Honeypots for Distributed Denial of Service Attacks
Distributed Denial-of-Service attacks are still a big threat to the Internet. Several proposals for coping with the attacks have been made in the recent past, but neither of them are successful on themselves alone. In this paper, we present a system that helps in the defence in depth of a network from DDoS attacks. In addition to state-of-art active and passive security defences, we propose a honeypot for such attacks. The goal is to convincingly simulate the success of the compromise of a system to a potential DDoS attacker. Thereby, we can implement the lessons learned by the honeypot in our other systems to harden them against such attacks. On the other hand, we protect the rest of our network infrastructure form the impact of such an attack.
Keywords: Distributed Denial of Service Attacks, Honeypot, Security Practices.
Available as PDF-file.