Secure (S)Hell: Introducing an SSH Deception Proxy Framework

  title={Secure (S)Hell: Introducing an SSH Deception Proxy Framework},
  author={Daniel Reti and David Klaassen and Simon D. Duque Ant{\'o}n and Hans Dieter Schotten},
  journal={2021 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA)},
  • Daniel Reti, David Klaassen, H. Schotten
  • Published 8 April 2021
  • Computer Science
  • 2021 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA)
Deceiving an attacker in the network security domain is a well established approach, mainly achieved through deployment of honeypots consisting of open network ports with the sole purpose of raising an alert on a connection. With attackers becoming more careful to avoid honeypots, other decoy elements on real host systems continue to create uncertainty for attackers. This uncertainty makes an attack more difficult, as an attacker cannot be sure whether the system does contain deceptive elements… 
1 Citations

Figures from this paper

Research on Network Security Situational Awareness Based on Crawler Algorithm

By designing a network security event analysis tool based on text processing, the data cleaning of network security time text information is completed, and a set of networkSecurity event processing solutions with high applicability and comprehensiveness are formed.



Cyber Kill Chain

A Honeypot Proxy Framework for Deceiving Attackers with Fabricated Content

This paper discusses the idea of deceiving attackers with fake services and fabricated content in order to find out more about malware’s functionality and to hamper cyber intelligence.

YAAS - On the Attribution of Honeypot Data

A holistic scheme to derive characteristics from honeypot data and to map this data to an attacker model is introduced, which results in most attacks being rather harmless, but a few outliers have been identified.

Demystifying Deception Technology: A Survey

An extensive overview of the deception technology environment is presented and taxonomies, theoretical backgrounds, psychological aspects as well as concepts, implementations, legal aspects and ethics are discussed and compared.

Investigation of modern attacks using proxy honeypot

Implementation of the honeypot based on the open proxy server allows to log all activity on the investigated proxy and classification of malicious users and the statistics of the attacks' sources are provided.

Evaluation of Deception-Based Web Attacks Detection

A preliminary study seems to suggest that deception is a valuable companion of other detection techniques but it may not be suitable as a single standalone protection mechanism.

Parameter manipulation attack prevention and detection by using web application deception proxy

This paper proposes web application deception proxy as a defense approach, and it is shown that it is very helpful to prevent and detect web application attacks.

IBM Security , “ Cost of a data breach report 2020 , ” 2020 . [ Online ]

    The cyber kill chain," last visited 03-11-2020