Malware, malicious software, is on the rise, whether in the form of Trojans, worms, and viruses, bot-net systems, denial of service tools, and hacking programs. Antivirus, firewall, and intrusion detection systems are all essential components of the protections a systems operator might put in place on their users’ computers and the network they operate. Unfortunately, these are passive rather than active protections and so there are limitations to how well they can protect digital resources especially given the dynamic and evolving nature of attacks on seemingly robust systems.
Writing in the International Journal of High Performance Computing and Networking, researchers in China offer a somewhat novel paradigm – an evolving protection system that mimics the dynamics between predator and prey in the natural world.
Leyi Shi, Yuwen Cui, Xu Han, Honglong Chen, and Deli Liu of the China University of Petroleum (East China) in Qingdao, present a novel concept of a mimicry honeypot. This, they suggest, can bewilder adversaries (hackers and malware exploits) by evolving protective systems as network circumstances change when under attack. The team says that in tests their mimicry honeypot performs better than a conventional decoy system that might be in place on a network to attract and so distract malware and hackers away from the actual target. Fundamentally, the evolving honeypot adapts and so is never revealed as a honeypot, or honey-trap, to the attackers.
Shi, L., Cui, Y., Han, X., Chen, H. and Liu, D. (2019) ‘Mimicry honeypot: an evolutionary decoy system’, Int. J. High Performance Computing and Networking, Vol. 14, No. 2, pp.157–164.