A practical analysis of virtual honeypot mechanisms

This article proposes and evaluates the deployment of an automated virtual honeypot. Given that an unskilled attacker uses predefined exploit code, honeypots can be built to identify hackers and prevent them from attacking the production network. Building the virtual honeypot relies on mechanisms from multiple fields such as virtualization, scripting, penetration testing and system administration. The proposed solution also introduces automated scripts for virtual machine management, attack mitigation and recovery of compromised resources once an attack is detected. The complete solution will pose as an appealing multi-platform vulnerable network, presenting certain chosen weak points that once exploited trigger self recovery and denial of future attacks from the discovered source.