Security such technology is the Intrusion Detection System.

using Honeypot

Life of a node in WSN communication of Networks

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!

order now


Ashka Ashani

Student, Department of Computer Engineering

Atharva College of Engineering

Mumbai, India


Viral Doshi

Student, Department of Computer Engineering

Atharva College of Engineering

Mumbai, India

[email protected]

Deesha Nirmal

Student, Department of Computer Engineering

Atharva College of Engineering

Mumbai, India

[email protected]


Nikita Patil

Assistant Professor, Department of Computer Engineering

Atharva College of Engineering

Mumbai, India

[email protected]

Abstract—Ad-hoc less power wireless systems are one of the present points in the
field of security and unavoidable registering. It attempts to research the
attacks finished with a point of asset decrease at the routing protocol layer.
These attacks can prompt the brisk depleting of the nodes battery control there
by for all time impair the networks. These asset consumption attacks are called
as “Vampire” attacks. The “Vampire” attacks aren’t similar
to some protocol, however rather consider the similarity of objects of routing
protocols. It’s dissected that every protocol of the suspect are inclined to
vampire attacks, that are demolishing, hard to separate, and are easy to use as
few as one malignant insider sending basically tradition pleasing messages.

Production honeypot, Research Honeypot, interaction levels, Honeynet


     Advances in Technology and human
dependency on them are rapidly increasing gradually. Apart from this, the
number of devices connected to a Network is also on its peak.  With these ever changing technologies,
threats are also increasing day by day. Therefore for any network administrator
it becomes at most necessary to protect the systems and system data on a
network from any attackers.

There are possibilities of many
loopholes in a network. A hacker tries to detect these vulnerabilities in the
network and then attack it in order to get the access of important and
confidential information stored on the network. The hacker can also manipulate
the sensitive information or can delete the important records. Hackers can
attack using various types of attacks such as denial of service attack, brute
force attack, phishing attack, IP Spoofing and many more. These potential
attacks can manipulate the system data or use it for malicious activities.

 There are various technologies developed for
preventing the systems from these attacks. One of such technology is the
Intrusion Detection System. The Intrusion Detection System runs in the
background which monitors the system and detects malicious activities on
it.  Intrusion detection system can be of
two types one which just notifies or alerts the network administrator about an
intrusion detected and the other type lets the network administrator to take
action against the intruder. However it does not obtain information about the
attackers. Another drawback of the Intrusion Detection System is that in case
of heavy traffic on the network, it is difficult to determine which packets are
deviated. Intrusion detection system are mainly suitable for small scale
network where preventing data breach is secondary purpose.

Honeypot is a system which is
deployed on a network in order to detect malicious activities and protect the
system from various attacks. Honeypot detects malicious activities and tries to
deceive the attacker. The attacker thinks that the system which is being
attacked is a real system whereas it is a trap created by the Honeypot. In this
process the Honeypot tries to obtain the information about the attacker and
also prevent the network from the attacks. In other terms, Honeypot is
basically a decoy or a trap.

This paper gives an overview of
Honeypot and its application in real time systems. The objective of this paper
is to represent the various trends and opportunities for Honeypot researchers.


honeypot is a system  that is usually
designed with the aim of detecting and trapping any attempt to penetrate into
an experimental system. It acts as masquerade to the attacker. If the attacker
breaks into the system or server, then the honeypot that resembles the original
server will be assaulted by the attack, while the actual system remains safe
and untouched as a server behind the honeypot. For those who are not
experienced attackers, they tend to think that they have easily managed to hack
the system / server.  However, all
actions, tools, and techniques used in the attack have been recorded for study
by the System Administrator concerned through the

data and information presented by the honeypot.


According to their use and their involvement, Honeypots can be
classified as production and research honeypots.


Production Honeypot –

     Production Honeypots are
primary honeypots which only detect the attacks and provide a warning to the
attackers. These honeypots are easy to deploy and provide minimum information
about the attacks and attackers.


Research Honeypot –

     Research Honeypots are high
level honeypot which are used by researchers or professionals. These honeypots
are capable of obtaining information about the attackers as well as the
techniques used by the attacker. These honeypot gather as much information as
possible. They provide information which can be used for statistical study or


Level of Interaction

Honeypot can be implemented in three different
levels depending upon its interaction and way of handling network security.


1.                   Low
level interaction:  honeypot designed to
operate at low level interaction  is the
most simplest honeypot. A low level interaction honeypot just tries to record
or log information about the attacker. But the drawback here is, the attacker
can easily recognize a honeypot at this level.


2.                   Medium
level interaction:  As compared to low
level honeypot, a medium level honeypot cannot be recognized easily. Medium
level honeypot are more complex than low level interaction honeypot but


3.                   High
level interaction: High level interaction are complex to setup as they
involve  real time operation system.

Honeypot at this level misguides the hacker to a
fake system.



     In a network, if there are
too many honeypots deployed then it is known as a Honeynet. Typically, a
honeynet is used for monitoring and/or more diverse network in which one
honeypot may not be sufficient.The purpose of honeynet is to better understand
the hacker’s behaviour and methodologies. They allow hacker to be easily



The purpose of the proposed system is to design a honeypot on a
network and check the efficiency by attacking the same.

Following are the steps for extraction procedure of honeypot.

Identify any attack on the system and to log source and
target information.

Redirecting the intruder to the honeypot.

Extracting the attacker’s information.

Ban attacker from the network.

Generating records and statistical data.