A Web-Based Honeypot in IPv6 to Enhance Security
IPv6 is a next-generation IP protocol that replaces IPv4. It not only expands the number of network address resources but also solves the problem of multiple access devices connected to the Internet. While IPv6 has brought excellent convenience to the public, related security issues have gradually e...
Main Authors: | , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
MDPI AG
2020-09-01
|
Series: | Information |
Subjects: | |
Online Access: | https://www.mdpi.com/2078-2489/11/9/440 |
_version_ | 1797553827220553728 |
---|---|
author | Keyong Wang Mengyao Tong Dequan Yang Yuhang Liu |
author_facet | Keyong Wang Mengyao Tong Dequan Yang Yuhang Liu |
author_sort | Keyong Wang |
collection | DOAJ |
description | IPv6 is a next-generation IP protocol that replaces IPv4. It not only expands the number of network address resources but also solves the problem of multiple access devices connected to the Internet. While IPv6 has brought excellent convenience to the public, related security issues have gradually emerged, and an assessment of the security situation in IPv6 has also become more important. Unlike passive defense, the honeypot is a security device for active defense. The real network application and the fake network application, disguised by the honeypot, are located on a similar subnet, and provide a network application service; but, in both cases, behavior logs from unauthorized users are caught. In this manner, and to protect web-based applications from attacks, this article introduces the design and implementation of a web-based honeypot that includes a weak password module and an SQL inject module, which supports the IPv6 network to capture unauthorized access behavior. We also propose the Security Situation Index (SSI), which can measure the security situation of the network application environment. The value of SSI is established according to the different parameters that are based on honeypots. There is a firewall outside the test system environment, so the obtained data should be used as the real invasion data, and the captured behavior is not a false positive. Threats can be spotted smartly by deploying honeypots; this paper demonstrates that the honeypot is an excellent method of capturing malicious requests and can be measured with the SSI of the whole system. According to the information, the administrator can modify the current security policy, which can improve the security level of a whole IPv6 network system. |
first_indexed | 2024-03-10T16:22:09Z |
format | Article |
id | doaj.art-005156d8d99d45f89575683407307efa |
institution | Directory Open Access Journal |
issn | 2078-2489 |
language | English |
last_indexed | 2024-03-10T16:22:09Z |
publishDate | 2020-09-01 |
publisher | MDPI AG |
record_format | Article |
series | Information |
spelling | doaj.art-005156d8d99d45f89575683407307efa2023-11-20T13:33:32ZengMDPI AGInformation2078-24892020-09-0111944010.3390/info11090440A Web-Based Honeypot in IPv6 to Enhance SecurityKeyong Wang0Mengyao Tong1Dequan Yang2Yuhang Liu3School of Continuing Education, Beijing Institute of Technology, Beijing 100081, ChinaSchool of Continuing Education, Beijing Institute of Technology, Beijing 100081, ChinaNetwork Information Technology Center, Beijing Institute of Technology, Beijing 100081, ChinaSchool of Computer, Beijing Institute of Technology, Beijing 100081, ChinaIPv6 is a next-generation IP protocol that replaces IPv4. It not only expands the number of network address resources but also solves the problem of multiple access devices connected to the Internet. While IPv6 has brought excellent convenience to the public, related security issues have gradually emerged, and an assessment of the security situation in IPv6 has also become more important. Unlike passive defense, the honeypot is a security device for active defense. The real network application and the fake network application, disguised by the honeypot, are located on a similar subnet, and provide a network application service; but, in both cases, behavior logs from unauthorized users are caught. In this manner, and to protect web-based applications from attacks, this article introduces the design and implementation of a web-based honeypot that includes a weak password module and an SQL inject module, which supports the IPv6 network to capture unauthorized access behavior. We also propose the Security Situation Index (SSI), which can measure the security situation of the network application environment. The value of SSI is established according to the different parameters that are based on honeypots. There is a firewall outside the test system environment, so the obtained data should be used as the real invasion data, and the captured behavior is not a false positive. Threats can be spotted smartly by deploying honeypots; this paper demonstrates that the honeypot is an excellent method of capturing malicious requests and can be measured with the SSI of the whole system. According to the information, the administrator can modify the current security policy, which can improve the security level of a whole IPv6 network system.https://www.mdpi.com/2078-2489/11/9/440IPv6web-based honeypotsituation awarenessnetwork securitySecurity Situation Index (SSI) |
spellingShingle | Keyong Wang Mengyao Tong Dequan Yang Yuhang Liu A Web-Based Honeypot in IPv6 to Enhance Security Information IPv6 web-based honeypot situation awareness network security Security Situation Index (SSI) |
title | A Web-Based Honeypot in IPv6 to Enhance Security |
title_full | A Web-Based Honeypot in IPv6 to Enhance Security |
title_fullStr | A Web-Based Honeypot in IPv6 to Enhance Security |
title_full_unstemmed | A Web-Based Honeypot in IPv6 to Enhance Security |
title_short | A Web-Based Honeypot in IPv6 to Enhance Security |
title_sort | web based honeypot in ipv6 to enhance security |
topic | IPv6 web-based honeypot situation awareness network security Security Situation Index (SSI) |
url | https://www.mdpi.com/2078-2489/11/9/440 |
work_keys_str_mv | AT keyongwang awebbasedhoneypotinipv6toenhancesecurity AT mengyaotong awebbasedhoneypotinipv6toenhancesecurity AT dequanyang awebbasedhoneypotinipv6toenhancesecurity AT yuhangliu awebbasedhoneypotinipv6toenhancesecurity AT keyongwang webbasedhoneypotinipv6toenhancesecurity AT mengyaotong webbasedhoneypotinipv6toenhancesecurity AT dequanyang webbasedhoneypotinipv6toenhancesecurity AT yuhangliu webbasedhoneypotinipv6toenhancesecurity |