Shubham Singh
Venue Details
KD 101

Abstract:  A Honeypot is a security mechanism that is used to capture malicious activities by attackers within the scope of an organization. A Honeypot consists of an isolated system that contains data appearing to be legitimate – having been   put in a sandboxed environment and monitored so that whoever tries to access the information can be traced.  Once a Honeypot is deployed, attackers leave their attack signatures and possibly attacking scripts and payloads on the deployed system. This can be used to add to the countermeasures on the legitimate systems of the organization, against the attacks done on the honeypot. With the emergence of IoT (Internet of Things) devices, attacks carried on such devices are becoming a major issue. IoT devices can communicate with the users based on the cloud through MQTT (Message Queuing Telemetry Transport) protocol. We propose an IoT Honeypot for MQTT protocol to understand and trace attacks on IoT devices. The knowledge gained from deploying such a honeypot is then used to find attack patterns and type of attacks. In this work, we have designed and deployed such honeypots at various locations, and applied data analytics to obtain better understanding of the attack, and on the attackers.