https://doi.org/10.36719/2663-4619/112/167-170
Anvar Mizanfarli
Azerbaijan Technical University
Master student
https://orcid.org/0009-0006-8028-6628
prof.anvar2013@gmail.com
Classification of Honeypot Technologies and Their Application in
Cyberthreat Detection
Abstract
Honeypot systems bring significant dynamic advantages to the security ecosystem by enabling the proactive identification of cyber threats. Innovative honeypot approaches enhance security systems by understanding attacker behaviors and thereby improving defense mechanisms. This study provides a detailed analysis of the classification and implementation strategies of various honeypot types. Low-interaction honeypots emulate specific and simple services, distinguishing them from high-interaction honeypots that simulate more complex systems. The deployment of physical and virtual honeypots aims to protect security infrastructures across diverse environments. Moreover, the research emphasizes the effectiveness of hybrid honeypot networks, with experimental results indicating that these networks can increase the detection rate of APT (Advanced Persistent Threat) attacks by 40%.
Such approaches allow security experts to better comprehend attackers' methods and to take advanced preventive measures against potential threats. The importance of a proactive approach in threat intelligence is highlighted, and recommendations are provided to illuminate future research perspectives. The article offers an in-depth analysis of the dynamic benefits provided by honeypot systems in countering modern cyber threats, demonstrating that these systems, by attracting attackers, enable early detection and more efficient defense measures.
Keywords: Honeypot technologies, cyber threat, proactive identification, APT, hybrid honeypot networks, physical and virtual classification