Investigating cybercrime with honeypots in the cloud

Authors

DOI:

https://doi.org/10.18372/2225-5036.26.15574

Abstract

Cloud technologies are increasingly used. While a cloud environment can give organizations the freedom to experiment and scale resources, it also increases the surface area of attack. This article explores the possibilities of baits in cloudy environments. Analyzes the problem of investigating cybercrimes in the clouds. Identifies and studies relevant technologies used by cybersecurity professionals in the investigation of cybercrime. Determines the benefits of using baits in cloud infrastructure. For cloud environments, the number one threat is data breaches. Violations can cause great reputational and financial damage. They can potentially lead to the loss of intellectual property and significant legal obligations. Inadequate access control, in a cloud environment, is a threat that can compromise the cloud system. To avoid this threat, cloud clients must protect credentials, provide automatic rotation of cryptographic keys, passwords, and certificates, ensure scalability, require cloud service administrators to use multi-factor authentication, and define password policies for the management plane and each service deployed in the cloud. The trap provides significant benefits to security professionals. First of all, it is a collection of necessary information, often containing valuable information. Deployment and operation of baits is not particularly difficult, and trap tools usually do not require system resources. Particular attention should be paid to the insttion and operation of traps. As a rule, the whole range of measures is reduced to "establishment and expectation". The most common case is with a dedicated server under the supervision of specialists. Today, there are many fake programs that give the impression of real, but not true, their main task - to record the entire exchange. The advantage of the trap is that a copy of the software can be made on an obsolete server that cannot cope with the typical computational tasks of e-business. It is determined that it is recommended to use the network of "baits" in the cloud service as a service (HaaS). This reduces the initial and operating costs of maintaining the Infrastructure, increases the efficiency of system deployment and provides remote management.

Published

2021-07-02

Issue

Section

Privacy & Protection from Identity Theft