Lessons learned from the deployment of a high-interaction honeypot 

Eric Alata, Vincent Nicomette, Mohamed Kaâniche, Marc Dacier, Matthieu Herrb

 

Abstract

This paper presents an experimental study and the lessons learned from the observation of the attackers when logged on a compromised machine. The results are based on a six months
period during which a controlled experiment has been run with a high interaction honeypot. We correlate our findings with those obtained with a worldwide distributed system of lowinteraction honeypots.

Keywords: high-interaction honeypot, computer security, attacks, attacker behavior