{"id":2593,"date":"2022-10-05T10:58:25","date_gmt":"2022-10-05T10:58:25","guid":{"rendered":"https:\/\/iot-ngin.eu\/?p=2593"},"modified":"2022-10-05T11:07:34","modified_gmt":"2022-10-05T11:07:34","slug":"honeypots-as-moving-target-defense-mtd-in-iot-ngin-framework","status":"publish","type":"post","link":"https:\/\/iot-ngin.eu\/index.php\/2022\/10\/05\/honeypots-as-moving-target-defense-mtd-in-iot-ngin-framework\/","title":{"rendered":"HONEYPOTS AS MOVING TARGET DEFENSE (MTD) IN IOT-NGIN framework"},"content":{"rendered":"\n<p>In a previous <a href=\"https:\/\/iot-ngin.eu\/index.php\/2021\/07\/05\/honeypots-as-moving-target-defense-mtd-in-iot-systems\/\">blogpost<\/a>,\u00a0 we briefly introduced the concept of Moving Target Defense (MTD), mentioning also the property of time as a parameter than defines the moving aspect of a MTD cybersecurity solution. In addition, we discussed a way to configure effectively the honeypots in order to mimic vulnerable nodes. In this one we aim to elaborate on the notion of the MTD Honeypots and further elaborate on the design and implementation aspects of the cybersecurity solution that we develop in the context of the IoT-NGIN project.<\/p>\n\n\n\n<p>Starting from the Moving Target Defense (MTD) aspect of our solution, it is worth mentioning that MTD characteristics target to alleviate or reduce the possibility of an attacker identifying a service or a node as not genuine. The attack risk is lowered by decreasing attacker motivation and the knowledge of the system. MTD is a good defense tool for decreasing attacker knowledge by constantly changing various system properties. In this way, the attack surface exposed to attackers appears chaotic and changes over time. Therefore, significantly reducing the probability of a successful attack and increasing its effectiveness on safeguarding the authentic part of the network.&nbsp;<\/p>\n\n\n\n<p>MTD techniques accomplish defensive deception through randomization and reconfiguration of networks, assets, and defense tools. The categories of Moving Target Defense strategies include software transformation techniques focusing on the software\/application as the moving parameter, dynamic platform techniques focusing on hardware and OS attributes of a platform, and Network address shuffling activities.&nbsp;<\/p>\n\n\n\n<p>Honeypots are security resources which help attract, detect, and gather attack information. In principle, honeypot is a security tool that aims to imitate some real system\u2019s functionality and thus lure attackers. In such scenario, we target to deceive the attacker by offering to them a vulnerable node that is not part of the real IoT infrastructure instead of a genuine one. Utilizing honeypots as a defense mechanism we achieve two main goals. The first one concerns the protection of the IoT system against cyberattacks, whilst the second one pertains to the exploitation of the attack information that can be captured once an attacker enters a honeypot and subsequently delivers a malicious payload. The latter also allows us to capture and monitor sophisticated attack methodologies, attack trends and strategies, that could even potentially expose a previously unknown zero-day attack.<\/p>\n\n\n\n<p>Honeypots are a suitable candidate to realize an MTD mechanism tailored for protecting sensitive IoT networks. The combination of these two cybersecurity strategies result to an adaptive and configurable honeypot solution known as MTD honeypot Framework.<\/p>\n\n\n\n<p>Within IoT-NGIN we develop an MTD Honeypot Framework that aims to provide a method to enhance the protection of all the vulnerable devices found in a network from possible security breaches and attacks. The MTD aspect that has been decided to be incorporated into our solution is IP randomization. Effectively, the IPs of the honeypots will randomly change at periodic intervals and as a result the attacker will become unable to easily map them. In addition, the IoT-NGIN MTD Honeypot Framework derives as an input the vulnerability reports that an additional IoT-NGIN cybersecurity-oriented component (the Vulnerability Scanner) provides. This vulnerability report details all the vulnerabilities identified in particular (vulnerable) IoT node. Then, the IoT-NGIN Honeypot Framework decides which are the required honeypots that mimic the detected vulnerabilities and deploys the necessary honeypots to the network.&nbsp;<\/p>\n\n\n\n<p>The IoT-NGIN MTD Honeypot Framework is already developed and at the time of writing the development team is finalizing the latest technical updates that will result to the production of the final version of the component. Then, the tool will be demonstrated within the IoT-NGIN Living Labs and get tested and validated based on various Use Cases.&nbsp;<\/p>\n\n\n\n<div style=\"height:100px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n","protected":false},"excerpt":{"rendered":"<p>In a previous blogpost,\u00a0 we briefly introduced the concept of Moving Target Defense (MTD), mentioning also the property of time as a parameter than defines the moving aspect of a MTD cybersecurity solution. In addition, we discussed a way to &hellip;<\/p>\n","protected":false},"author":2,"featured_media":2594,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"footnotes":""},"categories":[17],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>HONEYPOTS AS MOVING TARGET DEFENSE (MTD) IN IOT-NGIN framework - IOT NGIN<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/iot-ngin.eu\/index.php\/2022\/10\/05\/honeypots-as-moving-target-defense-mtd-in-iot-ngin-framework\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"HONEYPOTS AS MOVING TARGET DEFENSE (MTD) IN IOT-NGIN framework - IOT NGIN\" \/>\n<meta property=\"og:description\" content=\"In a previous blogpost,\u00a0 we briefly introduced the concept of Moving Target Defense (MTD), mentioning also the property of time as a parameter than defines the moving aspect of a MTD cybersecurity solution. In addition, we discussed a way to &hellip;\" \/>\n<meta property=\"og:url\" content=\"https:\/\/iot-ngin.eu\/index.php\/2022\/10\/05\/honeypots-as-moving-target-defense-mtd-in-iot-ngin-framework\/\" \/>\n<meta property=\"og:site_name\" content=\"IOT NGIN\" \/>\n<meta property=\"article:published_time\" content=\"2022-10-05T10:58:25+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-10-05T11:07:34+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/iot-ngin.eu\/wp-content\/uploads\/2022\/10\/Untitled.png\" \/>\n\t<meta property=\"og:image:width\" content=\"746\" \/>\n\t<meta property=\"og:image:height\" content=\"418\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Giannis Tsichlas\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/iot-ngin.eu\/#website\",\"url\":\"https:\/\/iot-ngin.eu\/\",\"name\":\"IOT NGIN\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/iot-ngin.eu\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/iot-ngin.eu\/index.php\/2022\/10\/05\/honeypots-as-moving-target-defense-mtd-in-iot-ngin-framework\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/iot-ngin.eu\/wp-content\/uploads\/2022\/10\/Untitled.png\",\"contentUrl\":\"https:\/\/iot-ngin.eu\/wp-content\/uploads\/2022\/10\/Untitled.png\",\"width\":746,\"height\":418},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/iot-ngin.eu\/index.php\/2022\/10\/05\/honeypots-as-moving-target-defense-mtd-in-iot-ngin-framework\/#webpage\",\"url\":\"https:\/\/iot-ngin.eu\/index.php\/2022\/10\/05\/honeypots-as-moving-target-defense-mtd-in-iot-ngin-framework\/\",\"name\":\"HONEYPOTS AS MOVING TARGET DEFENSE (MTD) IN IOT-NGIN framework - IOT NGIN\",\"isPartOf\":{\"@id\":\"https:\/\/iot-ngin.eu\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/iot-ngin.eu\/index.php\/2022\/10\/05\/honeypots-as-moving-target-defense-mtd-in-iot-ngin-framework\/#primaryimage\"},\"datePublished\":\"2022-10-05T10:58:25+00:00\",\"dateModified\":\"2022-10-05T11:07:34+00:00\",\"author\":{\"@id\":\"https:\/\/iot-ngin.eu\/#\/schema\/person\/dac2bc3c10805a89083986685c5801d1\"},\"breadcrumb\":{\"@id\":\"https:\/\/iot-ngin.eu\/index.php\/2022\/10\/05\/honeypots-as-moving-target-defense-mtd-in-iot-ngin-framework\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/iot-ngin.eu\/index.php\/2022\/10\/05\/honeypots-as-moving-target-defense-mtd-in-iot-ngin-framework\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/iot-ngin.eu\/index.php\/2022\/10\/05\/honeypots-as-moving-target-defense-mtd-in-iot-ngin-framework\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/iot-ngin.eu\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"HONEYPOTS AS MOVING TARGET DEFENSE (MTD) IN IOT-NGIN framework\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/iot-ngin.eu\/#\/schema\/person\/dac2bc3c10805a89083986685c5801d1\",\"name\":\"Giannis Tsichlas\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/iot-ngin.eu\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/740c19c414d2291ee24fcbe553ee2609?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/740c19c414d2291ee24fcbe553ee2609?s=96&d=mm&r=g\",\"caption\":\"Giannis Tsichlas\"},\"url\":\"https:\/\/iot-ngin.eu\/index.php\/author\/tsichlas\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"HONEYPOTS AS MOVING TARGET DEFENSE (MTD) IN IOT-NGIN framework - IOT NGIN","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/iot-ngin.eu\/index.php\/2022\/10\/05\/honeypots-as-moving-target-defense-mtd-in-iot-ngin-framework\/","og_locale":"en_US","og_type":"article","og_title":"HONEYPOTS AS MOVING TARGET DEFENSE (MTD) IN IOT-NGIN framework - IOT NGIN","og_description":"In a previous blogpost,\u00a0 we briefly introduced the concept of Moving Target Defense (MTD), mentioning also the property of time as a parameter than defines the moving aspect of a MTD cybersecurity solution. In addition, we discussed a way to &hellip;","og_url":"https:\/\/iot-ngin.eu\/index.php\/2022\/10\/05\/honeypots-as-moving-target-defense-mtd-in-iot-ngin-framework\/","og_site_name":"IOT NGIN","article_published_time":"2022-10-05T10:58:25+00:00","article_modified_time":"2022-10-05T11:07:34+00:00","og_image":[{"width":746,"height":418,"url":"https:\/\/iot-ngin.eu\/wp-content\/uploads\/2022\/10\/Untitled.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_misc":{"Written by":"Giannis Tsichlas","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"https:\/\/iot-ngin.eu\/#website","url":"https:\/\/iot-ngin.eu\/","name":"IOT NGIN","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/iot-ngin.eu\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/iot-ngin.eu\/index.php\/2022\/10\/05\/honeypots-as-moving-target-defense-mtd-in-iot-ngin-framework\/#primaryimage","inLanguage":"en-US","url":"https:\/\/iot-ngin.eu\/wp-content\/uploads\/2022\/10\/Untitled.png","contentUrl":"https:\/\/iot-ngin.eu\/wp-content\/uploads\/2022\/10\/Untitled.png","width":746,"height":418},{"@type":"WebPage","@id":"https:\/\/iot-ngin.eu\/index.php\/2022\/10\/05\/honeypots-as-moving-target-defense-mtd-in-iot-ngin-framework\/#webpage","url":"https:\/\/iot-ngin.eu\/index.php\/2022\/10\/05\/honeypots-as-moving-target-defense-mtd-in-iot-ngin-framework\/","name":"HONEYPOTS AS MOVING TARGET DEFENSE (MTD) IN IOT-NGIN framework - IOT NGIN","isPartOf":{"@id":"https:\/\/iot-ngin.eu\/#website"},"primaryImageOfPage":{"@id":"https:\/\/iot-ngin.eu\/index.php\/2022\/10\/05\/honeypots-as-moving-target-defense-mtd-in-iot-ngin-framework\/#primaryimage"},"datePublished":"2022-10-05T10:58:25+00:00","dateModified":"2022-10-05T11:07:34+00:00","author":{"@id":"https:\/\/iot-ngin.eu\/#\/schema\/person\/dac2bc3c10805a89083986685c5801d1"},"breadcrumb":{"@id":"https:\/\/iot-ngin.eu\/index.php\/2022\/10\/05\/honeypots-as-moving-target-defense-mtd-in-iot-ngin-framework\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/iot-ngin.eu\/index.php\/2022\/10\/05\/honeypots-as-moving-target-defense-mtd-in-iot-ngin-framework\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/iot-ngin.eu\/index.php\/2022\/10\/05\/honeypots-as-moving-target-defense-mtd-in-iot-ngin-framework\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/iot-ngin.eu\/"},{"@type":"ListItem","position":2,"name":"HONEYPOTS AS MOVING TARGET DEFENSE (MTD) IN IOT-NGIN framework"}]},{"@type":"Person","@id":"https:\/\/iot-ngin.eu\/#\/schema\/person\/dac2bc3c10805a89083986685c5801d1","name":"Giannis Tsichlas","image":{"@type":"ImageObject","@id":"https:\/\/iot-ngin.eu\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/740c19c414d2291ee24fcbe553ee2609?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/740c19c414d2291ee24fcbe553ee2609?s=96&d=mm&r=g","caption":"Giannis Tsichlas"},"url":"https:\/\/iot-ngin.eu\/index.php\/author\/tsichlas\/"}]}},"cc_featured_image_caption":{"caption_text":"","source_text":"","source_url":""},"_links":{"self":[{"href":"https:\/\/iot-ngin.eu\/index.php\/wp-json\/wp\/v2\/posts\/2593"}],"collection":[{"href":"https:\/\/iot-ngin.eu\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/iot-ngin.eu\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/iot-ngin.eu\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/iot-ngin.eu\/index.php\/wp-json\/wp\/v2\/comments?post=2593"}],"version-history":[{"count":3,"href":"https:\/\/iot-ngin.eu\/index.php\/wp-json\/wp\/v2\/posts\/2593\/revisions"}],"predecessor-version":[{"id":2597,"href":"https:\/\/iot-ngin.eu\/index.php\/wp-json\/wp\/v2\/posts\/2593\/revisions\/2597"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/iot-ngin.eu\/index.php\/wp-json\/wp\/v2\/media\/2594"}],"wp:attachment":[{"href":"https:\/\/iot-ngin.eu\/index.php\/wp-json\/wp\/v2\/media?parent=2593"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/iot-ngin.eu\/index.php\/wp-json\/wp\/v2\/categories?post=2593"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/iot-ngin.eu\/index.php\/wp-json\/wp\/v2\/tags?post=2593"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}