Analysis of the Global Attack Landscape Using Data from a Telnet Honeypot
Publication Type:Journal Article
Source:Information & Security: An International Journal, Volume 43, Issue 2, p.264-282 (2019)
Keywords:botnet, honeypot, malware, Mirai, Telnet
After the Mirai botnet was discovered in 2016, we decided to set up a honeypot for it and see how widespread it really was. In the process we discovered that many other malicious attackers were using similar attack vectors. This paper outlines the process we went through to pick the right honeypot and the supporting infrastructure (backend database, visualization). This article presents the statistics we have collected from this honeypot, the conclusions we have drawn from these statistics, as well as the tools we have developed to share the data.