İstanbul Ticaret Üniversitesi Fen Bilimleri Dergisi 1305-7820 2587-165X Istanbul Ticaret University 10.55071/ticaretfbd.1245975 Computer Software Bilgisayar Yazılımı BALKÜPLERİNİN SALDIRI VE SAVUNMA AÇISINDAN İNCELENMESİ EXAMINATION OF HONEYPOTS FROM OFFENSIVE AND DEFENSIVE PERSPECTIVE https://orcid.org/0000-0002-2524-439X Karabay Muhammed Sadık Kuveyt Türk Katılım Bankası https://orcid.org/0000-0002-6133-8617 Eyüpoğlu Can MİLLİ SAVUNMA ÜNİVERSİTESİ, HAVA HARP OKULU 06 29 2023 22 43 15 32 02 01 2023 04 13 2023 Copyright © 2002, İstanbul Commerce University Journal of Science 2002 İstanbul Commerce University Journal of Science

Geçtiğimiz son 20 yıldaki teknolojik gelişmelerle beraber bilgisayar ağlarının kapasitesi ve bağlanan cihaz sayısı sürekli artmaktadır. Özellikle nesnelerin interneti (Internet of Things-IoT) teknolojisi ile internete bağlı cihaz sayısının 50 milyarı aşması beklenmektedir. Son kullanıcı tarafından kullanılan akıllı cihazlar ve bu cihazların kullanımındaki artış beraberinde devasa boyutlardaki veri akışını da getirmiştir. Covid-19 süreci ile uzaktan çalışma, çevrimiçi eğitim vb. durumlar neredeyse tüm işlemleri internet üzerinden yürütmeye ve verilere internet üzerinden erişime olanak vermiştir. Tüm bunlarla beraber, verilerin saklandığı, yürütüldüğü ve işlendiği sistemler saldırganların hedefi haline gelmiştir. Bu çalışmada olası siber saldırı senaryolarında saldırganların kurumsal ağ sisteminin içine sızması durumunda saldırganların dikkatini başka yöne çekmesine olanak sağlayacak balküpü sistemleri, hem saldırgan hem de savunan bakış açısıyla ele alınmıştır.

With the technological developments in the last two decades, the capacity of computer networks and the number of connected devices are constantly increased. Especially with the Internet of Things (IoT) technology, the number of devices connected to the Internet is expected to exceed 50 billion. The smart devices used by the end users and the increase in the use of these devices have brought with them huge data flow. With the Covid-19 process, remote work, online education, etc. systems have made it possible to do almost all activities online and to access data over the internet. With all this, the systems in which data is stored, executed and processed have become the target of attackers. In this study, honeypot systems, which will allow attackers to divert the attention of attackers in case of infiltration into the corporate network system in possible cyber attack scenarios, are discussed from both the attacker and the defender perspective.

 Balküpü Siber Saldırı Tuzak Sistemler Kızıl Takım Cyber attack honeypot red team trap systems Al-Jameel, S., & Alanazi, A. A. (2021). Honeypots Tools Study and Analysis. International Journal of Computer Science & Network Security, 21(1), 162-173. Amal, M. R., & Venkadesh, P. (2023). H-Doctor: Honeypot based firewall tuning for attack prevention. Measurement: Sensors, 25, 100664. Bagyalakshmi, G., Rajkumar, G., Arunkumar, N., Easwaran, M., Narasimhan, K., Elamaran, V., & Ramirez-Gonzalez, G. (2018). Network vulnerability analysis on brain signal/image databases using Nmap and Wireshark tools. IEEE Access, 6, 57144-57151. Borkar, A., Salunke, A., Barabde, A., & Karlekar, N. P. (2011, February, 25-26). Honeypot: a survey of technologies, tools and deployment. Proceedings of the International Conference & Workshop on Emerging Trends in Technology, India, 1357-1357. Bringer, M. L., Chelmecki, C. A., & Fujinoki, H. (2012). A survey: Recent advances and future trends in honeypot research. International Journal of Computer Network and Information Security, 4(10), 63-75. Campbell, R. M., Padayachee, K., & Masombuka, T. (2015, December, 14-16). A survey of honeypot research: Trends and opportunities. In 10th International Conference for Internet Technology and Secured Transactions (ICITST), IEEE, 208-212. Chen, P. T., Laih, C. S., Pouget, F., & Dacier, M. (2005, November, 07-09). Comparative survey of local honeypot sensors to assist network forensics. In First International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE'05), IEEE, 120-132. Dalamagkas, C., Sarigiannidis, P., Ioannidis, D., Iturbe, E., Nikolis, O., Ramos, F., ... & Tzovaras, D. (2019, June, 24-28). A survey on honeypots, honeynets and their applications on smart grid. In 2019 IEEE Conference on Network Softwarization (NetSoft), IEEE, 93-100. Denis, M., Zena, C., & Hayajneh, T. (2016, April, 29-29). Penetration testing: Concepts, attack methods, and defense strategies. In 2016 IEEE Long Island Systems, Applications and Technology Conference (LISAT), IEEE, 1-6. Fan, W., Du, Z., Fernández, D., & Villagra, V. A. (2017). Enabling an anatomic view to investigate honeypot systems: A survey. IEEE Systems Journal, 12(4), 3906-3919. Grimes, R. A. (2005). Honeyd Configuration. Honeypots for Windows. Apress Berkeley, CA. Hong-Xia, L., Pu, W., Jian, Z., & Xiao-Qiong, Y. (2010, May, 7-9). Exploration on the connotation of management honeypot. In 2010 International Conference on E-Business and E-Government, IEEE, 1152-1155. Nawrocki, M., Wählisch, M., Schmidt, T. C., Keil, C., & Schönfelder, J. (2016). A survey on honeypot software and data analysis, arXiv preprint arXiv:1608.06249. Ng, C. K., Pan, L., & Xiang, Y. (2018). Honeypot frameworks and their applications: a new framework. Springer, Singapore. Perevozchikov, V. A., Shaymardanov, T. A., & Chugunkov, I. V. (2017, February, 1-3). New techniques of malware detection using FTP Honeypot systems. In 2017 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus), IEEE, 204-207. Priya, V. D., & Chakkaravarthy, S. S. (2023). Containerized cloud-based honeypot deception for tracking attackers. Scientific Reports, 13(1), 1437. Sembiring, I. (2016, October, 19-20). Implementation of honeypot to detect and prevent distributed denial of service attack. In 2016 3rd International Conference on Information Technology, Computer, and Electrical Engineering (ICITACEE), IEEE, 345-350. Sochor, T., & Zuzcak, M. (2014, June, 23-27). Study of internet threats and attack methods using honeypots and honeynets. In International Conference on Computer Networks, Springer, Cham, 118-127. Uitto, J., Rauti, S., Laurén, S., & Leppänen, V. (2017, April, 04-06). A survey on anti-honeypot and anti-introspection methods. In World Conference on Information Systems and Technologie, Springer, Cham, 125-134. Yang, X., Yuan, J., Yang, H., Kong, Y., Zhang, H., & Zhao, J. (2023). A Highly Interactive Honeypot-Based Approach to Network Threat Management. Future Internet, 15(4), 127. Zimmerman, C. (2014). Ten Strategies of a World-Class Cybersecurity Operations Centre. The Mitre Corporation, Ukrainian.