Title: Formal modelling and verification of high interactive honeypot using coloured Petri nets
Authors: Sheetal Gokhale; Irfan Siddavatam; Ashwini Dalvi; Mohammed Shaikh; Suchitra Patil
Addresses: Department of Information Security, K.J. Somaiya College of Engineering, University of Mumbai, Mumbai, India ' Department of Information Security, K.J. Somaiya College of Engineering, University of Mumbai, Mumbai, India ' Department of Information Security, K.J. Somaiya College of Engineering, University of Mumbai, Mumbai, India ' Department of Information Security, K.J. Somaiya College of Engineering, University of Mumbai, Mumbai, India ' Department of Information Security, K.J. Somaiya College of Engineering, University of Mumbai, Mumbai, India
Abstract: Honeypot is an active defence mechanism intended to mimic a computer system concealing its identity to misguide attackers. The mechanism traps an attacker and collects intrusion information as they trespass a network environment and cause a menace for their interest. The paper proposes a honeypot tool with deadlock and livelock states to strengthen the defence mechanism and engage the attacker for a longer period. The proposed work aims to present the formal analysis of a honeypot using coloured petri nets tool. The three core components of the honeypot, such as data capture, control and collection, are included in the formal modelling to study the behavioural properties of a honeypot in a deadlock and livelock state. The main objective is to emphasise the working of high interaction honeypot in deadlock or livelock states under an attack surface. The honeypot's formal model verification using a state-space tool in coloured petri net determines that an attacker wedged in a deadlock or livelock state fails to navigate further to fulfil malicious intent, thereby deceiving an attacker for a longer period.
Keywords: honeypot; coloured petri net; CPN; formal analysis; cowrie.
DOI: 10.1504/IJCCBS.2022.121365
International Journal of Critical Computer-Based Systems, 2022 Vol.10 No.3, pp.227 - 247
Received: 25 Jun 2020
Accepted: 23 Jul 2021
Published online: 07 Mar 2022 *