypot system that can deceive to potential hackers’ remote network scanning attempts. The proposed system dynamically creates virtual honeypot machines with configured virtual TCP/IP networking stack of different OS and these virtual honeypots can response different types of network scanning attempts correctly. The proposed system hides the real topology of internal networks design and displays the layout of virtual machines with configured virtual routing topology to remote hackers. The proposed system can detect different types of network scanning attempts and produce log for further analysis.