<![CDATA[Computer networks are essential for modern life, enabling efficient global information exchange. However, as technology advances, network security challenges grow. To enhance security, honeypots are used alongside firewalls, mimicking legitimate systems to attract hackers and analyze their attack methods. In this research, Cowrie and Dionaea honeypots are implemented. Cowrie targets brute force attacks on SSH, while Dionaea detects port scanning and denial of service (DoS) attacks. These honeypots effectively capture and log malicious activities, providing insights into attack patterns. The collected data is analyzed using the ELK Stack, which offers real-time visualization of attack trends, frequency, and methods. This analysis helps security teams quickly identify and mitigate threats. The integration of honeypots with the ELK Stack significantly enhances network defense by improving detection, analysis, and response to cyber threats. The analysis of the results shows that both honeypots effectively capture and record malicious activities entering the network, providing critical insights into the attack patterns employed by attackers. Within just minutes of deployment, the honeypots logged over 1,000 attacks, predominantly originating from botnets attempting to exploit system vulnerabilities. The captured log data is processed through the ELK Stack, allowing for real-time visualization of attack patterns, including geographic origins, attack frequency, and methods used. This enables security teams to proactively identify trends, assess risks, and implement targeted mitigation strategies more efficiently.]]>
Copyrights © 2024
